PC-HELP.CZ

Dobry den, mam pocit ze mam nejake chyby v pc, dekuju mco za kotrolu a vas cas, zatim :)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0:03:20, on 26.11.2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18838)


Boot mode: Normal

Running processes:
C:\Users\Petr\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{9317833D-D4B3-4B9C-8B06-9B224515606B}: NameServer = 94.74.192.252,8.8.8.8
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\PSIA.exe
O23 - Service: Secunia Update Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\sua.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 4202 bytes

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.
- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.


Stáhni si TFC
http://www.geekstogo.com/forum/files/fi ... -oldtimer/
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Stáhni AdwCleaner (by Xplode
http://www.bleepingcomputer.com/download/adwcleaner/
http://www.adlice.com/downloadprogress/

Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Scan“
Po skenu klikni na „Logfile“ ,objeví se okno „Log Manager“ a pak poklepej na odpovídající log , který se otevře. ( jinak je uložen systémovem disku jako C:\AdwCleaner [C?].txt ), jeho obsah sem celý vlož.

Stáhni si Malwarebytes' Anti-Malware
- Při instalaci odeber zatržítko u „Povolit bezplatnou zkušební verzi Malwarebytes' Anti-Malware Premium“
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
-Pokud není program aktuální , klikni na možnost „Aktualizovat nyní“ či „Opravit nyní“.
- bude nalezena aktualizace a nainstaluje se.
- poté klikni na Skenovat nyní
- po proběhnutí programu se ti objeví hláška vpravo dole, tak klikni na Uložit výsledky a vyber zkopírovat do schránky a vlož sem celý log. Nebo klikni na „Textový soubor ( .txt)“ a log si ulož.
-jinak se log nachází zde: C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Logs

- po té klikni na tlačítko Dokončit, a program zavři křížkem vpravo nahoře.
(zatím nic nemaž!).
Pokud budou problémy , spusť v nouz. režimu.

ahoj, tady to je

# AdwCleaner 7.0.4.0 - Logfile created on Sun Nov 26 17:04:06 2017
# Updated on 2017/27/10 by Malwarebytes
# Database: 11-23-2017.1
# Running on Windows 7 Home Premium (X64)
# Mode: scan
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

PUP.Optional.Reimage, C:\Windows\Temp\ReimagePackage.exe


***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
PUP.Optional.Reimage, [Key] - HKU\S-1-5-21-1176767682-3295121074-1802647030-1000\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.
PUP.Optional.Reimage, [Key] - HKU\S-1-5-21-1176767682-3295121074-1802647030-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11262017174727915\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.
PUP.Optional.Reimage, [Key] - HKCU\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.
PUP.Optional.Reimage, [Key] - HKLM\SOFTWARE\Reimage
PUP.Optional.Reimage, [Key] - HKU\S-1-5-21-1176767682-3295121074-1802647030-1000\Software\Reimage
PUP.Optional.Reimage, [Key] - HKU\S-1-5-21-1176767682-3295121074-1802647030-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11262017174727915\Software\Reimage
PUP.Optional.Reimage, [Key] - HKCU\Software\Reimage
PUP.Optional.SlimCleanerPlus, [Key] - HKLM\SOFTWARE\SlimWare Utilities Inc
PUP.Optional.SlimCleanerPlus, [Key] - HKU\S-1-5-21-1176767682-3295121074-1802647030-1000\Software\SlimWare Utilities Inc
PUP.Optional.SlimCleanerPlus, [Key] - HKU\S-1-5-21-1176767682-3295121074-1802647030-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11262017174727915\Software\SlimWare Utilities Inc
PUP.Optional.SlimCleanerPlus, [Key] - HKCU\Software\SlimWare Utilities Inc
PUP.Optional.SlimCleanerPlus, [Key] - HKLM\SOFTWARE\SLIMWARE UTILITIES, INC.


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries.

*************************

C:/AdwCleaner/AdwCleaner[C10].txt - [3987 B] - [2017/4/27 12:37:17]
C:/AdwCleaner/AdwCleaner[C11].txt - [4230 B] - [2017/5/14 17:24:42]
C:/AdwCleaner/AdwCleaner[C12].txt - [4225 B] - [2017/7/6 19:39:20]
C:/AdwCleaner/AdwCleaner[C1].txt - [1217 B] - [2016/2/12 22:59:30]
C:/AdwCleaner/AdwCleaner[C2].txt - [3479 B] - [2016/2/13 18:36:7]
C:/AdwCleaner/AdwCleaner[C3].txt - [2677 B] - [2016/2/13 18:41:16]
C:/AdwCleaner/AdwCleaner[C4].txt - [764 B] - [2016/2/13 20:13:37]
C:/AdwCleaner/AdwCleaner[C5].txt - [765 B] - [2016/2/14 10:5:54]
C:/AdwCleaner/AdwCleaner[C6].txt - [3722 B] - [2016/9/20 17:35:48]
C:/AdwCleaner/AdwCleaner[C7].txt - [3845 B] - [2016/11/5 14:54:44]
C:/AdwCleaner/AdwCleaner[C8].txt - [3316 B] - [2016/12/10 14:40:39]
C:/AdwCleaner/AdwCleaner[C9].txt - [4289 B] - [2017/4/11 17:42:47]
C:/AdwCleaner/AdwCleaner[S10].txt - [3803 B] - [2016/9/20 17:34:27]
C:/AdwCleaner/AdwCleaner[S11].txt - [2645 B] - [2016/9/20 17:39:1]
C:/AdwCleaner/AdwCleaner[S12].txt - [2720 B] - [2016/9/23 13:29:16]
C:/AdwCleaner/AdwCleaner[S13].txt - [2795 B] - [2016/9/23 15:20:34]
C:/AdwCleaner/AdwCleaner[S14].txt - [2870 B] - [2016/9/24 12:20:20]
C:/AdwCleaner/AdwCleaner[S15].txt - [2945 B] - [2016/9/28 22:33:19]
C:/AdwCleaner/AdwCleaner[S16].txt - [3020 B] - [2016/10/1 16:12:12]
C:/AdwCleaner/AdwCleaner[S17].txt - [3101 B] - [2016/10/12 14:58:53]
C:/AdwCleaner/AdwCleaner[S18].txt - [3176 B] - [2016/10/16 13:13:57]
C:/AdwCleaner/AdwCleaner[S19].txt - [1658 B] - [2015/12/18 18:23:27]
C:/AdwCleaner/AdwCleaner[S1].txt - [1074 B] - [2016/2/12 22:58:7]
C:/AdwCleaner/AdwCleaner[S20].txt - [1658 B] - [2015/12/19 16:23:12]
C:/AdwCleaner/AdwCleaner[S21].txt - [814 B] - [2015/12/19 19:40:26]
C:/AdwCleaner/AdwCleaner[S22].txt - [823 B] - [2015/12/25 1:11:54]
C:/AdwCleaner/AdwCleaner[S23].txt - [3251 B] - [2016/10/17 18:49:6]
C:/AdwCleaner/AdwCleaner[S24].txt - [3960 B] - [2016/11/5 14:54:10]
C:/AdwCleaner/AdwCleaner[S25].txt - [3489 B] - [2016/11/5 15:5:29]
C:/AdwCleaner/AdwCleaner[S26].txt - [3564 B] - [2016/11/6 11:57:32]
C:/AdwCleaner/AdwCleaner[S27].txt - [3626 B] - [2016/12/10 14:40:17]
C:/AdwCleaner/AdwCleaner[S28].txt - [3800 B] - [2017/1/11 19:52:32]
C:/AdwCleaner/AdwCleaner[S29].txt - [3876 B] - [2017/1/15 15:14:14]
C:/AdwCleaner/AdwCleaner[S2].txt - [3291 B] - [2016/2/13 18:22:4]
C:/AdwCleaner/AdwCleaner[S30].txt - [4500 B] - [2017/4/11 17:42:12]
C:/AdwCleaner/AdwCleaner[S31].txt - [4097 B] - [2017/4/11 18:1:0]
C:/AdwCleaner/AdwCleaner[S32].txt - [4169 B] - [2017/4/16 13:11:29]
C:/AdwCleaner/AdwCleaner[S33].txt - [4279 B] - [2017/4/27 12:37:0]
C:/AdwCleaner/AdwCleaner[S34].txt - [6190 B] - [2017/5/14 6:38:23]
C:/AdwCleaner/AdwCleaner[S35].txt - [4511 B] - [2017/5/14 17:22:46]
C:/AdwCleaner/AdwCleaner[S36].txt - [4613 B] - [2017/5/15 17:49:47]
C:/AdwCleaner/AdwCleaner[S37].txt - [4702 B] - [2017/7/6 19:34:50]
C:/AdwCleaner/AdwCleaner[S3].txt - [672 B] - [2016/2/13 19:32:52]
C:/AdwCleaner/AdwCleaner[S4].txt - [672 B] - [2016/2/13 20:12:52]
C:/AdwCleaner/AdwCleaner[S5].txt - [673 B] - [2016/2/13 21:25:41]
C:/AdwCleaner/AdwCleaner[S6].txt - [673 B] - [2016/2/14 10:4:55]


########## EOF - C:\AdwCleaner\AdwCleaner[S34].txt ##########


Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 26.11.17
Čas skenování: 18:09
Logovací soubor: 8d150c8c-d2cc-11e7-bd91-6cf049d66c96.json
Správce: Ano

-Informace o softwaru-
Verze: 3.3.1.2183
Verze komponentů: 1.0.236
Aktualizovat verzi balíku komponent: 1.0.3350
Licence: Bezplatný

-Systémová informace-
OS: Windows 7 Service Pack 1
CPU: x64
Systém souborů: NTFS
Uživatel: Petr-PC\Petr

-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Výsledek: Dokončeno
Skenované objekty: 331471
Zjištěné hrozby: 0
(Nebyly zjištěny žádné škodlivé položky)
Hrozby umístěné do karantény: 0
(Nebyly zjištěny žádné škodlivé položky)
Uplynulý čas: 5 min, 29 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)

Soubor: 0
(Nebyly zjištěny žádné škodlivé položky)

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)


(end)


nechapu, omylem jsem prvni dal malware, 2x naslo prez 39 sracek a 2x shodil system stylem vytahnuti ze zasuvky, to same co se mi deje pri internetu pri prehravani filmu a dalsi zvlastnich prilezitostech, pozoruju delsi dobu, tak jsem dal prvi adw a uz nespadl a nenasel nic, asi to smaznul adw s tfc

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
klikni na „Scan“, po prohledání klikni na „ Clean“

Program provede opravu, po automatickém restartu klikni na „Log Manager“ a pak poklepej na odpovídají log, (C:\AdwCleaner [C?].txt) , jeho obsah sem celý vlož.

Stáhni si Junkware Removal Tool by Thisisu
http://www.bleepingcomputer.com/downloa ... oval-tool/
https://downloads.malwarebytes.com/file/JRT-EOL
na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.


Sophos Virus Removal Tool je praktický softwarový nástroj, který by mohl odstranit infekce, které antivirový program nedetekuje .
Stáhněte si ho zde z některého odkazu:
http://www.majorgeeks.com/mg/get/sophos ... ool,1.html
http://www.majorgeeks.com/mg/getmirror/ ... ool,1.html
http://www.majorgeeks.com/mg/getmirror/ ... ool,2.html

Viry mohou zpomalit počítač, nebo se snaží ukrást vaše data, a ani nevíte , že je máte. Co potřebujete, je rychlý a snadný způsob, jak je najít a zbavit se jich, pokud již máte antivirový program v počítači nainstalován , můžete nainstalovat i nástroj Sophos Virus Removal , který identifikuje a vyčistí zbylé infekce, které mohl Váš antivirový program přehlédnout.
K použití Sophos Virus Removal Tool na něj poklepejte a stiskněte tlačítko „Start scanning“ . Pak bude Sophos Virus Removal Tool vyhledávat a odstraňovat viry, které najde. Může být vyžadován restart.

Stáhni si RogueKiller by Adlice Software
32bit.:
http://www.adlice.com/download/roguekil ... HlwZT14ODY
64bit.:
http://www.adlice.com/download/roguekil ... HlwZT14NjQ
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7,8,10 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- klikni na „Start Scan“. V novém okně nic neměň a klikni dole na „Start Scan“
- Program skenuje procesy PC. Po proskenování klikni na „Open Report “ , v okně pak na „Open TXT“ a celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
-pokud bude mít log více než 60.000 znaků , rozděl ho a vlož do více příspěvků

další odkazy:
http://www.adlice.com/download/roguekiller/
http://www.bleepingcomputer.com/download/roguekiller/

# AdwCleaner 7.0.4.0 - Logfile created on Sun Nov 26 20:49:32 2017
# Updated on 2017/27/10 by Malwarebytes
# Running on Windows 7 Home Premium (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

No malicious folders deleted.

