Prosím o kontrolu logu Vyřešeno

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43054
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu

Příspěvekod jaro3 » 09 srp 2020 17:04

No , já myslím , že je to dobrý antivir . Ty problémy s neodstraněním , to je marketing.

Zkusíme to odstranit s frst.

Vypni antivir i firewall.
Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
další odkaz:
http://www.bleepingcomputer.com/downloa ... scan-tool/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Reklama
panzeleny
nováček
Příspěvky: 36
Registrován: duben 20
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu

Příspěvekod panzeleny » 09 srp 2020 22:03

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09-08-2020
Ran by AMD (administrator) on AMD-PC (Gigabyte Technology Co., Ltd. GA-970A-DS3) (09-08-2020 21:59:31)
Running from C:\Users\AMD\Desktop
Loaded Profiles: AMD
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(A FOUR TECH CO., LTD. -> ) C:\Program Files (x86)\Bloody6\Bloody6\Bloody6.exe
(Adlice -> ) C:\Program Files\RogueKiller\RogueKiller64.exe
(Adlice -> ) C:\Program Files\RogueKiller\RogueKillerSvc.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(F.lux Software LLC -> f.lux Software LLC) C:\Users\AMD\AppData\Local\FluxSoftware\Flux\flux.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wisptis.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Shanghai Microvirt Software Technology Co., Ltd. -> ) C:\Program Files (x86)\Microvirt\MEmu\MemuService.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-1390535825-3822005023-847873152-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3377440 2020-07-31] (Valve -> Valve Corporation)
HKU\S-1-5-21-1390535825-3822005023-847873152-1000\...\Run: [f.lux] => C:\Users\AMD\AppData\Local\FluxSoftware\Flux\flux.exe [1469968 2020-06-17] (F.lux Software LLC -> f.lux Software LLC)
HKU\S-1-5-21-1390535825-3822005023-847873152-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [28990136 2020-06-17] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1390535825-3822005023-847873152-1000\...\Run: [Bloody2] => C:\Program Files (x86)\Bloody6\Bloody6\Bloody6.exe [15900912 2019-06-13] (A FOUR TECH CO., LTD. -> )
HKU\S-1-5-21-1390535825-3822005023-847873152-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [371304 2019-09-07] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKLM\...\Print\Monitors\HP bf2a Status Monitor: C:\Windows\system32\hpinkstsbf2aLM.dll [468576 2018-06-20] (Hewlett Packard -> HP Inc.)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP LaserJet MFP M28-M31): C:\Windows\system32\HPDiscoPMbf2a.dll [988808 2018-07-04] (Hewlett Packard -> HP Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.105\Installer\chrmstp.exe [2020-07-28] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0B9AAC73-E2B2-4A77-AA92-0864CA61EB1C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1331792 2020-05-07] (Adobe Inc. -> Adobe Inc.)
Task: {1A899619-FA76-49AD-AC37-B1A474C9E49E} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe
Task: {2942B1C7-22FE-4673-A8A2-6AC99782BA2A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [24584376 2020-06-17] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {98C0756F-B3D2-4180-BD57-9E2016949BEB} - System32\Tasks\UMonitor Task => C:\Windows\SysWOW64\UMonit64.exe
Task: {9D903DB0-42AB-4CED-A578-23EB15D3392F} - System32\Tasks\AMHelper => C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe [658808 2020-07-29] (Zemana D.O.O. Sarajevo -> Zemana Ltd.)
Task: {C1A44417-DABD-458B-8D16-8757ACAEDCB6} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-06-17] (Piriform Software Ltd -> Piriform Software Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{4DDC488B-DEC5-422B-9B28-CDECA3975E8E}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1390535825-3822005023-847873152-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/
SearchScopes: HKU\S-1-5-21-1390535825-3822005023-847873152-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_221\bin\ssv.dll [2019-07-21] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_221\bin\jp2ssv.dll [2019-07-21] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\ssv.dll [2019-07-21] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\jp2ssv.dll [2019-07-21] (Oracle America, Inc. -> Oracle Corporation)