***** [ Files ] *****

No malicious files deleted.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[C10].txt - [3987 B] - [2017/4/27 12:37:17]
C:/AdwCleaner/AdwCleaner[C11].txt - [4230 B] - [2017/5/14 17:24:42]
C:/AdwCleaner/AdwCleaner[C12].txt - [5927 B] - [2017/7/6 19:39:20]
C:/AdwCleaner/AdwCleaner[C1].txt - [1217 B] - [2016/2/12 22:59:30]
C:/AdwCleaner/AdwCleaner[C2].txt - [3479 B] - [2016/2/13 18:36:7]
C:/AdwCleaner/AdwCleaner[C3].txt - [2677 B] - [2016/2/13 18:41:16]
C:/AdwCleaner/AdwCleaner[C4].txt - [764 B] - [2016/2/13 20:13:37]
C:/AdwCleaner/AdwCleaner[C5].txt - [765 B] - [2016/2/14 10:5:54]
C:/AdwCleaner/AdwCleaner[C6].txt - [3722 B] - [2016/9/20 17:35:48]
C:/AdwCleaner/AdwCleaner[C7].txt - [3845 B] - [2016/11/5 14:54:44]
C:/AdwCleaner/AdwCleaner[C8].txt - [3316 B] - [2016/12/10 14:40:39]
C:/AdwCleaner/AdwCleaner[C9].txt - [4289 B] - [2017/4/11 17:42:47]
C:/AdwCleaner/AdwCleaner[S10].txt - [3803 B] - [2016/9/20 17:34:27]
C:/AdwCleaner/AdwCleaner[S11].txt - [2645 B] - [2016/9/20 17:39:1]
C:/AdwCleaner/AdwCleaner[S12].txt - [2720 B] - [2016/9/23 13:29:16]
C:/AdwCleaner/AdwCleaner[S13].txt - [2795 B] - [2016/9/23 15:20:34]
C:/AdwCleaner/AdwCleaner[S14].txt - [2870 B] - [2016/9/24 12:20:20]
C:/AdwCleaner/AdwCleaner[S15].txt - [2945 B] - [2016/9/28 22:33:19]
C:/AdwCleaner/AdwCleaner[S16].txt - [3020 B] - [2016/10/1 16:12:12]
C:/AdwCleaner/AdwCleaner[S17].txt - [3101 B] - [2016/10/12 14:58:53]
C:/AdwCleaner/AdwCleaner[S18].txt - [3176 B] - [2016/10/16 13:13:57]
C:/AdwCleaner/AdwCleaner[S19].txt - [1658 B] - [2015/12/18 18:23:27]
C:/AdwCleaner/AdwCleaner[S1].txt - [1074 B] - [2016/2/12 22:58:7]
C:/AdwCleaner/AdwCleaner[S20].txt - [1658 B] - [2015/12/19 16:23:12]
C:/AdwCleaner/AdwCleaner[S21].txt - [814 B] - [2015/12/19 19:40:26]
C:/AdwCleaner/AdwCleaner[S22].txt - [823 B] - [2015/12/25 1:11:54]
C:/AdwCleaner/AdwCleaner[S23].txt - [3251 B] - [2016/10/17 18:49:6]
C:/AdwCleaner/AdwCleaner[S24].txt - [3960 B] - [2016/11/5 14:54:10]
C:/AdwCleaner/AdwCleaner[S25].txt - [3489 B] - [2016/11/5 15:5:29]
C:/AdwCleaner/AdwCleaner[S26].txt - [3564 B] - [2016/11/6 11:57:32]
C:/AdwCleaner/AdwCleaner[S27].txt - [3626 B] - [2016/12/10 14:40:17]
C:/AdwCleaner/AdwCleaner[S28].txt - [3800 B] - [2017/1/11 19:52:32]
C:/AdwCleaner/AdwCleaner[S29].txt - [3876 B] - [2017/1/15 15:14:14]
C:/AdwCleaner/AdwCleaner[S2].txt - [3291 B] - [2016/2/13 18:22:4]
C:/AdwCleaner/AdwCleaner[S30].txt - [4500 B] - [2017/4/11 17:42:12]
C:/AdwCleaner/AdwCleaner[S31].txt - [4097 B] - [2017/4/11 18:1:0]
C:/AdwCleaner/AdwCleaner[S32].txt - [4169 B] - [2017/4/16 13:11:29]
C:/AdwCleaner/AdwCleaner[S33].txt - [4279 B] - [2017/4/27 12:37:0]
C:/AdwCleaner/AdwCleaner[S34].txt - [4264 B] - [2017/5/14 6:38:23]
C:/AdwCleaner/AdwCleaner[S35].txt - [4511 B] - [2017/5/14 17:22:46]
C:/AdwCleaner/AdwCleaner[S36].txt - [4613 B] - [2017/5/15 17:49:47]
C:/AdwCleaner/AdwCleaner[S37].txt - [4702 B] - [2017/7/6 19:34:50]
C:/AdwCleaner/AdwCleaner[S3].txt - [672 B] - [2016/2/13 19:32:52]
C:/AdwCleaner/AdwCleaner[S4].txt - [672 B] - [2016/2/13 20:12:52]
C:/AdwCleaner/AdwCleaner[S5].txt - [673 B] - [2016/2/13 21:25:41]
C:/AdwCleaner/AdwCleaner[S6].txt - [673 B] - [2016/2/14 10:4:55]


########## EOF - C:\AdwCleaner\AdwCleaner[C12].txt ##########


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 7 Home Premium x64
Ran by Petr (Administrator) on ne 26.11.2017 at 21:52:07,42
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 10

Successfully deleted: C:\ProgramData\productdata (Folder)
Successfully deleted: C:\Users\Petr\AppData\Roaming\productdata (Folder)
Successfully deleted: C:\Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\558HRB3X (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DV44I0KC (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\F39AYNA0 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QO43E162 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\558HRB3X (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DV44I0KC (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\F39AYNA0 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QO43E162 (Temporary Internet Files Folder)



Registry: 0





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on ne 26.11.2017 at 21:53:38,83
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

co jsou to ty bootstrap a bootloader?, btw jsem ty dve pum.dns nesmazal mel jsem? vypadato na moje nastaveni internetu pokud se nepletu, toto je druhy sken, pri prnvim sem to smazal a nejak prstal fungovat net, pak jsem dal restore a udelal znovu a uz jde net, mozna to je nahoda mozna tim nevim, musel jsem protoze jsem ztratil log, dik

RogueKiller V12.11.25.0 (x64) [Nov 20 2017] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : https://forum.adlice.com
Webová stránka : http://www.adlice.com/download/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno : Normální režim
Uživatel : Petr [Práva správce]
Started from : C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VITSOFT\Vit Registry Fix\RogueKiller_portable64.exe
Mód : Prohledat -- Datum : 11/26/2017 23:03:44 (Duration : 00:17:39)

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 2 ¤¤¤
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{9317833D-D4B3-4B9C-8B06-9B224515606B} | NameServer : 94.74.192.252,8.8.8.8 ([Czech Republic][-]) -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet003\Services\Tcpip\Parameters\Interfaces\{9317833D-D4B3-4B9C-8B06-9B224515606B} | NameServer : 94.74.192.252,8.8.8.8 ([Czech Republic][-]) -> Nalezeno

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: WDC WD10EZEX-00BN5A0 ATA Device +++++
--- User ---
[MBR] b96e826721bf05997f6261b4b233f62f
[BSP] de8104dc4ad33b6866b6dc0a259f12a3 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 208848 | Size: 953767 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB (kromě myši s klávesnice) nebo externí disky z počítače před spuštěním tohoto programu.
Spusť znovu RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- klikni na „Start Scan“. V novém okně nic neměň a klikni dole na „Start Scan“,
po jeho skončení - vše zatrhni (dej zatržítka vlevo od nálezů , do bílých políček)
- pak klikni na "Remove Selected"
- Počkej, dokud Status box nezobrazí " Removal finished, please review result "
- Klikni na "Open report " a pak na " Open TXT“ a zkopíruj ten log a vlož obsah té zprávy prosím sem. Log je možno nalézt v C:\ProgramData\RogueKiller\Logs - Zavři RogueKiller.


Vypni antivir i firewall.
Stáhni Zoek.exe
http://download.bleepingcomputer.com/smeenk/zoek.exe
http://leteckaposta.cz/415997425
klik nahoře vpravo na .rar-file a uloz si ho na plochu.
Zavři všechny ostatní programy , okna i prohlížeče.
Spusť Zoek.exe ( u win vista , win7, 8 klikni na něj pravým a vyber : „Spustit jako správce“
-pozor , náběh programu může trvat déle.
Do okna programu vlož skript níže:

klikni na Run Script
Program provede sken , opravu, sken i oprava může trvat i více minut ,je třeba posečkat do konce. Do okna neklikej!
Program nabídne restart , potvrď .
Po restartu se může nějaký čas ukázat pouze černá plocha , to je normální. Je třeba počkat až se vytvoří log. Ten si můžeš uložit třeba do dokumentů , jinak se sám ukládá do:
C:\zoek-results.log Zkopíruj sem celý obsah toho logu.
Pokud budou problémy , spusť zoek v nouz. režimu.

Stáhni si Zemana AntiMalware Free z tohoto odkazu:
https://www.zemana.com/Download/AntiMal ... .Setup.exe
a ulož si ho na plochu.
Poklepej na tento soubor na ploše a postupuj podle pokynů k instalaci programu.
Přijmi licenci k používání programu EULA , pokud se nabídne.
Pokud je k dispozici aktualizace programu , klepni na tlačítko „Update now“ ( aktualizovat nyní).
Můžeš si zatrhnout i vytvoření bodu obnovy:
Klikni na ozubené kolečko , poté na „Skenování“ a zatrhni „vytvářet body obnovy“.
Vrať se zpět ( klikni na domeček).
Zavři všechny otevřené soubory, složky a prohlížeče
Neměň žádné nastavení. Klikni na „Skenovat“.
Po skenu lze vidět , zda jsou nějaké nákazy. Klikni na „Další“. Nákazy budou přemístěny do karantény.
Když je skenování dokončeno, objeví se tisková zpráva , zkopíruj sem celý obsah té zprávy.
Jinak můžeš zprávy vidět , když klikneš vpravo nahoře na „ zprávy“.


Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Cus, vyskytlo se par problemu, po smazani dvou nalezu z roguekilleru (adresa podobna mojemu konfigu) mi presel fungovat intenet, tak jsem musel dat restore, a u zemana po skenu jsem dal dalsi a autoamticky to se clearlo, ale asi vklidu xD

RogueKiller V12.11.26.0 (x64) [Nov 27 2017] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : https://forum.adlice.com
Webová stránka : http://www.adlice.com/download/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno : Normální režim
Uživatel : Petr [Práva správce]
Started from : C:\Users\PetrDownloads\RogueKiller_portable64.exe
Mód : Smazat -- Datum : 11/28/2017 02:10:38 (Duration : 00:15:25)

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 2 ¤¤¤
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{9317833D-D4B3-4B9C-8B06-9B224515606B} | NameServer : 94.74.192.252,8.8.8.8 ([Czech Republic][-]) -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet003\Services\Tcpip\Parameters\Interfaces\{9317833D-D4B3-4B9C-8B06-9B224515606B} | NameServer : 94.74.192.252,8.8.8.8 ([Czech Republic][-]) -> Nahrazeno ()

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: WDC WD10EZEX-00BN5A0 ATA Device +++++
--- User ---
[MBR] b96e826721bf05997f6261b4b233f62f
[BSP] de8104dc4ad33b6866b6dc0a259f12a3 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 208848 | Size: 953767 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK



Zoek.exe v5.0.0.1 Updated 24-October-2017
Tool run by Petr on st 29.11.2017 at 0:42:58,76.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode No Internet Access Detected
Launched: C:\Users\Petr\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

29.11.2017 0:43:45 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
HKCU\SearchScopes\{39ED13E7-4C0C-43E1-AA3C-35BD10C9E056} - http://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_29530

==== Reset Google Chrome ======================

C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Profile 1\Preferences was reset successfully
C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Profile 1\Secure Preferences was reset successfully
C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Profile 1\Web Data was reset successfully
C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Profile 1\Web Data-journal was reset successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Petr\AppData\Local\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Petr\AppData\Local\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Petr\AppData\Local\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Petr\AppData\Local\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Petr\AppData\Local\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Petr\AppData\Local\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Petr\AppData\Local\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Petr\AppData\Local\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Petr\AppData\Local\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Petr\AppData\Local\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Petr\AppData\Local\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Petr\AppData\Local\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Petr\AppData\Local\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Petr\AppData\Local\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Petr\AppData\Local\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Petr\AppData\Local\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Petr\AppData\Local\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Petr\AppData\Local\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Petr\AppData\Local\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Petr\AppData\Local\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Petr\AppData\Local\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Petr\AppData\Local\Data aplikací\Data aplikací\Data aplikací\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Petr\AppData\Local\Data aplikací\Data aplikací\Data aplikací\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Petr\AppData\Local\Data aplikací\Data aplikací\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Petr\AppData\Local\Data aplikací\Data aplikací\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Petr\AppData\Local\Data aplikací\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Petr\AppData\Local\Data aplikací\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Petr\AppData\Local\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Petr\Local Settings\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Petr\Local Settings\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Petr\Local Settings\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Petr\Local Settings\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Petr\Local Settings\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Petr\Local Settings\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Petr\Local Settings\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Petr\Local Settings\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Petr\Local Settings\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Petr\Local Settings\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Petr\Local Settings\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Petr\Local Settings\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Petr\Local Settings\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Petr\Local Settings\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Petr\Local Settings\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Petr\Local Settings\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Petr\Local Settings\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Petr\Local Settings\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Petr\Local Settings\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Petr\Local Settings\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Petr\Local Settings\Data aplikací\Data aplikací\Data aplikací\Data aplikací\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Petr\Local Settings\Data aplikací\Data aplikací\Data aplikací\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Petr\Local Settings\Data aplikací\Data aplikací\Data aplikací\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Petr\Local Settings\Data aplikací\Data aplikací\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Petr\Local Settings\Data aplikací\Data aplikací\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Petr\Local Settings\Data aplikací\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Petr\Local Settings\Data aplikací\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Petr\Local Settings\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Petr\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Profile 1\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=0 folders=0 0 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Default User\AppData\Local\temp emptied successfully
C:\Users\Petr\AppData\Local\Temp emptied successfully
C:\Users\Public\AppData\Local\temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Windows\TEMP successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on st 29.11.2017 at 0:45:49,42 ======================



Zemana AntiMalware 2.74.2.150 (instalační verze)

-------------------------------------------------------
Scan Result : Dokončeno
Scan Date : 2017.11.29
Operating System : Windows 7 64-bit
Processor : 4X AMD Athlon(tm) II X4 640 Processor
BIOS Mode : Legacy
CUID : 12B0FA295BE39D443A003C
Scan Type : Skenování systému
Duration : 11m 24s
Scanned Objects : 83188
Detected Objects : 1
Excluded Objects : 0
Read Level : SCSI
Auto Upload : Zapnuto
Detect All Extensions : Vypnuto
Scan Documents : Vypnuto
Domain Info : WORKGROUP,0,2

Detected Objects
-------------------------------------------------------

Chrome Shortcut
Status : Skenováno
Object : --app=http://go.playmmogames.com/aff_c?offer_id=1508&aff_id=1034&source=1&click_id=0005d2cb4cbac4c6f9bee9b6e13c326bdf1a5b38
MD5 : -
Publisher : -
Size : -
Version : -
Detection : Podezřelé nastavení prohlížeče
Cleaning Action : Opravit
Related Objects :
Nastavení prohlížeče - Chrome Shortcut


Cleaning Result
-------------------------------------------------------
Cleaned : 1
Reported as safe : 0
Failed : 0