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.221.2 -> C:\Program Files\Java\jre1.8.0_221\bin\dtplugin\npDeployJava1.dll [2019-07-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.221.2 -> C:\Program Files\Java\jre1.8.0_221\bin\plugin2\npjp2.dll [2019-07-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @java.com/DTPlugin,version=11.221.2 -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\dtplugin\npDeployJava1.dll [2019-07-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.221.2 -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\plugin2\npjp2.dll [2019-07-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-05-04] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\AMD\AppData\Local\Google\Chrome\User Data\Default [2020-08-09]
CHR Extension: (Prezentace) - C:\Users\AMD\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-08-08]
CHR Extension: (Ochrana Kaspersky) - C:\Users\AMD\AppData\Local\Google\Chrome\User Data\Default\Extensions\amkpcclbbgegoafihnpgomddadjhcadd [2020-08-08]
CHR Extension: (Dokumenty) - C:\Users\AMD\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-08-08]
CHR Extension: (Disk Google) - C:\Users\AMD\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-08-08]
CHR Extension: (YouTube) - C:\Users\AMD\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-08-08]
CHR Extension: (Tabulky) - C:\Users\AMD\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-08-08]
CHR Extension: (Dokumenty Google offline) - C:\Users\AMD\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-08-08]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\AMD\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-08-08]
CHR Extension: (Gmail) - C:\Users\AMD\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-08-08]
CHR Extension: (Chrome Media Router) - C:\Users\AMD\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-08-08]
CHR HKLM\...\Chrome\Extension: [amkpcclbbgegoafihnpgomddadjhcadd] - hxxps://chrome.google.com/webstore/deta ... ddadjhcadd
CHR HKLM-x32\...\Chrome\Extension: [amkpcclbbgegoafihnpgomddadjhcadd] - hxxps://chrome.google.com/webstore/deta ... ddadjhcadd

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8403672 2019-04-25] (BattlEye Innovations e.K. -> )
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4452456 2019-09-07] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [802432 2019-02-06] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6970968 2020-08-07] (Malwarebytes Inc -> Malwarebytes)
R2 MEmuSVC; C:\Program Files (x86)\Microvirt\MEmu\MemuService.exe [85304 2019-07-02] (Shanghai Microvirt Software Technology Co., Ltd. -> )
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2495792 2020-04-08] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3447608 2020-04-08] (Electronic Arts, Inc. -> Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2019-06-28] (Even Balance, Inc. -> )
R2 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [13587000 2020-07-27] (Adlice -> )
S3 klvssbridge64_19.0.0; "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\x64\vssbridge64.exe" [X]
S2 McAfee WebAdvisor; "C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 amdhub3; C:\Windows\system32\drivers\amdhub3.sys [160936 2017-02-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc)
S3 amdhub31; C:\Windows\system32\drivers\amdhub31.sys [141528 2016-02-26] (ASMedia Technology Inc. -> Advanced Micro Devices, Inc.)
S3 amdxhc31; C:\Windows\system32\drivers\amdxhc31.sys [440536 2016-02-26] (ASMedia Technology Inc. -> Advanced Micro Devices, Inc.)
S3 amdxhci; C:\Windows\system32\drivers\amdxhci.sys [346792 2017-02-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc)
R1 amsdk; C:\Windows\system32\drivers\amsdk.sys [232792 2020-08-08] (Zemana D.O.O. Sarajevo -> Copyright 2018.)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [246912 2019-02-16] (Kaspersky Lab -> AO Kaspersky Lab)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [42256 2019-09-07] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [59360 2019-09-07] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 EtronHub3; C:\Windows\System32\Drivers\EtronHub3.sys [65408 2013-08-05] (Microsoft Windows Hardware Compatibility Publisher -> Etron Technology Inc)
S3 EtronSTOR; C:\Windows\System32\Drivers\EtronSTOR.sys [39296 2014-02-12] (Microsoft Windows Hardware Compatibility Publisher -> Etron Technology Inc)
R3 EtronXHCI; C:\Windows\System32\Drivers\EtronXHCI.sys [94208 2013-08-05] (Microsoft Windows Hardware Compatibility Publisher -> Etron Technology Inc)
S3 FLxHCIh; C:\Windows\system32\drivers\FLxHCIh.sys [87984 2017-06-13] (Fresco Logic Inc -> Fresco Logic)
R3 GeneStor; C:\Windows\System32\DRIVERS\GeneStor.sys [215608 2016-08-22] (GENESYS LOGIC, INC. -> GenesysLogic)
S3 IaNVMe; C:\Windows\system32\drivers\IaNVMe.sys [125408 2017-05-23] (Intel(R) NVMe Windows Driver -> Intel Corporation)
R0 IaNVMeF; C:\Windows\System32\drivers\IaNVMeF.sys [35808 2017-05-23] (Intel(R) NVMe Windows Driver -> Intel Corporation)
S3 IaRNVMe; C:\Windows\system32\drivers\IaRNVMe.sys [592408 2016-01-22] (Intel(R) Rapid Storage Technology Enterprise -> Intel Corporation)
R0 IaRNVMeF; C:\Windows\System32\drivers\IaRNVMeF.sys [36888 2016-01-22] (Intel(R) Rapid Storage Technology Enterprise -> Intel Corporation)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [531584 2019-03-18] (Kaspersky Lab -> AO Kaspersky Lab)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [79768 2020-02-09] (Kaspersky Lab -> AO Kaspersky Lab)
S1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [145504 2020-02-09] (Kaspersky Lab -> AO Kaspersky Lab)
S1 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [93312 2019-03-12] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [1123664 2019-10-17] (Kaspersky Lab -> AO Kaspersky Lab)
S1 klim6; C:\Windows\System32\DRIVERS\klim6.sys [58192 2019-03-19] (Kaspersky Lab -> AO Kaspersky Lab)