ComboFix 17-11-14.01 - Petr 29.11.2017 1:07.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4094.2144 [GMT 1:00]
Spuštěný z: c:\users\Petr\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
SP: Microsoft Security Essentials *Disabled/Updated* {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\ntuser.pol
c:\users\PetrDownloads\RogueKiller_portable64.exe
c:\windows\security\logs\scecomp.log
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2017-10-28 do 2017-11-29 )))))))))))))))))))))))))))))))
.
.
2017-11-29 00:13 . 2017-11-29 00:13 -------- d-----w- c:\users\Public\AppData\Local\temp
2017-11-29 00:13 . 2017-11-29 00:13 -------- d-----w- c:\users\Petr\AppData\Local\temp
2017-11-29 00:13 . 2017-11-29 00:13 -------- d-----w- c:\users\Default\AppData\Local\temp
2017-11-29 00:07 . 2017-11-29 00:07 75888 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{68A75D7B-7097-4CE6-A57F-4C6D4CEEF6A2}\offreg.892.dll
2017-11-29 00:05 . 2017-10-30 09:27 13771264 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{68A75D7B-7097-4CE6-A57F-4C6D4CEEF6A2}\mpengine.dll
2017-11-28 23:48 . 2017-11-28 23:48 203680 ----a-w- c:\windows\system32\drivers\zamguard64.sys
2017-11-28 23:48 . 2017-11-28 23:48 203680 ----a-w- c:\windows\system32\drivers\zam64.sys
2017-11-28 23:48 . 2017-11-28 23:48 -------- d-----w- c:\program files (x86)\Zemana AntiMalware
2017-11-28 23:46 . 2017-11-28 23:46 -------- d-----w- c:\users\Petr\AppData\Local\Zemana
2017-11-28 23:44 . 2017-11-28 23:42 24064 ----a-w- c:\windows\zoek-delete.exe
2017-11-28 23:44 . 2017-11-28 23:44 -------- d-----w- c:\users\Petr\AppData\Local\Data aplikacÝ
2017-11-28 23:44 . 2017-11-28 23:45 -------- d-----w- C:\zoek
2017-11-28 01:04 . 2017-11-28 01:04 1313792 ----a-w- c:\users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programy\VITSOFT\Vit Registry Fix\zoek.exe
2017-11-28 01:04 . 2017-11-28 01:04 1313792 ----a-w- c:\users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VITSOFT\Vit Registry Fix\zoek.exe
2017-11-27 21:45 . 2017-10-30 09:27 13771264 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2017-11-26 21:02 . 2017-11-28 01:10 28272 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2017-11-26 21:02 . 2017-11-26 21:27 -------- d-----w- c:\programdata\RogueKiller
2017-11-26 20:59 . 2017-11-26 20:59 -------- d-----w- c:\programdata\Sophos
2017-11-26 20:58 . 2017-11-26 20:58 -------- d-----w- c:\program files (x86)\Sophos
2017-11-26 20:44 . 2017-11-26 20:44 26838600 ----a-w- c:\users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programy\VITSOFT\Vit Registry Fix\RogueKiller_portable64.exe
2017-11-26 20:44 . 2017-11-26 20:44 26838600 ----a-w- c:\users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VITSOFT\Vit Registry Fix\RogueKiller_portable64.exe
2017-11-26 20:42 . 2017-11-26 20:43 1790024 ----a-w- c:\users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programy\VITSOFT\Vit Registry Fix\JRT.exe
2017-11-26 20:42 . 2017-11-26 20:43 1790024 ----a-w- c:\users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VITSOFT\Vit Registry Fix\JRT.exe
2017-11-26 17:02 . 2017-11-26 17:02 8261584 ----a-w- c:\users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programy\VITSOFT\Vit Registry Fix\adwcleaner_7.0.4.0.exe
2017-11-26 17:02 . 2017-11-26 17:02 8261584 ----a-w- c:\users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VITSOFT\Vit Registry Fix\adwcleaner_7.0.4.0.exe
2017-11-26 16:39 . 2017-11-01 07:54 77432 ----a-w- c:\windows\system32\drivers\mbae64.sys
2017-11-26 16:38 . 2017-11-26 16:38 448512 ----a-w- c:\users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programy\VITSOFT\Vit Registry Fix\TFC.exe
2017-11-26 16:38 . 2017-11-26 16:38 448512 ----a-w- c:\users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VITSOFT\Vit Registry Fix\TFC.exe
2017-11-26 08:45 . 2017-11-26 16:49 -------- d-----w- c:\program files (x86)\7-Zip
2017-11-25 22:42 . 2017-11-25 22:42 -------- d-----w- c:\program files (x86)\Secunia
2017-11-25 21:01 . 2017-11-25 21:01 -------- d-----w- c:\programdata\Kaspersky Lab Setup Files
2017-11-18 10:49 . 2017-11-18 10:49 -------- d-----w- c:\program files (x86)\AMD
2017-11-18 10:48 . 2017-11-18 10:48 -------- d-----w- c:\program files\Common Files\ATI Technologies
2017-11-18 09:38 . 2017-09-29 09:10 1057976 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{127DE711-7649-4B6C-ADEF-99EF32A3805C}\gapaengine.dll
2017-11-16 19:48 . 2017-11-16 19:48 -------- d-----w- c:\program files\Malwarebytes
2017-11-16 19:24 . 2017-11-16 19:24 -------- d-----w- c:\users\Petr\AppData\Local\RadeonInstaller
2017-11-16 19:18 . 2017-11-16 19:40 122848 ----a-w- c:\windows\system32\RtNicProp64.dll
2017-11-16 19:18 . 2017-11-16 19:40 1074792 ----a-w- c:\windows\system32\drivers\Rt64win7.sys
2017-11-16 19:16 . 2017-11-16 19:16 3677160 ----a-w- c:\windows\system32\RTSnMg64.cpl
2017-11-16 00:46 . 2017-11-16 00:46 15948200 ----a-w- c:\windows\system32\atidxx64.dll
2017-11-16 00:46 . 2017-11-16 00:46 13141432 ----a-w- c:\windows\SysWow64\atidxx32.dll
2017-11-16 00:46 . 2017-11-16 00:46 9936 ----a-w- c:\windows\system32\detoured.dll
2017-11-16 00:46 . 2017-11-16 00:46 9936 ----a-w- c:\windows\SysWow64\detoured.dll
2017-11-16 00:46 . 2017-11-16 00:46 1931920 ----a-w- c:\windows\system32\aticfx64.dll
2017-11-16 00:46 . 2017-11-16 00:46 195888 ----a-w- c:\windows\system32\atiuxp64.dll
2017-11-16 00:46 . 2017-11-16 00:46 161344 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2017-11-16 00:46 . 2017-11-16 00:46 1541080 ----a-w- c:\windows\SysWow64\aticfx32.dll
2017-11-16 00:44 . 2017-11-16 00:44 405384 ----a-w- c:\windows\system32\atieah64.exe
2017-11-16 00:43 . 2017-11-16 00:43 148360 ----a-w- c:\windows\system32\atisamu64.dll
2017-11-16 00:42 . 2017-11-16 00:42 543624 ----a-w- c:\windows\system32\amdmcl64.dll
2017-11-16 00:42 . 2017-11-16 00:42 373640 ----a-w- c:\windows\SysWow64\amdmcl32.dll
2017-11-16 00:42 . 2017-11-16 00:42 28929416 ----a-w- c:\windows\SysWow64\atioglxx.dll
2017-11-15 10:13 . 2017-10-18 02:34 134376 ----a-w- c:\windows\system32\CompatTelRunner.exe
2017-11-15 10:13 . 2017-10-18 02:30 605184 ----a-w- c:\windows\system32\aeinv.dll
2017-11-15 10:13 . 2017-10-15 22:04 407392 ----a-w- c:\windows\system32\centel.dll
2017-11-15 10:13 . 2017-10-04 13:04 670208 ----a-w- c:\windows\system32\generaltel.dll
2017-11-15 10:13 . 2017-10-04 13:04 603648 ----a-w- c:\windows\system32\devinv.dll
2017-11-15 10:13 . 2017-10-04 13:04 370688 ----a-w- c:\windows\system32\invagent.dll
2017-11-15 10:13 . 2017-10-04 13:04 241664 ----a-w- c:\windows\system32\aepic.dll
2017-11-15 10:13 . 2017-10-04 13:04 2023936 ----a-w- c:\windows\system32\aitstatic.exe
2017-11-15 10:13 . 2017-10-04 13:04 181760 ----a-w- c:\windows\system32\acmigration.dll
2017-11-15 10:13 . 2017-10-04 13:04 1570304 ----a-w- c:\windows\system32\appraiser.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2017-11-28 23:44 . 2016-08-19 15:31 65536 ----a-w- c:\windows\system32\spu_storage.bin
2017-11-25 22:50 . 2015-08-27 12:42 803328 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2017-11-25 22:50 . 2015-08-27 12:42 144896 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2017-11-20 20:32 . 2015-08-27 12:57 545440 ------w- c:\windows\system32\MpSigStub.exe
2017-11-16 19:40 . 2015-08-27 12:18 118816 ----a-w- c:\windows\system32\RTNUninst64.dll
2017-11-16 19:13 . 2017-10-12 13:08 127017032 -c--a-w- c:\windows\system32\MRT-KB890830.exe
2017-11-16 19:13 . 2015-08-30 11:53 127017032 -c--a-w- c:\windows\system32\MRT.exe
2017-11-16 00:45 . 2017-07-04 22:37 223112 ----a-w- c:\windows\system32\atig6txx.dll
2017-11-16 00:45 . 2017-07-04 22:37 144776 ----a-w- c:\windows\system32\atig6pxx.dll
2017-11-16 00:44 . 2017-04-03 22:22 1454984 ----a-w- c:\windows\system32\atiadlxx.dll
2017-11-16 00:42 . 2017-07-04 22:35 35220872 ----a-w- c:\windows\system32\atio6axx.dll
2017-09-29 09:10 . 2015-08-30 12:20 1057976 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2017-09-13 23:20 . 2017-09-13 23:20 798008 ----a-w- c:\windows\SysWow64\vulkan-1-1-0-61-0.dll
2017-09-13 23:20 . 2017-07-19 13:22 798008 ----a-w- c:\windows\SysWow64\vulkan-1.dll
2017-09-13 23:20 . 2017-09-13 23:20 490296 ----a-w- c:\windows\SysWow64\vulkaninfo-1-1-0-61-0.exe
2017-09-13 23:20 . 2017-07-19 13:22 490296 ----a-w- c:\windows\SysWow64\vulkaninfo.exe
2017-09-13 23:19 . 2017-09-13 23:19 927544 ----a-w- c:\windows\system32\vulkan-1-1-0-61-0.dll
2017-09-13 23:19 . 2017-07-19 13:22 927544 ----a-w- c:\windows\system32\vulkan-1.dll
2017-09-13 23:19 . 2017-09-13 23:19 591160 ----a-w- c:\windows\system32\vulkaninfo-1-1-0-61-0.exe
2017-09-13 23:19 . 2017-07-19 13:22 591160 ----a-w- c:\windows\system32\vulkaninfo.exe
2017-09-13 15:33 . 2017-10-11 13:41 631176 ----a-w- c:\windows\system32\winresume.efi
2017-09-13 15:32 . 2017-10-11 13:41 706792 ----a-w- c:\windows\system32\winload.efi
2017-09-13 15:32 . 2017-10-11 13:41 5547752 ----a-w- c:\windows\system32\ntoskrnl.exe
2017-09-13 15:32 . 2017-10-11 13:41 95464 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2017-09-13 15:32 . 2017-10-11 13:41 154856 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2017-09-13 15:31 . 2017-10-11 13:41 1732864 ----a-w- c:\windows\system32\ntdll.dll
2017-09-13 15:28 . 2017-10-11 13:41 448512 ----a-w- c:\windows\system32\wlansec.dll
2017-09-13 15:28 . 2017-10-11 13:41 414208 ----a-w- c:\windows\system32\wlanmsm.dll
2017-09-13 15:28 . 2017-10-11 13:41 886272 ----a-w- c:\windows\system32\wlansvc.dll
2017-09-13 15:28 . 2017-10-11 13:41 118784 ----a-w- c:\windows\system32\wlanhlp.dll
2017-09-13 15:28 . 2017-10-11 13:41 113664 ----a-w- c:\windows\system32\wlanapi.dll
2017-09-13 15:28 . 2017-10-11 13:41 362496 ----a-w- c:\windows\system32\wow64win.dll
2017-09-13 15:28 . 2017-10-11 13:41 215552 ----a-w- c:\windows\system32\winsrv.dll
2017-09-13 15:28 . 2017-10-11 13:41 243712 ----a-w- c:\windows\system32\wow64.dll
2017-09-13 15:28 . 2017-10-11 13:41 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2017-09-13 15:28 . 2017-10-11 13:41 86528 ----a-w- c:\windows\system32\TSpkg.dll
2017-09-13 15:28 . 2017-10-11 13:41 210432 ----a-w- c:\windows\system32\wdigest.dll
2017-09-13 15:28 . 2017-10-11 13:41 503808 ----a-w- c:\windows\system32\srcore.dll
2017-09-13 15:28 . 2017-10-11 13:41 135680 ----a-w- c:\windows\system32\sspicli.dll
2017-09-13 15:28 . 2017-10-11 13:41 50176 ----a-w- c:\windows\system32\srclient.dll
2017-09-13 15:28 . 2017-10-11 13:41 28672 ----a-w- c:\windows\system32\sspisrv.dll
2017-09-13 15:28 . 2017-10-11 13:41 63488 ----a-w- c:\windows\system32\setbcdlocale.dll
2017-09-13 15:28 . 2017-10-11 13:41 1212928 ----a-w- c:\windows\system32\rpcrt4.dll
2017-09-13 15:28 . 2017-10-11 13:41 345600 ----a-w- c:\windows\system32\schannel.dll
2017-09-13 15:28 . 2017-10-11 13:41 190464 ----a-w- c:\windows\system32\rpchttp.dll
2017-09-13 15:28 . 2017-10-11 13:41 28160 ----a-w- c:\windows\system32\secur32.dll
2017-09-13 15:28 . 2017-10-11 13:41 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2017-09-13 15:28 . 2017-10-11 13:41 312320 ----a-w- c:\windows\system32\ncrypt.dll
2017-09-13 15:28 . 2017-10-11 13:41 1068544 ----a-w- c:\windows\system32\msctf.dll
2017-09-13 15:28 . 2017-10-11 13:41 316928 ----a-w- c:\windows\system32\msv1_0.dll
2017-09-13 15:28 . 2017-10-11 13:41 60416 ----a-w- c:\windows\system32\msobjs.dll
2017-09-13 15:28 . 2017-10-11 13:41 146432 ----a-w- c:\windows\system32\msaudite.dll
2017-09-13 15:27 . 2017-10-11 13:41 731648 ----a-w- c:\windows\system32\kerberos.dll
2017-09-13 15:27 . 2017-10-11 13:41 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2017-09-13 15:27 . 2017-10-11 13:41 1163264 ----a-w- c:\windows\system32\kernel32.dll
2017-09-13 15:27 . 2017-10-11 13:41 419840 ----a-w- c:\windows\system32\KernelBase.dll
2017-09-13 15:27 . 2017-10-11 13:41 44032 ----a-w- c:\windows\system32\csrsrv.dll
2017-09-13 15:27 . 2017-10-11 13:41 43520 ----a-w- c:\windows\system32\cryptbase.dll
2017-09-13 15:27 . 2017-10-11 13:41 22016 ----a-w- c:\windows\system32\credssp.dll
2017-09-13 15:27 . 2017-10-11 13:41 463872 ----a-w- c:\windows\system32\certcli.dll
2017-09-13 15:27 . 2017-10-11 13:41 880640 ----a-w- c:\windows\system32\advapi32.dll
2017-09-13 15:27 . 2017-10-11 13:41 123904 ----a-w- c:\windows\system32\bcrypt.dll
2017-09-13 15:27 . 2017-10-11 13:41 59904 ----a-w- c:\windows\system32\appidapi.dll
2017-09-13 15:27 . 2017-10-11 13:41 34816 ----a-w- c:\windows\system32\appidsvc.dll
2017-09-13 15:27 . 2017-10-11 13:41 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 13:41 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 13:41 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 13:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 13:41 6656 ----a-w- c:\windows\system32\apisetschema.dll
2017-09-13 15:27 . 2017-10-11 13:41 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 13:41 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 13:41 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 13:41 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 13:41 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 13:41 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 13:41 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 13:41 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 13:41 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 13:41 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 13:41 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 13:41 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 13:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 13:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 13:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 13:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 13:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 13:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 13:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 13:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 13:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 13:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 13:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 13:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 13:41 690688 ----a-w- c:\windows\system32\adtschema.dll
2017-09-13 15:13 . 2017-10-11 13:41 4001512 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2017-09-13 15:13 . 2017-10-11 13:41 3945704 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2017-09-13 15:10 . 2017-10-11 13:41 1314112 ----a-w- c:\windows\SysWow64\ntdll.dll
2017-09-13 15:09 . 2017-10-11 13:41 666112 ----a-w- c:\windows\SysWow64\rpcrt4.dll
2017-09-13 15:09 . 2017-10-11 13:41 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2017-09-13 15:09 . 2017-10-11 13:41 275456 ----a-w- c:\windows\SysWow64\KernelBase.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSimpleNetIDList"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus;c:\windows\system32\DRIVERS\dtlitescsibus.sys;c:\windows\SYSNATIVE\DRIVERS\dtlitescsibus.sys [x]
R3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus;c:\windows\system32\DRIVERS\dtliteusbbus.sys;c:\windows\SYSNATIVE\DRIVERS\dtliteusbbus.sys [x]
R3 etdrv;etdrv;c:\windows\etdrv.sys;c:\windows\etdrv.sys [x]
R3 GVTDrv64;GVTDrv64;c:\windows\GVTDrv64.sys;c:\windows\GVTDrv64.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 lvpepf64;Volume Adapter;c:\windows\system32\DRIVERS\lv302a64.sys;c:\windows\SYSNATIVE\DRIVERS\lv302a64.sys [x]
R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x]
R3 LVUSBS64;Logitech USB Monitor Filter;c:\windows\system32\drivers\LVUSBS64.sys;c:\windows\SYSNATIVE\drivers\LVUSBS64.sys [x]
R3 MBAMService;Malwarebytes Service;c:\program files\Malwarebytes\Anti-Malware\mbamservice.exe;c:\program files\Malwarebytes\Anti-Malware\mbamservice.exe [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R4 WsAppService;Wondershare Application Framework Service;c:\program files (x86)\Wondershare\WAF\2.4.3.225\WsAppService.exe;c:\program files (x86)\Wondershare\WAF\2.4.3.225\WsAppService.exe [x]
S0 amdide64;amdide64;c:\windows\system32\DRIVERS\amdide64.sys;c:\windows\SYSNATIVE\DRIVERS\amdide64.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS [x]
S1 ZAM;ZAM Helper Driver;c:\windows\System32\drivers\zam64.sys;c:\windows\SYSNATIVE\drivers\zam64.sys [x]
S1 ZAM_Guard;ZAM Guard Driver;c:\windows\System32\drivers\zamguard64.sys;c:\windows\SYSNATIVE\drivers\zamguard64.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 ei2c;ei2c;c:\windows\system32\drivers\ei2c.sys;c:\windows\SYSNATIVE\drivers\ei2c.sys [x]
S2 mi2c;mi2c;c:\windows\system32\drivers\mi2c.sys;c:\windows\SYSNATIVE\drivers\mi2c.sys [x]
S2 ZAMSvc;ZAM Controller Service;c:\program files (x86)\Zemana AntiMalware\ZAM.exe;c:\program files (x86)\Zemana AntiMalware\ZAM.exe [x]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys;c:\windows\SYSNATIVE\DRIVERS\amdiox64.sys [x]
S3 KYEKBPRO;IMPERATOR PRO Gaming Keyboard;c:\windows\system32\drivers\KYEKBPRO.sys;c:\windows\SYSNATIVE\drivers\KYEKBPRO.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - ZAM
*NewlyCreated* - ZAM_GUARD
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr QWAVE wcncsvc
LocalDriverService REG_MULTI_SZ LDrvSvc
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ZAM"="c:\program files (x86)\Zemana AntiMalware\ZAM.exe" [2017-08-09 15775888]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
IE: S10 Autologin
IE: S10 Autotype...
TCP: Interfaces\{9317833D-D4B3-4B9C-8B06-9B224515606B}: NameServer = 94.74.192.252,8.8.8.8
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
ShellIconOverlayIdentifiers-{056D528D-CE28-4194-9BA3-BA2E9197FF8C} - (no file)
ShellIconOverlayIdentifiers-{05B38830-F4E9-4329-978B-1DD28605D202} - (no file)
ShellIconOverlayIdentifiers-{0596C850-7BDD-4C9D-AFDF-873BE6890637} - (no file)
ShellIconOverlayIdentifiers-{056D528D-CE28-4194-9BA3-BA2E9197FF8C} - (no file)
ShellIconOverlayIdentifiers-{05B38830-F4E9-4329-978B-1DD28605D202} - (no file)
ShellIconOverlayIdentifiers-{0596C850-7BDD-4C9D-AFDF-873BE6890637} - (no file)
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_27_0_0_187_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_27_0_0_187_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_27_0_0_187_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_27_0_0_187_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_27_0_0_187.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.27"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_27_0_0_187.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_27_0_0_187.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_27_0_0_187.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2017-11-29 01:15:02
ComboFix-quarantined-files.txt 2017-11-29 00:15
.
Před spuštěním: Volných bajtů: 646 074 597 376
Po spuštění: Volných bajtů: 645 473 144 832
.
- - End Of File - - 4E2FED9699600A8F74806163DF575A23
A36C5E4F47E84449FF07ED3517B43A31

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

cus po delsi dobe, objevila se po combofixu modra smrt tak jsem bootnul dvd a prez cmd zadal bcdedit /deletefalue default numproc + bcdedit /deletevalue default truncatememory, pac jinak neslo ani znama konfigurace ani obnvoeni, btw ty nalezy z rogue killeru jsem musel obnovit (restore) pac mi jinak nesel net at vis.