S3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [79184 2019-03-18] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [59512 2019-03-18] (Kaspersky Lab -> AO Kaspersky Lab)
S1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [51328 2019-03-13] (Kaspersky Lab -> AO Kaspersky Lab)
S1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [81632 2017-11-07] (Kaspersky Lab -> AO Kaspersky Lab)
S1 klwfp; C:\Windows\System32\DRIVERS\klwfp.sys [105600 2019-03-05] (Kaspersky Lab -> AO Kaspersky Lab)
S1 klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [211048 2020-02-09] (Kaspersky Lab -> AO Kaspersky Lab)
S1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [232272 2019-03-19] (Kaspersky Lab -> AO Kaspersky Lab)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [216056 2020-08-09] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248968 2020-08-07] (Malwarebytes Inc -> Malwarebytes)
R1 MEmuDrv; C:\Windows\System32\DRIVERS\MEmuDrv.sys [309952 2019-04-15] (Shanghai Microvirt Software Technology Co., Ltd. -> Maiwei Corporation)
S3 netr28ux; C:\Windows\System32\DRIVERS\netr28ux.sys [867328 2009-06-10] (Microsoft Windows -> Ralink Technology Corp.)
S3 nvme; C:\Windows\system32\drivers\nvme.sys [83784 2015-12-16] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd)
R0 nvmeF; C:\Windows\System32\drivers\nvmeF.sys [30776 2015-12-16] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd)
S3 ocznvme; C:\Windows\system32\drivers\ocznvme.sys [99592 2016-06-10] (Toshiba America Electronic Components, Inc. -> TOSHIBA CORPORATION)
R0 ocztrimfilter; C:\Windows\System32\drivers\ocztrimfilter.sys [29064 2016-06-10] (Toshiba America Electronic Components, Inc. -> TOSHIBA CORPORATION)
R3 RkFlt; C:\Windows\System32\drivers\rkflt.sys [41616 2020-08-09] (Adlice -> )
S3 rusb3hub; C:\Windows\system32\drivers\rusb3hub.sys [114568 2012-08-27] (Renesas Electronics Corporation -> Renesas Electronics Corporation)
S3 rusb3xhc; C:\Windows\system32\drivers\rusb3xhc.sys [230280 2012-08-27] (Renesas Electronics Corporation -> Renesas Electronics Corporation)
S3 tilfilter; C:\Windows\system32\drivers\TIxHCIlfilter.sys [17672 2015-02-11] (Texas Instruments, Inc. -> Texas Instruments, Inc.)
S3 tiufilter; C:\Windows\system32\drivers\TIxHCIufilter.sys [23304 2015-02-11] (Texas Instruments, Inc. -> Texas Instruments, Inc.)
U3 TrueSight; C:\Windows\System32\drivers\truesight.sys [38032 2020-08-09] (Adlice -> )
S3 VUSB3HUB; C:\Windows\system32\drivers\ViaHub3.sys [221696 2015-08-20] (Microsoft Windows Hardware Compatibility Publisher -> VIA Technologies, Inc.)
S3 xhcdrv; C:\Windows\system32\drivers\xhcdrv.sys [294912 2015-08-20] (Microsoft Windows Hardware Compatibility Publisher -> VIA Technologies, Inc.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-08-09 21:59 - 2020-08-09 21:59 - 000017830 _____ C:\Users\AMD\Desktop\FRST.txt
2020-08-09 21:59 - 2020-08-09 21:59 - 000000000 ____D C:\FRST
2020-08-09 21:58 - 2020-08-09 21:58 - 002296320 _____ (Farbar) C:\Users\AMD\Desktop\FRST64.exe
2020-08-09 15:33 - 2020-08-09 15:33 - 000216056 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2020-08-09 12:03 - 2020-08-09 15:33 - 000041616 _____ C:\Windows\system32\Drivers\rkflt.sys
2020-08-09 12:03 - 2020-08-09 15:33 - 000038032 _____ C:\Windows\system32\Drivers\truesight.sys
2020-08-08 23:42 - 2020-08-09 09:47 - 000052620 _____ C:\Users\AMD\Desktop\MTB.txt
2020-08-08 23:38 - 2020-08-08 23:38 - 000001787 _____ C:\Users\AMD\Desktop\CrystalDiskInfo.lnk
2020-08-08 23:38 - 2020-08-08 23:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2020-08-08 23:38 - 2020-08-08 23:38 - 000000000 ____D C:\Program Files\CrystalDiskInfo
2020-08-08 23:37 - 2020-08-08 23:37 - 004529600 _____ (Crystal Dew World ) C:\Users\AMD\Desktop\CrystalDiskInfo8_7_0.exe
2020-08-08 23:37 - 2020-08-08 23:37 - 000892416 _____ (Farbar) C:\Users\AMD\Desktop\MiniToolBox.exe
2020-08-08 21:24 - 2020-08-08 21:24 - 000232792 _____ (Copyright 2018.) C:\Windows\system32\Drivers\amsdk.sys
2020-08-08 21:24 - 2020-08-08 21:24 - 000003470 _____ C:\Windows\system32\Tasks\AMHelper
2020-08-08 21:24 - 2020-08-08 21:24 - 000001256 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2020-08-08 21:24 - 2020-08-08 21:24 - 000001256 _____ C:\ProgramData\Desktop\Zemana AntiMalware.lnk
2020-08-08 21:24 - 2020-08-08 21:24 - 000000000 ____D C:\Users\AMD\AppData\Local\Zemana
2020-08-08 21:24 - 2020-08-08 21:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2020-08-08 21:24 - 2020-08-08 21:24 - 000000000 ____D C:\Program Files (x86)\Zemana
2020-08-08 21:22 - 2020-08-08 21:24 - 000000000 ____D C:\Users\AMD\AppData\Local\AMSDK
2020-08-08 21:19 - 2014-02-13 23:59 - 000024064 _____ C:\Windows\zoek-delete.exe
2020-08-08 21:02 - 2020-08-08 21:16 - 000000000 ____D C:\zoek_backup
2020-08-08 21:00 - 2020-08-08 21:00 - 012795472 _____ (Zemana Ltd. ) C:\Users\AMD\Desktop\AntiMalware_Setup.exe
2020-08-08 20:59 - 2020-08-08 21:00 - 002038755 _____ C:\Users\AMD\Desktop\zoek.exe
2020-08-08 12:37 - 2020-08-08 12:42 - 000000000 ____D C:\ProgramData\RogueKiller
2020-08-08 12:37 - 2020-08-08 12:37 - 000000858 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2020-08-08 12:37 - 2020-08-08 12:37 - 000000858 _____ C:\ProgramData\Desktop\RogueKiller.lnk
2020-08-08 12:37 - 2020-08-08 12:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2020-08-08 12:37 - 2020-08-08 12:37 - 000000000 ____D C:\Program Files\RogueKiller
2020-08-08 10:32 - 2020-08-08 10:32 - 000002759 _____ C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk
2020-08-08 10:32 - 2020-08-08 10:32 - 000002759 _____ C:\ProgramData\Desktop\Sophos Virus Removal Tool.lnk
2020-08-08 10:32 - 2020-08-08 10:32 - 000000000 ____D C:\ProgramData\Sophos
2020-08-08 10:32 - 2020-08-08 10:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2020-08-08 10:32 - 2020-08-08 10:32 - 000000000 ____D C:\Program Files (x86)\Sophos
2020-08-08 10:29 - 2020-08-08 10:29 - 000001862 _____ C:\Users\AMD\Desktop\JRT.txt
2020-08-08 10:24 - 2020-08-08 10:24 - 040314800 _____ (Adlice Software ) C:\Users\AMD\Desktop\RogueKiller_setup.exe
2020-08-08 10:19 - 2020-08-08 10:20 - 206758184 _____ (Sophos Limited) C:\Users\AMD\Desktop\Sophos Virus Removal Tool.exe
2020-08-08 10:18 - 2020-08-08 10:18 - 001790024 _____ (Malwarebytes) C:\Users\AMD\Desktop\JRT.exe
2020-08-07 23:36 - 2020-08-08 15:17 - 000000000 ____D C:\Users\AMD\AppData\Local\CrashDumps
2020-08-07 22:05 - 2020-08-07 22:08 - 000000000 ____D C:\AdwCleaner
2020-08-07 22:00 - 2020-08-08 13:56 - 000000000 ____D C:\Users\AMD\AppData\Local\Adobe
2020-08-07 21:58 - 2020-08-07 21:58 - 000000000 ____D C:\Users\AMD\AppData\Local\CEF
2020-08-07 21:55 - 2020-08-07 21:55 - 008414384 _____ (Malwarebytes) C:\Users\AMD\Desktop\AdwCleaner.exe
2020-08-07 21:54 - 2020-08-07 21:55 - 000448512 _____ (OldTimer Tools) C:\Users\AMD\Desktop\TFC.exe
2020-08-07 21:54 - 2020-08-07 21:54 - 000050688 _____ (Atribune.org) C:\Users\AMD\Desktop\ATF-Cleaner.exe
2020-08-07 09:29 - 2020-08-07 09:29 - 000248968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2020-08-07 09:29 - 2020-08-07 09:29 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2020-08-07 09:29 - 2020-08-07 09:29 - 000001960 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-08-07 09:29 - 2020-08-07 09:29 - 000001948 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-08-07 09:29 - 2020-08-07 09:29 - 000001948 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2020-08-07 09:29 - 2020-08-07 09:29 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-08-07 09:28 - 2020-08-07 09:28 - 000000000 ____D C:\Program Files\Malwarebytes