ComboFix 17-11-14.01 - Petr 02.12.2017 19:18:47.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3070.2028 [GMT 1:00]
Spuštěný z: c:\users\Petr\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Petr\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
SP: Microsoft Security Essentials *Disabled/Updated* {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Skype\Updater
c:\program files (x86)\Skype\Updater\Updater.dll
c:\program files (x86)\Skype\Updater\Updater.exe
c:\programdata\ntuser.pol
c:\windows\SysWow64\SET14D1.tmp
c:\windows\SysWow64\SET1A31.tmp
c:\windows\SysWow64\SET2185.tmp
c:\windows\SysWow64\SET30.tmp
c:\windows\SysWow64\SET39FC.tmp
c:\windows\SysWow64\SET4084.tmp
c:\windows\SysWow64\SET41FC.tmp
c:\windows\SysWow64\SET6AE5.tmp
c:\windows\SysWow64\SET795D.tmp
c:\windows\SysWow64\SETA11.tmp
c:\windows\SysWow64\SETA814.tmp
c:\windows\SysWow64\SETAE3.tmp
c:\windows\SysWow64\SETBB68.tmp
c:\windows\SysWow64\SETBCB2.tmp
c:\windows\SysWow64\SETCFCF.tmp
c:\windows\SysWow64\SETDC5A.tmp
c:\windows\SysWow64\SETE02E.tmp
c:\windows\SysWow64\SETE033.tmp
c:\windows\SysWow64\SETEFD0.tmp
c:\windows\SysWow64\SETF0FA.tmp
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_SkypeUpdate
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2017-11-02 do 2017-12-02 )))))))))))))))))))))))))))))))
.
.
2017-12-02 19:17 . 2017-12-02 19:17 20250624 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2017-12-02 18:24 . 2017-12-02 18:24 -------- d-----w- c:\users\Public\AppData\Local\temp
2017-12-02 18:24 . 2017-12-02 18:24 -------- d-----w- c:\users\Petr\AppData\Local\temp
2017-12-02 18:24 . 2017-12-02 18:24 -------- d-----w- c:\users\Default\AppData\Local\temp
2017-12-02 17:56 . 2017-10-30 09:27 13771264 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1CB06CB6-06A3-42FA-B092-B84C4C0785AA}\mpengine.dll
2017-12-02 17:50 . 2017-12-02 17:50 8187336 ----a-w- c:\users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programy\VITSOFT\Vit Registry Fix\adwcleaner_7.0.5.0.exe
2017-12-02 17:50 . 2017-12-02 17:50 8187336 ----a-w- c:\users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VITSOFT\Vit Registry Fix\adwcleaner_7.0.5.0.exe
2017-11-30 21:28 . 2017-10-30 09:27 13771264 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2017-11-28 23:48 . 2017-11-29 21:52 -------- d-----w- c:\program files (x86)\Zemana AntiMalware
2017-11-28 23:46 . 2017-11-28 23:46 -------- d-----w- c:\users\Petr\AppData\Local\Zemana
2017-11-28 23:44 . 2017-11-28 23:44 -------- d-----w- c:\users\Petr\AppData\Local\Data aplikacÝ
2017-11-28 23:44 . 2017-11-28 23:45 -------- d-----w- C:\zoek
2017-11-26 21:02 . 2017-11-26 21:27 -------- d-----w- c:\programdata\RogueKiller
2017-11-26 20:59 . 2017-11-26 20:59 -------- d-----w- c:\programdata\Sophos
2017-11-26 20:58 . 2017-11-26 20:58 -------- d-----w- c:\program files (x86)\Sophos
2017-11-26 08:45 . 2017-11-29 21:49 -------- d-----w- c:\program files (x86)\7-Zip
2017-11-25 22:42 . 2017-11-29 21:34 -------- d-----w- c:\program files (x86)\Secunia
2017-11-25 21:01 . 2017-11-25 21:01 -------- d-----w- c:\programdata\Kaspersky Lab Setup Files
2017-11-18 10:49 . 2017-11-18 10:49 -------- d-----w- c:\program files (x86)\AMD
2017-11-18 10:48 . 2017-11-18 10:48 -------- d-----w- c:\program files\Common Files\ATI Technologies
2017-11-18 09:38 . 2017-09-29 09:10 1057976 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{127DE711-7649-4B6C-ADEF-99EF32A3805C}\gapaengine.dll
2017-11-16 19:48 . 2017-11-16 19:48 -------- d-----w- c:\program files\Malwarebytes
2017-11-16 19:24 . 2017-11-16 19:24 -------- d-----w- c:\users\Petr\AppData\Local\RadeonInstaller
2017-11-16 19:18 . 2017-11-16 19:40 122848 ----a-w- c:\windows\system32\RtNicProp64.dll
2017-11-16 19:18 . 2017-11-16 19:40 1074792 ----a-w- c:\windows\system32\drivers\Rt64win7.sys
2017-11-16 19:16 . 2017-11-16 19:16 3677160 ----a-w- c:\windows\system32\RTSnMg64.cpl
2017-11-16 00:46 . 2017-11-16 00:46 15948200 ----a-w- c:\windows\system32\atidxx64.dll
2017-11-16 00:46 . 2017-11-16 00:46 13141432 ----a-w- c:\windows\SysWow64\atidxx32.dll
2017-11-16 00:46 . 2017-11-16 00:46 9936 ----a-w- c:\windows\system32\detoured.dll
2017-11-16 00:46 . 2017-11-16 00:46 9936 ----a-w- c:\windows\SysWow64\detoured.dll
2017-11-16 00:46 . 2017-11-16 00:46 1931920 ----a-w- c:\windows\system32\aticfx64.dll
2017-11-16 00:46 . 2017-11-16 00:46 195888 ----a-w- c:\windows\system32\atiuxp64.dll
2017-11-16 00:46 . 2017-11-16 00:46 161344 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2017-11-16 00:46 . 2017-11-16 00:46 1541080 ----a-w- c:\windows\SysWow64\aticfx32.dll
2017-11-16 00:44 . 2017-11-16 00:44 405384 ----a-w- c:\windows\system32\atieah64.exe
2017-11-16 00:43 . 2017-11-16 00:43 148360 ----a-w- c:\windows\system32\atisamu64.dll
2017-11-16 00:42 . 2017-11-16 00:42 543624 ----a-w- c:\windows\system32\amdmcl64.dll
2017-11-16 00:42 . 2017-11-16 00:42 373640 ----a-w- c:\windows\SysWow64\amdmcl32.dll
2017-11-16 00:42 . 2017-11-16 00:42 28929416 ----a-w- c:\windows\SysWow64\atioglxx.dll
2017-11-15 10:13 . 2017-10-18 02:34 134376 ----a-w- c:\windows\system32\CompatTelRunner.exe
2017-11-15 10:13 . 2017-10-18 02:30 605184 ----a-w- c:\windows\system32\aeinv.dll
2017-11-15 10:13 . 2017-10-15 22:04 407392 ----a-w- c:\windows\system32\centel.dll
2017-11-15 10:13 . 2017-10-04 13:04 670208 ----a-w- c:\windows\system32\generaltel.dll
2017-11-15 10:13 . 2017-10-04 13:04 603648 ----a-w- c:\windows\system32\devinv.dll
2017-11-15 10:13 . 2017-10-04 13:04 370688 ----a-w- c:\windows\system32\invagent.dll
2017-11-15 10:13 . 2017-10-04 13:04 241664 ----a-w- c:\windows\system32\aepic.dll
2017-11-15 10:13 . 2017-10-04 13:04 2023936 ----a-w- c:\windows\system32\aitstatic.exe
2017-11-15 10:13 . 2017-10-04 13:04 181760 ----a-w- c:\windows\system32\acmigration.dll
2017-11-15 10:13 . 2017-10-04 13:04 1570304 ----a-w- c:\windows\system32\appraiser.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2017-12-02 18:24 . 2016-08-19 15:31 65536 ----a-w- c:\windows\system32\spu_storage.bin
2017-11-20 20:32 . 2015-08-27 12:57 545440 ----a-w- c:\windows\system32\MpSigStub.exe
2017-11-16 19:40 . 2015-08-27 12:18 118816 ----a-w- c:\windows\system32\RTNUninst64.dll
2017-11-16 19:13 . 2017-10-12 13:08 127017032 -c--a-w- c:\windows\system32\MRT-KB890830.exe
2017-11-16 19:13 . 2015-08-30 11:53 127017032 -c--a-w- c:\windows\system32\MRT.exe
2017-11-16 00:45 . 2017-07-04 22:37 223112 ----a-w- c:\windows\system32\atig6txx.dll
2017-11-16 00:45 . 2017-07-04 22:37 144776 ----a-w- c:\windows\system32\atig6pxx.dll
2017-11-16 00:44 . 2017-04-03 22:22 1454984 ----a-w- c:\windows\system32\atiadlxx.dll
2017-11-16 00:42 . 2017-07-04 22:35 35220872 ----a-w- c:\windows\system32\atio6axx.dll
2017-09-29 09:10 . 2015-08-30 12:20 1057976 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2017-09-13 23:20 . 2017-09-13 23:20 798008 ----a-w- c:\windows\SysWow64\vulkan-1-1-0-61-0.dll
2017-09-13 23:20 . 2017-07-19 13:22 798008 ----a-w- c:\windows\SysWow64\vulkan-1.dll
2017-09-13 23:20 . 2017-09-13 23:20 490296 ----a-w- c:\windows\SysWow64\vulkaninfo-1-1-0-61-0.exe
2017-09-13 23:20 . 2017-07-19 13:22 490296 ----a-w- c:\windows\SysWow64\vulkaninfo.exe
2017-09-13 23:19 . 2017-09-13 23:19 927544 ----a-w- c:\windows\system32\vulkan-1-1-0-61-0.dll
2017-09-13 23:19 . 2017-07-19 13:22 927544 ----a-w- c:\windows\system32\vulkan-1.dll
2017-09-13 23:19 . 2017-09-13 23:19 591160 ----a-w- c:\windows\system32\vulkaninfo-1-1-0-61-0.exe
2017-09-13 23:19 . 2017-07-19 13:22 591160 ----a-w- c:\windows\system32\vulkaninfo.exe
2017-09-13 15:33 . 2017-10-11 13:41 631176 ----a-w- c:\windows\system32\winresume.efi
2017-09-13 15:32 . 2017-10-11 13:41 706792 ----a-w- c:\windows\system32\winload.efi
2017-09-13 15:32 . 2017-10-11 13:41 5547752 ----a-w- c:\windows\system32\ntoskrnl.exe
2017-09-13 15:32 . 2017-10-11 13:41 95464 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2017-09-13 15:32 . 2017-10-11 13:41 154856 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2017-09-13 15:31 . 2017-10-11 13:41 1732864 ----a-w- c:\windows\system32\ntdll.dll
2017-09-13 15:28 . 2017-10-11 13:41 448512 ----a-w- c:\windows\system32\wlansec.dll
2017-09-13 15:28 . 2017-10-11 13:41 414208 ----a-w- c:\windows\system32\wlanmsm.dll
2017-09-13 15:28 . 2017-10-11 13:41 886272 ----a-w- c:\windows\system32\wlansvc.dll
2017-09-13 15:28 . 2017-10-11 13:41 118784 ----a-w- c:\windows\system32\wlanhlp.dll
2017-09-13 15:28 . 2017-10-11 13:41 113664 ----a-w- c:\windows\system32\wlanapi.dll
2017-09-13 15:28 . 2017-10-11 13:41 362496 ----a-w- c:\windows\system32\wow64win.dll
2017-09-13 15:28 . 2017-10-11 13:41 215552 ----a-w- c:\windows\system32\winsrv.dll
2017-09-13 15:28 . 2017-10-11 13:41 243712 ----a-w- c:\windows\system32\wow64.dll
2017-09-13 15:28 . 2017-10-11 13:41 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2017-09-13 15:28 . 2017-10-11 13:41 86528 ----a-w- c:\windows\system32\TSpkg.dll
2017-09-13 15:28 . 2017-10-11 13:41 210432 ----a-w- c:\windows\system32\wdigest.dll
2017-09-13 15:28 . 2017-10-11 13:41 503808 ----a-w- c:\windows\system32\srcore.dll
2017-09-13 15:28 . 2017-10-11 13:41 135680 ----a-w- c:\windows\system32\sspicli.dll
2017-09-13 15:28 . 2017-10-11 13:41 50176 ----a-w- c:\windows\system32\srclient.dll
2017-09-13 15:28 . 2017-10-11 13:41 28672 ----a-w- c:\windows\system32\sspisrv.dll
2017-09-13 15:28 . 2017-10-11 13:41 63488 ----a-w- c:\windows\system32\setbcdlocale.dll
2017-09-13 15:28 . 2017-10-11 13:41 1212928 ----a-w- c:\windows\system32\rpcrt4.dll
2017-09-13 15:28 . 2017-10-11 13:41 345600 ----a-w- c:\windows\system32\schannel.dll
2017-09-13 15:28 . 2017-10-11 13:41 190464 ----a-w- c:\windows\system32\rpchttp.dll
2017-09-13 15:28 . 2017-10-11 13:41 28160 ----a-w- c:\windows\system32\secur32.dll
2017-09-13 15:28 . 2017-10-11 13:41 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2017-09-13 15:28 . 2017-10-11 13:41 312320 ----a-w- c:\windows\system32\ncrypt.dll
2017-09-13 15:28 . 2017-10-11 13:41 1068544 ----a-w- c:\windows\system32\msctf.dll
2017-09-13 15:28 . 2017-10-11 13:41 316928 ----a-w- c:\windows\system32\msv1_0.dll
2017-09-13 15:28 . 2017-10-11 13:41 60416 ----a-w- c:\windows\system32\msobjs.dll
2017-09-13 15:28 . 2017-10-11 13:41 146432 ----a-w- c:\windows\system32\msaudite.dll
2017-09-13 15:27 . 2017-10-11 13:41 731648 ----a-w- c:\windows\system32\kerberos.dll
2017-09-13 15:27 . 2017-10-11 13:41 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2017-09-13 15:27 . 2017-10-11 13:41 1163264 ----a-w- c:\windows\system32\kernel32.dll
2017-09-13 15:27 . 2017-10-11 13:41 419840 ----a-w- c:\windows\system32\KernelBase.dll
2017-09-13 15:27 . 2017-10-11 13:41 44032 ----a-w- c:\windows\system32\csrsrv.dll
2017-09-13 15:27 . 2017-10-11 13:41 43520 ----a-w- c:\windows\system32\cryptbase.dll
2017-09-13 15:27 . 2017-10-11 13:41 22016 ----a-w- c:\windows\system32\credssp.dll
2017-09-13 15:27 . 2017-10-11 13:41 463872 ----a-w- c:\windows\system32\certcli.dll
2017-09-13 15:27 . 2017-10-11 13:41 880640 ----a-w- c:\windows\system32\advapi32.dll
2017-09-13 15:27 . 2017-10-11 13:41 123904 ----a-w- c:\windows\system32\bcrypt.dll
2017-09-13 15:27 . 2017-10-11 13:41 59904 ----a-w- c:\windows\system32\appidapi.dll
2017-09-13 15:27 . 2017-10-11 13:41 34816 ----a-w- c:\windows\system32\appidsvc.dll
2017-09-13 15:27 . 2017-10-11 13:41 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 13:41 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 13:41 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 13:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 13:41 6656 ----a-w- c:\windows\system32\apisetschema.dll
2017-09-13 15:27 . 2017-10-11 13:41 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 13:41 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 13:41 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 13:41 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 13:41 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 13:41 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 13:41 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 13:41 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 13:41 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 13:41 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 13:41 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 13:41 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 13:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 13:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 13:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 13:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 13:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 13:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 13:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 13:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 13:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 13:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 13:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 13:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 13:41 690688 ----a-w- c:\windows\system32\adtschema.dll
2017-09-13 15:13 . 2017-10-11 13:41 4001512 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2017-09-13 15:13 . 2017-10-11 13:41 3945704 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2017-09-13 15:10 . 2017-10-11 13:41 1314112 ----a-w- c:\windows\SysWow64\ntdll.dll
2017-09-13 15:09 . 2017-10-11 13:41 666112 ----a-w- c:\windows\SysWow64\rpcrt4.dll
2017-09-13 15:09 . 2017-10-11 13:41 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2017-09-13 15:09 . 2017-10-11 13:41 275456 ----a-w- c:\windows\SysWow64\KernelBase.dll
2017-09-13 15:09 . 2017-10-11 13:41 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2017-09-13 15:09 . 2017-10-11 13:41 392704 ----a-w- c:\windows\SysWow64\wlansec.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSimpleNetIDList"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R1 ESProtectionDriver;Malwarebytes Anti-Exploit;c:\windows\system32\drivers\mbae64.sys;c:\windows\SYSNATIVE\drivers\mbae64.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus;c:\windows\system32\DRIVERS\dtlitescsibus.sys;c:\windows\SYSNATIVE\DRIVERS\dtlitescsibus.sys [x]
R3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus;c:\windows\system32\DRIVERS\dtliteusbbus.sys;c:\windows\SYSNATIVE\DRIVERS\dtliteusbbus.sys [x]
R3 etdrv;etdrv;c:\windows\etdrv.sys;c:\windows\etdrv.sys [x]
R3 GVTDrv64;GVTDrv64;c:\windows\GVTDrv64.sys;c:\windows\GVTDrv64.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 lvpepf64;Volume Adapter;c:\windows\system32\DRIVERS\lv302a64.sys;c:\windows\SYSNATIVE\DRIVERS\lv302a64.sys [x]
R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x]
R3 LVUSBS64;Logitech USB Monitor Filter;c:\windows\system32\drivers\LVUSBS64.sys;c:\windows\SYSNATIVE\drivers\LVUSBS64.sys [x]
R3 MBAMFarflt;MBAMFarflt;c:\windows\system32\DRIVERS\farflt.sys;c:\windows\SYSNATIVE\DRIVERS\farflt.sys [x]
R3 MBAMProtection;MBAMProtection;c:\windows\system32\DRIVERS\mbam.sys;c:\windows\SYSNATIVE\DRIVERS\mbam.sys [x]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\System32\Drivers\mbamswissarmy.sys;c:\windows\SYSNATIVE\Drivers\mbamswissarmy.sys [x]
R3 MBAMWebProtection;MBAMWebProtection;c:\windows\system32\DRIVERS\mwac.sys;c:\windows\SYSNATIVE\DRIVERS\mwac.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 amdide64;amdide64;c:\windows\system32\DRIVERS\amdide64.sys;c:\windows\SYSNATIVE\DRIVERS\amdide64.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 ei2c;ei2c;c:\windows\system32\drivers\ei2c.sys;c:\windows\SYSNATIVE\drivers\ei2c.sys [x]
S2 mi2c;mi2c;c:\windows\system32\drivers\mi2c.sys;c:\windows\SYSNATIVE\drivers\mi2c.sys [x]
S2 WsAppService;Wondershare Application Framework Service;c:\program files (x86)\Wondershare\WAF\2.4.3.225\WsAppService.exe;c:\program files (x86)\Wondershare\WAF\2.4.3.225\WsAppService.exe [x]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys;c:\windows\SYSNATIVE\DRIVERS\amdiox64.sys [x]
S3 KYEKBPRO;IMPERATOR PRO Gaming Keyboard;c:\windows\system32\drivers\KYEKBPRO.sys;c:\windows\SYSNATIVE\drivers\KYEKBPRO.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr QWAVE wcncsvc
LocalDriverService REG_MULTI_SZ LDrvSvc
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2017-11-16 18381792]
"msseces"="c:\program files\Microsoft Security Client\msseces.exe" [2015-04-29 1337000]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
IE: S10 Autologin
IE: S10 Autotype...
TCP: Interfaces\{9317833D-D4B3-4B9C-8B06-9B224515606B}: NameServer = 94.74.192.252,8.8.8.8
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
ShellIconOverlayIdentifiers-{056D528D-CE28-4194-9BA3-BA2E9197FF8C} - (no file)
ShellIconOverlayIdentifiers-{05B38830-F4E9-4329-978B-1DD28605D202} - (no file)
ShellIconOverlayIdentifiers-{0596C850-7BDD-4C9D-AFDF-873BE6890637} - (no file)
SafeBoot-MBAMService
ShellIconOverlayIdentifiers-{056D528D-CE28-4194-9BA3-BA2E9197FF8C} - (no file)
ShellIconOverlayIdentifiers-{05B38830-F4E9-4329-978B-1DD28605D202} - (no file)
ShellIconOverlayIdentifiers-{0596C850-7BDD-4C9D-AFDF-873BE6890637} - (no file)
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_20_0_0_228_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_20_0_0_228_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Google\Update\GoogleUpdate.exe
.
**************************************************************************
.
Celkový čas: 2017-12-02 20:21:37 - počítač byl restartován
ComboFix-quarantined-files.txt 2017-12-02 19:21
ComboFix2.txt 2017-11-29 00:15
.
Před spuštěním: Volných bajtů: 642 612 158 464
Po spuštění: Volných bajtů: 641 086 513 152
.
- - End Of File - - 30E79056A92531F311275255223CE888
A36C5E4F47E84449FF07ED3517B43A31


aswMBR version 1.0.1.2290 Copyright(c) 2014 AVAST Software
Run date: 2017-12-02 20:22:13
-----------------------------
20:22:13.830 OS Version: Windows x64 6.1.7601 Service Pack 1
20:22:13.830 Number of processors: 4 586 0x503
20:22:13.830 ComputerName: PETR-PC UserName: Petr
20:22:15.468 Initialize success
20:22:15.515 VM: initialized successfully
20:22:15.515 VM: Amd CPU BiosDisabled
20:23:27.153 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-1
20:23:27.153 Disk 0 Vendor: WDC_WD10EZEX-00BN5A0 01.01A01 Size: 953869MB BusType: 3
20:23:27.309 Disk 0 MBR read successfully
20:23:27.309 Disk 0 MBR scan
20:23:27.309 Disk 0 Windows 7 default MBR code
20:23:27.309 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
20:23:27.309 Disk 0 Boot: NTFS code=2
20:23:27.324 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 953767 MB offset 208848
20:23:27.324 Disk 0 scanning C:\Windows\system32\drivers
20:23:34.859 Service scanning
20:23:45.795 Modules scanning
20:23:45.795 Disk 0 trace - called modules:
20:23:46.309 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS amdide64.sys PCIIDEX.SYS hal.dll atapi.sys
20:23:46.309 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004dd9060]
20:23:46.309 3 CLASSPNP.SYS[fffff8800120143f] -> nt!IofCallDriver -> [0xfffffa8004b4e520]
20:23:46.309 5 ACPI.sys[fffff88000e947a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T0L0-1[0xfffffa8004b40680]
20:23:46.309 Disk 0 statistics 93034/0/0 @ 10,75 MB/s
20:23:46.325 Scan finished successfully
20:23:53.251 Disk 0 MBR has been saved successfully to "C:\Users\Petr\Desktop\MBR.dat"
20:23:53.283 The log file has been saved successfully to "C:\Users\Petr\Desktop\aswMBR.txt"

S příkazovým řádkem nakládat opatrně..

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Jaké jsou nyní problémy?
Zadal sis téma do sekce BSOD?