2020-08-07 09:27 - 2020-08-07 09:27 - 002040904 _____ (Malwarebytes) C:\Users\AMD\Desktop\MBSetup.exe
2020-08-07 09:15 - 2020-08-09 09:48 - 000000000 ____D C:\Users\AMD\Desktop\Logy
2020-07-25 15:43 - 2020-07-25 15:43 - 000054348 _____ C:\Users\AMD\Downloads\křepelka kladivo.pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-08-09 22:00 - 2020-04-21 21:01 - 000062742 _____ C:\Windows\ZAM.krnl.trace
2020-08-09 15:40 - 2009-07-14 06:45 - 000033072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-08-09 15:40 - 2009-07-14 06:45 - 000033072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-08-09 15:37 - 2011-04-12 10:34 - 000668138 _____ C:\Windows\system32\perfh005.dat
2020-08-09 15:37 - 2011-04-12 10:34 - 000140798 _____ C:\Windows\system32\perfc005.dat
2020-08-09 15:37 - 2009-07-14 07:13 - 001582262 _____ C:\Windows\system32\PerfStringBackup.INI
2020-08-09 15:37 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2020-08-09 15:34 - 2019-06-13 01:12 - 000000000 ____D C:\Program Files (x86)\Steam
2020-08-09 15:33 - 2019-06-11 11:12 - 000000000 ____D C:\ProgramData\NVIDIA
2020-08-09 15:33 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-08-08 21:16 - 2019-06-11 10:38 - 000000000 ____D C:\Users\AMD
2020-08-08 13:29 - 2019-06-13 18:33 - 000281688 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2020-08-08 13:29 - 2019-06-13 04:42 - 000281688 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2020-08-08 13:27 - 2019-08-26 08:55 - 000000000 ____D C:\Users\AMD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2020-08-07 09:13 - 2019-11-08 00:39 - 000000000 ____D C:\Users\AMD\Desktop\tatka
2020-08-07 09:13 - 2019-08-12 07:32 - 000000000 ____D C:\Users\AMD\Desktop\Aloiks
2020-08-07 09:12 - 2019-08-04 13:30 - 000000000 ____D C:\Users\AMD\AppData\Roaming\inkscape
2020-08-07 09:10 - 2019-08-12 07:25 - 000000000 ____D C:\Users\AMD\Desktop\Tonda
2020-08-07 09:07 - 2019-08-11 12:02 - 000000000 ____D C:\Users\AMD\.MemuHyperv
2020-08-07 08:57 - 2019-07-20 08:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Terasoft
2020-08-07 08:56 - 2019-07-14 12:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Grinding Gear Games
2020-08-07 08:53 - 2019-08-25 14:27 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2020-08-07 08:39 - 2020-04-23 17:58 - 000001078 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2020-08-07 08:39 - 2020-04-23 17:58 - 000001078 _____ C:\ProgramData\Desktop\Revo Uninstaller.lnk
2020-08-07 08:39 - 2019-06-13 01:39 - 000000866 _____ C:\Users\Public\Desktop\CCleaner.lnk
2020-08-07 08:39 - 2019-06-13 01:39 - 000000866 _____ C:\ProgramData\Desktop\CCleaner.lnk
2020-07-28 20:07 - 2019-06-13 01:11 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-07-28 20:07 - 2019-06-13 01:11 - 000002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-07-28 20:07 - 2019-06-13 01:11 - 000002183 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-07-27 22:16 - 2019-07-18 12:22 - 000000000 ____D C:\ProgramData\HP
2020-07-23 21:34 - 2009-07-14 07:08 - 000032616 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2020-07-17 17:31 - 2019-06-13 04:42 - 000348360 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2020-07-17 17:30 - 2019-06-13 01:26 - 000000000 ____D C:\Program Files (x86)\Origin Games
2020-07-17 17:30 - 2019-06-13 01:18 - 000000000 ____D C:\Users\AMD\AppData\Roaming\Origin
2020-07-17 17:30 - 2019-06-13 01:18 - 000000000 ____D C:\Users\AMD\AppData\Local\Origin
2020-07-17 17:30 - 2019-06-13 01:18 - 000000000 ____D C:\ProgramData\Origin