Smrt tentokrat neprisla, mam problem jeste se samovolnym vypinanim pc (po tomto combofixu nevim, ale dost mozne ze furt), proste atvrdo jak kdybys to vythl ze zasuvky, myslel jsme ze se t odeje jen pri online filmach, vcera uz to dela i s normalnim filmem na plose po delsi dobe, u online trva rychleji, a pri hrani taky se to uz deje, jeto divne nechapu proc pc jsem vysal, deska,zdroje a procestor jsou stare kurvy, asi uz je treba vymena



ComboFix 17-11-14.01 - Petr 03.12.2017 12:27:42.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4094.2798 [GMT 1:00]
Spuštěný z: c:\users\Petr\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Petr\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
SP: Microsoft Security Essentials *Disabled/Updated* {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Google\Update
c:\program files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
c:\program files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
c:\program files (x86)\Google\Update\1.3.33.7\GoogleUpdate.exe
c:\program files (x86)\Google\Update\1.3.33.7\GoogleUpdateBroker.exe
c:\program files (x86)\Google\Update\1.3.33.7\GoogleUpdateComRegisterShell64.exe
c:\program files (x86)\Google\Update\1.3.33.7\GoogleUpdateCore.exe
c:\program files (x86)\Google\Update\1.3.33.7\GoogleUpdateHelper.msi
c:\program files (x86)\Google\Update\1.3.33.7\GoogleUpdateOnDemand.exe
c:\program files (x86)\Google\Update\1.3.33.7\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\1.3.33.7\GoogleUpdateWebPlugin.exe
c:\program files (x86)\Google\Update\1.3.33.7\goopdate.dll
c:\program files (x86)\Google\Update\1.3.33.7\goopdateres_am.dll
c:\program files (x86)\Google\Update\1.3.33.7\goopdateres_ar.dll
c:\program files (x86)\Google\Update\1.3.33.7\goopdateres_bg.dll
c:\program files (x86)\Google\Update\1.3.33.7\goopdateres_bn.dll
c:\program files (x86)\Google\Update\1.3.33.7\goopdateres_ca.dll
c:\program files (x86)\Google\Update\1.3.33.7\goopdateres_cs.dll
c:\program files (x86)\Google\Update\1.3.33.7\goopdateres_da.dll
c:\program files (x86)\Google\Update\1.3.33.7\goopdateres_de.dll
c:\program files (x86)\Google\Update\1.3.33.7\goopdateres_el.dll
c:\program files (x86)\Google\Update\1.3.33.7\goopdateres_en-GB.dll
c:\program files (x86)\Google\Update\1.3.33.7\goopdateres_en.dll
c:\program files (x86)\Google\Update\1.3.33.7\goopdateres_es-419.dll
c:\program files (x86)\Google\Update\1.3.33.7\goopdateres_es.dll
c:\program files (x86)\Google\Update\1.3.33.7\goopdateres_et.dll
c:\program files (x86)\Google\Update\1.3.33.7\goopdateres_fa.dll
c:\program files (x86)\Google\Update\1.3.33.7\goopdateres_fi.dll
c:\program files (x86)\Google\Update\1.3.33.7\goopdateres_fil.dll
c:\program files (x86)\Google\Update\1.3.33.7\goopdateres_fr.dll
c:\program files (x86)\Google\Update\1.3.33.7\goopdateres_gu.dll
c:\program files (x86)\Google\Update\1.3.33.7\goopdateres_hi.dll
c:\program files (x86)\Google\Update\1.3.33.7\goopdateres_hr.dll
c:\program files (x86)\Google\Update\1.3.33.7\goopdateres_hu.dll
c:\program files (x86)\Google\Update\1.3.33.7\goopdateres_id.dll
c:\program files (x86)\Google\Update\1.3.33.7\goopdateres_is.dll
c:\program files (x86)\Google\Update\1.3.33.7\goopdateres_it.dll
c:\program files (x86)\Google\Update\1.3.33.7\goopdateres_iw.dll
c:\program files (x86)\Google\Update\1.3.33.7\goopdateres_ja.dll
c:\program files (x86)\Google\Update\1.3.33.7\goopdateres_kn.dll
c:\program files (x86)\Google\Update\1.3.33.7\goopdateres_ko.dll
c:\program files (x86)\Google\Update\1.3.33.7\goopdateres_lt.dll
c:\program files (x86)\Google\Update\1.3.33.7\goopdateres_lv.dll
c:\program files (x86)\Google\Update\1.3.33.7\goopdateres_ml.dll
c:\program files (x86)\Google\Update\1.3.33.7\goopdateres_mr.dll
c:\program files (x86)\Google\Update\1.3.33.7\goopdateres_ms.dll
c:\program files (x86)\Google\Update\1.3.33.7\goopdateres_nl.dll
c:\program files (x86)\Google\Update\1.3.33.7\goopdateres_no.dll
c:\program files (x86)\Google\Update\1.3.33.7\goopdateres_pl.dll
c:\program files (x86)\Google\Update\1.3.33.7\goopdateres_pt-BR.dll
c:\program files (x86)\Google\Update\1.3.33.7\goopdateres_pt-PT.dll
c:\program files (x86)\Google\Update\1.3.33.7\goopdateres_ro.dll
c:\program files (x86)\Google\Update\1.3.33.7\goopdateres_ru.dll
c:\program files (x86)\Google\Update\1.3.33.7\goopdateres_sk.dll
c:\program files (x86)\Google\Update\1.3.33.7\goopdateres_sl.dll
c:\program files (x86)\Google\Update\1.3.33.7\goopdateres_sr.dll
c:\program files (x86)\Google\Update\1.3.33.7\goopdateres_sv.dll
c:\program files (x86)\Google\Update\1.3.33.7\goopdateres_sw.dll
c:\program files (x86)\Google\Update\1.3.33.7\goopdateres_ta.dll
c:\program files (x86)\Google\Update\1.3.33.7\goopdateres_te.dll
c:\program files (x86)\Google\Update\1.3.33.7\goopdateres_th.dll
c:\program files (x86)\Google\Update\1.3.33.7\goopdateres_tr.dll
c:\program files (x86)\Google\Update\1.3.33.7\goopdateres_uk.dll
c:\program files (x86)\Google\Update\1.3.33.7\goopdateres_ur.dll
c:\program files (x86)\Google\Update\1.3.33.7\goopdateres_vi.dll
c:\program files (x86)\Google\Update\1.3.33.7\goopdateres_zh-CN.dll
c:\program files (x86)\Google\Update\1.3.33.7\goopdateres_zh-TW.dll
c:\program files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll
c:\program files (x86)\Google\Update\1.3.33.7\psmachine.dll
c:\program files (x86)\Google\Update\1.3.33.7\psmachine_64.dll
c:\program files (x86)\Google\Update\1.3.33.7\psuser.dll
c:\program files (x86)\Google\Update\1.3.33.7\psuser_64.dll
c:\program files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.33.7\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\62.0.3202.94\62.0.3202.94_chrome_installer.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_gupdate
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2017-11-03 do 2017-12-03 )))))))))))))))))))))))))))))))
.
.
2017-12-03 11:33 . 2017-12-03 11:33 -------- d-----w- c:\users\Public\AppData\Local\temp
2017-12-03 11:33 . 2017-12-03 11:33 -------- d-----w- c:\users\Petr\AppData\Local\temp
2017-12-03 11:33 . 2017-12-03 11:33 -------- d-----w- c:\users\Default\AppData\Local\temp
2017-12-02 23:05 . 2017-12-02 23:05 75888 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B6FC7823-863B-45B1-89A5-228CB8D689CD}\offreg.896.dll
2017-12-02 22:40 . 2017-12-02 22:45 -------- d-----w- c:\users\Petr\AppData\Local\AMD
2017-12-02 22:37 . 2017-12-02 22:37 -------- d-----w- c:\program files (x86)\AMD
2017-12-02 22:36 . 2017-12-02 22:36 -------- d-----w- c:\program files\Common Files\ATI Technologies
2017-12-02 22:34 . 2017-09-13 23:20 798008 ----a-w- c:\windows\SysWow64\vulkan-1.dll
2017-12-02 22:34 . 2017-09-13 23:20 490296 ----a-w- c:\windows\SysWow64\vulkaninfo.exe
2017-12-02 22:34 . 2017-09-13 23:19 927544 ----a-w- c:\windows\system32\vulkan-1.dll
2017-12-02 22:34 . 2017-09-13 23:19 591160 ----a-w- c:\windows\system32\vulkaninfo.exe
2017-12-02 22:34 . 2017-12-02 22:34 -------- d-----w- c:\program files (x86)\VulkanRT
2017-12-02 22:21 . 2017-10-30 09:27 13771264 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B6FC7823-863B-45B1-89A5-228CB8D689CD}\mpengine.dll
2017-12-02 19:41 . 2017-12-02 22:15 -------- d-----w- c:\program files (x86)\SpeedFan
2017-12-02 19:22 . 2017-10-30 09:27 13771264 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2017-12-02 19:17 . 2017-12-02 19:17 20250624 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2017-12-02 17:50 . 2017-12-02 17:50 5200384 ----a-w- c:\users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programy\VITSOFT\Vit Registry Fix\aswmbr.exe
2017-12-02 17:50 . 2017-12-02 17:50 5200384 ----a-w- c:\users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VITSOFT\Vit Registry Fix\aswmbr.exe
2017-12-02 17:50 . 2017-12-02 17:50 8187336 ----a-w- c:\users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programy\VITSOFT\Vit Registry Fix\adwcleaner_7.0.5.0.exe
2017-12-02 17:50 . 2017-12-02 17:50 8187336 ----a-w- c:\users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VITSOFT\Vit Registry Fix\adwcleaner_7.0.5.0.exe
2017-11-28 23:48 . 2017-11-29 21:52 -------- d-----w- c:\program files (x86)\Zemana AntiMalware
2017-11-28 23:46 . 2017-11-28 23:46 -------- d-----w- c:\users\Petr\AppData\Local\Zemana
2017-11-28 23:44 . 2017-11-28 23:44 -------- d-----w- c:\users\Petr\AppData\Local\Data aplikacÝ
2017-11-28 23:44 . 2017-11-28 23:45 -------- d-----w- C:\zoek
2017-11-28 01:05 . 2017-11-28 01:05 15951808 ----a-w- c:\windows\system32\atidxx64.dll
2017-11-28 01:05 . 2017-11-28 01:05 13145552 ----a-w- c:\windows\SysWow64\atidxx32.dll
2017-11-28 01:05 . 2017-11-28 01:05 1931920 ----a-w- c:\windows\system32\aticfx64.dll
2017-11-28 01:05 . 2017-11-28 01:05 1541080 ----a-w- c:\windows\SysWow64\aticfx32.dll
2017-11-28 01:05 . 2017-11-28 01:05 9936 ----a-w- c:\windows\SysWow64\detoured.dll
2017-11-28 01:05 . 2017-11-28 01:05 9936 ----a-w- c:\windows\system32\detoured.dll
2017-11-28 01:05 . 2017-11-28 01:05 195888 ----a-w- c:\windows\system32\atiuxp64.dll
2017-11-28 01:05 . 2017-11-28 01:05 161344 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2017-11-28 01:03 . 2017-11-28 01:03 12084104 ----a-w- c:\windows\system32\amdmantle64.dll
2017-11-28 01:02 . 2017-11-28 01:02 436616 ----a-w- c:\windows\system32\amdgfxinfo64.dll
2017-11-28 01:01 . 2017-11-28 01:01 35220872 ----a-w- c:\windows\system32\atio6axx.dll
2017-11-26 21:02 . 2017-11-26 21:27 -------- d-----w- c:\programdata\RogueKiller
2017-11-26 20:59 . 2017-11-26 20:59 -------- d-----w- c:\programdata\Sophos
2017-11-26 20:58 . 2017-11-26 20:58 -------- d-----w- c:\program files (x86)\Sophos
2017-11-26 08:45 . 2017-11-29 21:49 -------- d-----w- c:\program files (x86)\7-Zip
2017-11-25 22:42 . 2017-11-29 21:34 -------- d-----w- c:\program files (x86)\Secunia
2017-11-25 21:01 . 2017-11-25 21:01 -------- d-----w- c:\programdata\Kaspersky Lab Setup Files
2017-11-18 09:38 . 2017-09-29 09:10 1057976 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{127DE711-7649-4B6C-ADEF-99EF32A3805C}\gapaengine.dll
2017-11-16 19:48 . 2017-11-16 19:48 -------- d-----w- c:\program files\Malwarebytes
2017-11-16 19:24 . 2017-11-16 19:24 -------- d-----w- c:\users\Petr\AppData\Local\RadeonInstaller
2017-11-16 19:18 . 2017-11-16 19:40 122848 ----a-w- c:\windows\system32\RtNicProp64.dll
2017-11-16 19:18 . 2017-11-16 19:40 1074792 ----a-w- c:\windows\system32\drivers\Rt64win7.sys
2017-11-16 19:16 . 2017-11-16 19:16 3677160 ----a-w- c:\windows\system32\RTSnMg64.cpl
2017-11-15 10:13 . 2017-10-18 02:34 134376 ----a-w- c:\windows\system32\CompatTelRunner.exe
2017-11-15 10:13 . 2017-10-18 02:30 605184 ----a-w- c:\windows\system32\aeinv.dll
2017-11-15 10:13 . 2017-10-15 22:04 407392 ----a-w- c:\windows\system32\centel.dll
2017-11-15 10:13 . 2017-10-04 13:04 670208 ----a-w- c:\windows\system32\generaltel.dll
2017-11-15 10:13 . 2017-10-04 13:04 603648 ----a-w- c:\windows\system32\devinv.dll
2017-11-15 10:13 . 2017-10-04 13:04 370688 ----a-w- c:\windows\system32\invagent.dll
2017-11-15 10:13 . 2017-10-04 13:04 241664 ----a-w- c:\windows\system32\aepic.dll
2017-11-15 10:13 . 2017-10-04 13:04 2023936 ----a-w- c:\windows\system32\aitstatic.exe
2017-11-15 10:13 . 2017-10-04 13:04 181760 ----a-w- c:\windows\system32\acmigration.dll
2017-11-15 10:13 . 2017-10-04 13:04 1570304 ----a-w- c:\windows\system32\appraiser.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2017-12-03 11:33 . 2016-08-19 15:31 65536 ----a-w- c:\windows\system32\spu_storage.bin