==================== Files in the root of some directories ========

2020-06-20 11:42 - 2020-06-20 11:42 - 000000727 _____ () C:\Users\AMD\AppData\Local\recently-used.xbel
2020-01-03 21:23 - 2020-01-05 11:37 - 000007602 _____ () C:\Users\AMD\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2020-08-05 07:18
==================== End of FRST.txt ========================

panzeleny
nováček
Příspěvky: 36
Registrován: duben 20
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu

Příspěvekod panzeleny » 09 srp 2020 22:03

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-08-2020
Ran by AMD (09-08-2020 22:00:21)
Running from C:\Users\AMD\Desktop
Windows 7 Professional Service Pack 1 (X64) (2019-06-11 08:38:16)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1390535825-3822005023-847873152-500 - Administrator - Disabled)
AMD (S-1-5-21-1390535825-3822005023-847873152-1000 - Administrator - Enabled) => C:\Users\AMD
Guest (S-1-5-21-1390535825-3822005023-847873152-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1390535825-3822005023-847873152-1002 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.009.20074 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.238 - Adobe)
Albion Online (HKLM-x32\...\SandboxAlbionOnline) (Version: - Sandbox Interactive GmbH)
Assassin's Creed Unity (HKLM-x32\...\Uplay Install 720) (Version: - Ubisoft)
Autodesk Fusion 360 (HKU\S-1-5-21-1390535825-3822005023-847873152-1000\...\73e72ada57b7480280f7a6f4a289729f) (Version: 2.0.6032 - Autodesk, Inc.)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Bloody6 (HKLM-x32\...\Bloody3) (Version: 19.06.0006 - Bloody)
Call of Juarez Gunslinger (c) Ubisoft version 1 (HKLM-x32\...\Q2FsbG9mSnVhcmV6R3Vuc2xpbmdlcg==_is1) (Version: 1 - )
CCleaner (HKLM\...\CCleaner) (Version: 5.68 - Piriform)
CrystalDiskInfo 8.7.0 (HKLM\...\CrystalDiskInfo_is1) (Version: 8.7.0 - Crystal Dew World)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.11.0.0948 - Disc Soft Ltd)
Discord (HKU\S-1-5-21-1390535825-3822005023-847873152-1000\...\Discord) (Version: 0.0.305 - Discord Inc.)
Etron USB3.0 Host Controller (HKLM-x32\...\{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.118 - Etron Technology) Hidden
Etron USB3.0 Host Controller (HKLM-x32\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.118 - Etron Technology)
f.lux (HKU\S-1-5-21-1390535825-3822005023-847873152-1000\...\Flux) (Version: - f.lux Software LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 84.0.4147.105 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Guild Wars 2 (HKLM\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.)
HP Dropbox Plugin (HKLM-x32\...\{7B730D4C-A9F2-42BA-90E9-3B1B1FE22D41}) (Version: 36.0.191.0 - HP)
HP EmailSMTP Plugin (HKLM-x32\...\{1E00635B-B22C-4953-BBCC-61BAED7C2D85}) (Version: 43.0.191.0 - HP)
HP FTP Plugin (HKLM-x32\...\{68DC53C1-AEE9-460A-A142-C9E8151F489E}) (Version: 43.0.191.0 - HP)
HP Google Drive Plugin (HKLM-x32\...\{B67ABBB5-5C0D-4619-A6D6-BA5A5FA422CC}) (Version: 36.0.191.0 - HP)
HP LaserJet MFP M28-M31 Nápověda (HKLM-x32\...\{0DF6621D-67C2-4E12-A5CF-260E985B8743}) (Version: 0.00.0005 - HP)
HP OneDrive Plugin (HKLM-x32\...\{1DE55A9E-B55D-4943-97B6-064B04A57AE2}) (Version: 36.0.191.0 - HP)
HP SFTP Plugin (HKLM-x32\...\{1F0191BF-E339-4192-85D9-C369CA3FE9F1}) (Version: 43.0.191.0 - HP)
HP SharePoint Plugin (HKLM-x32\...\{8775F78E-6414-48E3-98D2-76EBB1B8721F}) (Version: 43.0.191.0 - HP)
I.R.I.S OCR (HKLM-x32\...\{39508F29-1E81-40FC-85DA-3182CB04614E}) (Version: 15.2.10.1114 - HP Inc.)
Inkscape 0.92.4 (HKLM-x32\...\Inkscape) (Version: 0.92.4 - Inkscape Project)
Java 8 Update 221 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180221F0}) (Version: 8.0.2210.11 - Oracle Corporation)
Java 8 Update 221 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180221F0}) (Version: 8.0.2210.11 - Oracle Corporation)
League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc)
LibreOffice 6.2.4.2 (HKLM\...\{B8FF8670-C6F4-4868-9DB2-C23324C0E575}) (Version: 6.2.4.2 - The Document Foundation)
Malwarebytes version 4.1.2.73 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.2.73 - Malwarebytes)
MEmu (HKLM-x32\...\MEmu) (Version: 6.2.9.0 - Microvirt Software Technology Co. Ltd.)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{14297226-E0A0-3781-8911-E9D529552663}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mount&Blade (HKLM-x32\...\Mount&Blade) (Version: - )
NVIDIA Ovladač HD audia 1.3.38.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.16 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 430.64 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 430.64 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.67.39484 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 430.64 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 430.64 - NVIDIA Corporation) Hidden
PowerISO (HKLM-x32\...\PowerISO) (Version: 7.4 - Power Software Ltd)
Project Reality: BF2 (HKLM\...\Project Reality: BF2 (pr)_is1) (Version: v1.5 - Project Reality)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.88.617.2014 - Realtek)
Revo Uninstaller 2.1.1 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.1.1 - VS Revo Group, Ltd.)
RogueKiller version 14.6.2.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 14.6.2.0 - Adlice Software)
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.7.0 - Sophos Limited)
Starborne (HKLM\...\{C5FA498D-B21A-46CD-8EC8-2D13A9904C43}) (Version: 1.0.0 - Solid Clouds)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.3.0 - TeamSpeak Systems GmbH)
Uplay (HKLM-x32\...\Uplay) (Version: 4.9 - Ubisoft)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
War Thunder Launcher 1.0.3.171 (HKU\S-1-5-21-1390535825-3822005023-847873152-1000\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - Gaijin Entertainment)
Základní software zařízení HP LaserJet MFP M28-M31 (HKLM\...\{C9DEFBBD-AC31-4DF6-81C2-385FCAA3B28B}) (Version: 46.2.2636.18185 - HP Inc.)
Zemana AntiMalware verze 3.2.27 (HKLM-x32\...\{4E1F3677-C72E-4F7D-B66E-85467B1A289E}_is1) (Version: 3.2.27 - Zemana)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana\AntiMalware\AM_ShellExt64.dll [2020-07-29] (Zemana D.O.O. Sarajevo -> Advanced Malware Protection. Copyright 2019.)
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2019-04-18] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2019-09-07] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2019-09-07] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-08-07] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2019-04-18] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2019-05-06] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana\AntiMalware\AM_ShellExt64.dll [2020-07-29] (Zemana D.O.O. Sarajevo -> Advanced Malware Protection. Copyright 2019.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-08-07] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2019-04-18] (Power Software Limited -> Power Software Ltd)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Loaded Modules (Whitelisted) =============