2017-12-02 22:30 . 2015-08-27 12:42 803328 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2017-12-02 22:30 . 2015-08-27 12:42 144896 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2017-11-20 20:32 . 2015-08-27 12:57 545440 ----a-w- c:\windows\system32\MpSigStub.exe
2017-11-16 19:40 . 2015-08-27 12:18 118816 ----a-w- c:\windows\system32\RTNUninst64.dll
2017-11-16 19:13 . 2017-10-12 13:08 127017032 -c--a-w- c:\windows\system32\MRT-KB890830.exe
2017-11-16 19:13 . 2015-08-30 11:53 127017032 -c--a-w- c:\windows\system32\MRT.exe
2017-09-29 09:10 . 2015-08-30 12:20 1057976 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2017-09-13 23:20 . 2017-09-13 23:20 798008 ----a-w- c:\windows\SysWow64\vulkan-1-1-0-61-0.dll
2017-09-13 23:20 . 2017-09-13 23:20 490296 ----a-w- c:\windows\SysWow64\vulkaninfo-1-1-0-61-0.exe
2017-09-13 23:19 . 2017-09-13 23:19 927544 ----a-w- c:\windows\system32\vulkan-1-1-0-61-0.dll
2017-09-13 23:19 . 2017-09-13 23:19 591160 ----a-w- c:\windows\system32\vulkaninfo-1-1-0-61-0.exe
2017-09-13 15:33 . 2017-10-11 13:41 631176 ----a-w- c:\windows\system32\winresume.efi
2017-09-13 15:32 . 2017-10-11 13:41 706792 ----a-w- c:\windows\system32\winload.efi
2017-09-13 15:32 . 2017-10-11 13:41 5547752 ----a-w- c:\windows\system32\ntoskrnl.exe
2017-09-13 15:32 . 2017-10-11 13:41 95464 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2017-09-13 15:32 . 2017-10-11 13:41 154856 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2017-09-13 15:31 . 2017-10-11 13:41 1732864 ----a-w- c:\windows\system32\ntdll.dll
2017-09-13 15:28 . 2017-10-11 13:41 448512 ----a-w- c:\windows\system32\wlansec.dll
2017-09-13 15:28 . 2017-10-11 13:41 414208 ----a-w- c:\windows\system32\wlanmsm.dll
2017-09-13 15:28 . 2017-10-11 13:41 886272 ----a-w- c:\windows\system32\wlansvc.dll
2017-09-13 15:28 . 2017-10-11 13:41 118784 ----a-w- c:\windows\system32\wlanhlp.dll
2017-09-13 15:28 . 2017-10-11 13:41 113664 ----a-w- c:\windows\system32\wlanapi.dll
2017-09-13 15:28 . 2017-10-11 13:41 362496 ----a-w- c:\windows\system32\wow64win.dll
2017-09-13 15:28 . 2017-10-11 13:41 215552 ----a-w- c:\windows\system32\winsrv.dll
2017-09-13 15:28 . 2017-10-11 13:41 243712 ----a-w- c:\windows\system32\wow64.dll
2017-09-13 15:28 . 2017-10-11 13:41 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2017-09-13 15:28 . 2017-10-11 13:41 86528 ----a-w- c:\windows\system32\TSpkg.dll
2017-09-13 15:28 . 2017-10-11 13:41 210432 ----a-w- c:\windows\system32\wdigest.dll
2017-09-13 15:28 . 2017-10-11 13:41 503808 ----a-w- c:\windows\system32\srcore.dll
2017-09-13 15:28 . 2017-10-11 13:41 135680 ----a-w- c:\windows\system32\sspicli.dll
2017-09-13 15:28 . 2017-10-11 13:41 50176 ----a-w- c:\windows\system32\srclient.dll
2017-09-13 15:28 . 2017-10-11 13:41 28672 ----a-w- c:\windows\system32\sspisrv.dll
2017-09-13 15:28 . 2017-10-11 13:41 63488 ----a-w- c:\windows\system32\setbcdlocale.dll
2017-09-13 15:28 . 2017-10-11 13:41 1212928 ----a-w- c:\windows\system32\rpcrt4.dll
2017-09-13 15:28 . 2017-10-11 13:41 345600 ----a-w- c:\windows\system32\schannel.dll
2017-09-13 15:28 . 2017-10-11 13:41 190464 ----a-w- c:\windows\system32\rpchttp.dll
2017-09-13 15:28 . 2017-10-11 13:41 28160 ----a-w- c:\windows\system32\secur32.dll
2017-09-13 15:28 . 2017-10-11 13:41 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2017-09-13 15:28 . 2017-10-11 13:41 312320 ----a-w- c:\windows\system32\ncrypt.dll
2017-09-13 15:28 . 2017-10-11 13:41 1068544 ----a-w- c:\windows\system32\msctf.dll
2017-09-13 15:28 . 2017-10-11 13:41 316928 ----a-w- c:\windows\system32\msv1_0.dll
2017-09-13 15:28 . 2017-10-11 13:41 60416 ----a-w- c:\windows\system32\msobjs.dll
2017-09-13 15:28 . 2017-10-11 13:41 146432 ----a-w- c:\windows\system32\msaudite.dll
2017-09-13 15:27 . 2017-10-11 13:41 731648 ----a-w- c:\windows\system32\kerberos.dll
2017-09-13 15:27 . 2017-10-11 13:41 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2017-09-13 15:27 . 2017-10-11 13:41 1163264 ----a-w- c:\windows\system32\kernel32.dll
2017-09-13 15:27 . 2017-10-11 13:41 419840 ----a-w- c:\windows\system32\KernelBase.dll
2017-09-13 15:27 . 2017-10-11 13:41 44032 ----a-w- c:\windows\system32\csrsrv.dll
2017-09-13 15:27 . 2017-10-11 13:41 43520 ----a-w- c:\windows\system32\cryptbase.dll
2017-09-13 15:27 . 2017-10-11 13:41 22016 ----a-w- c:\windows\system32\credssp.dll
2017-09-13 15:27 . 2017-10-11 13:41 463872 ----a-w- c:\windows\system32\certcli.dll
2017-09-13 15:27 . 2017-10-11 13:41 880640 ----a-w- c:\windows\system32\advapi32.dll
2017-09-13 15:27 . 2017-10-11 13:41 123904 ----a-w- c:\windows\system32\bcrypt.dll
2017-09-13 15:27 . 2017-10-11 13:41 59904 ----a-w- c:\windows\system32\appidapi.dll
2017-09-13 15:27 . 2017-10-11 13:41 34816 ----a-w- c:\windows\system32\appidsvc.dll
2017-09-13 15:27 . 2017-10-11 13:41 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 13:41 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 13:41 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 13:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 13:41 6656 ----a-w- c:\windows\system32\apisetschema.dll
2017-09-13 15:27 . 2017-10-11 13:41 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 13:41 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 13:41 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 13:41 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 13:41 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 13:41 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 13:41 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 13:41 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 13:41 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 13:41 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 13:41 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 13:41 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 13:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 13:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 13:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 13:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 13:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 13:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 13:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 13:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 13:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 13:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 13:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 13:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 13:41 690688 ----a-w- c:\windows\system32\adtschema.dll
2017-09-13 15:13 . 2017-10-11 13:41 4001512 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2017-09-13 15:13 . 2017-10-11 13:41 3945704 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2017-09-13 15:10 . 2017-10-11 13:41 1314112 ----a-w- c:\windows\SysWow64\ntdll.dll
2017-09-13 15:09 . 2017-10-11 13:41 666112 ----a-w- c:\windows\SysWow64\rpcrt4.dll
2017-09-13 15:09 . 2017-10-11 13:41 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2017-09-13 15:09 . 2017-10-11 13:41 275456 ----a-w- c:\windows\SysWow64\KernelBase.dll
2017-09-13 15:09 . 2017-10-11 13:41 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2017-09-13 15:09 . 2017-10-11 13:41 392704 ----a-w- c:\windows\SysWow64\wlansec.dll
2017-09-13 15:09 . 2017-10-11 13:41 83968 ----a-w- c:\windows\SysWow64\wlanhlp.dll
2017-09-13 15:09 . 2017-10-11 13:41 80896 ----a-w- c:\windows\SysWow64\wlanapi.dll
2017-09-13 15:09 . 2017-10-11 13:41 428032 ----a-w- c:\windows\SysWow64\wlanmsm.dll
2017-09-13 15:09 . 2017-10-11 13:41 172032 ----a-w- c:\windows\SysWow64\wdigest.dll
2017-09-13 15:09 . 2017-10-11 13:41 82944 ----a-w- c:\windows\SysWow64\bcrypt.dll
2017-09-13 15:09 . 2017-10-11 13:41 65536 ----a-w- c:\windows\SysWow64\TSpkg.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSimpleNetIDList"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R1 ESProtectionDriver;Malwarebytes Anti-Exploit;c:\windows\system32\drivers\mbae64.sys;c:\windows\SYSNATIVE\drivers\mbae64.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus;c:\windows\system32\DRIVERS\dtlitescsibus.sys;c:\windows\SYSNATIVE\DRIVERS\dtlitescsibus.sys [x]
R3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus;c:\windows\system32\DRIVERS\dtliteusbbus.sys;c:\windows\SYSNATIVE\DRIVERS\dtliteusbbus.sys [x]
R3 etdrv;etdrv;c:\windows\etdrv.sys;c:\windows\etdrv.sys [x]
R3 GVTDrv64;GVTDrv64;c:\windows\GVTDrv64.sys;c:\windows\GVTDrv64.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 lvpepf64;Volume Adapter;c:\windows\system32\DRIVERS\lv302a64.sys;c:\windows\SYSNATIVE\DRIVERS\lv302a64.sys [x]
R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x]
R3 LVUSBS64;Logitech USB Monitor Filter;c:\windows\system32\drivers\LVUSBS64.sys;c:\windows\SYSNATIVE\drivers\LVUSBS64.sys [x]
R3 MBAMFarflt;MBAMFarflt;c:\windows\system32\DRIVERS\farflt.sys;c:\windows\SYSNATIVE\DRIVERS\farflt.sys [x]
R3 MBAMProtection;MBAMProtection;c:\windows\system32\DRIVERS\mbam.sys;c:\windows\SYSNATIVE\DRIVERS\mbam.sys [x]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\System32\Drivers\mbamswissarmy.sys;c:\windows\SYSNATIVE\Drivers\mbamswissarmy.sys [x]
R3 MBAMWebProtection;MBAMWebProtection;c:\windows\system32\DRIVERS\mwac.sys;c:\windows\SYSNATIVE\DRIVERS\mwac.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 amdide64;amdide64;c:\windows\system32\DRIVERS\amdide64.sys;c:\windows\SYSNATIVE\DRIVERS\amdide64.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 ei2c;ei2c;c:\windows\system32\drivers\ei2c.sys;c:\windows\SYSNATIVE\drivers\ei2c.sys [x]
S2 mi2c;mi2c;c:\windows\system32\drivers\mi2c.sys;c:\windows\SYSNATIVE\drivers\mi2c.sys [x]
S2 WsAppService;Wondershare Application Framework Service;c:\program files (x86)\Wondershare\WAF\2.4.3.225\WsAppService.exe;c:\program files (x86)\Wondershare\WAF\2.4.3.225\WsAppService.exe [x]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys;c:\windows\SYSNATIVE\DRIVERS\amdiox64.sys [x]
S3 KYEKBPRO;IMPERATOR PRO Gaming Keyboard;c:\windows\system32\drivers\KYEKBPRO.sys;c:\windows\SYSNATIVE\drivers\KYEKBPRO.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr QWAVE wcncsvc
LocalDriverService REG_MULTI_SZ LDrvSvc
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2017-11-16 18381792]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
IE: S10 Autologin
IE: S10 Autotype...
TCP: Interfaces\{9317833D-D4B3-4B9C-8B06-9B224515606B}: NameServer = 94.74.192.252,8.8.8.8
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
ShellIconOverlayIdentifiers-{056D528D-CE28-4194-9BA3-BA2E9197FF8C} - (no file)
ShellIconOverlayIdentifiers-{05B38830-F4E9-4329-978B-1DD28605D202} - (no file)
ShellIconOverlayIdentifiers-{0596C850-7BDD-4C9D-AFDF-873BE6890637} - (no file)
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_20_0_0_228_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_20_0_0_228_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Celkový čas: 2017-12-03 12:38:37 - počítač byl restartován
ComboFix-quarantined-files.txt 2017-12-03 11:38
ComboFix2.txt 2017-12-02 19:21
ComboFix3.txt 2017-11-29 00:15
.
Před spuštěním: Volných bajtů: 640 768 794 624
Po spuštění: Volných bajtů: 640 466 440 192
.
- - End Of File - - 9975E9266132E4ED59E49C5201EB25DC
A36C5E4F47E84449FF07ED3517B43A31