2019-09-07 08:57 - 2019-09-07 08:57 - 000082432 _____ () [File not signed] [File is in use] C:\Program Files\DAEMON Tools Lite\ToastNotificationControl.dll
2019-07-27 00:00 - 2017-04-17 04:43 - 003852800 ____N () [File not signed] C:\Program Files (x86)\Bloody6\Bloody6\Data\Mouse\Forms\Internet_Advertisement\Internet_Advertisement_DLL.dll
2019-09-07 08:57 - 2019-09-07 08:57 - 000045056 _____ (hardcodet.net) [File not signed] [File is in use] C:\Program Files\DAEMON Tools Lite\Hardcodet.Wpf.TaskbarNotification.dll
2019-09-07 08:57 - 2019-09-07 08:57 - 000112128 _____ (iQmetrix) [File not signed] [File is in use] C:\Program Files\DAEMON Tools Lite\QuickConverter.dll
2017-08-16 01:33 - 2017-08-16 01:33 - 001265664 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\HP\Common\HPDestPlgIn\LIBEAY32.dll
2019-06-13 01:20 - 2020-02-07 21:39 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2019-06-13 01:20 - 2020-02-07 21:39 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2019-06-13 01:20 - 2020-02-07 21:39 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2019-06-13 01:20 - 2020-02-07 21:39 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2019-06-13 01:20 - 2020-02-07 21:39 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2019-06-13 01:20 - 2020-02-07 21:39 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2019-06-13 01:20 - 2020-02-07 21:39 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\47866901.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\47866901.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2020-08-08 21:04 - 000000841 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\HP\Common\HPDestPlgIn\;C:\Program Files (x86)\HP\IdrsOCR_15.2.10.1114\
HKU\S-1-5-21-1390535825-3822005023-847873152-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\AMD\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{FA467B84-D05A-4A3A-94D6-F49C790490AB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{1892998B-26C2-4C30-899E-9C6E70BE3826}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{6E9FA549-20F8-4A1A-9B00-33693FE6D05F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{4BC69576-FFAC-485D-9D2A-927D8D65360D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{8597EA23-2738-4493-8D34-25F0BC9A87A6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{3D279155-B7BC-4428-BD0B-50CAA5036F93}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{203375B0-CED8-4E6C-AB88-49DB8AD50360}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\the witcher 2\Launcher.exe (CD Projekt RED) [File not signed]
FirewallRules: [{9B952905-5A00-4669-9B9B-FE10699A6AAC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\the witcher 2\Launcher.exe (CD Projekt RED) [File not signed]
FirewallRules: [{752211C3-2501-4E02-9AD5-9E97A12974DB}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [{E0870458-A29B-4D7B-9747-05894279737C}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [{391B397F-BDCF-457E-81C2-C559EB34289F}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{12B1C644-5E41-4355-BF14-642CD1E359FE}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{E43E4DB1-B8A3-40AF-8FDE-8E315CC972E6}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{CE361ECC-E131-460E-9C63-7D210445B376}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [TCP Query User{F8A4B524-23F0-4625-86EE-0EE102C08488}E:\program files\hry\far cry 3\bin\farcry3.exe] => (Allow) E:\program files\hry\far cry 3\bin\farcry3.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [UDP Query User{764ED1A5-5E9A-480D-8804-91169A9FA883}E:\program files\hry\far cry 3\bin\farcry3.exe] => (Allow) E:\program files\hry\far cry 3\bin\farcry3.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{3F21A16B-68A7-45F8-8BF5-9D6B01FF908F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [{88D1EA77-D79F-406F-9353-C243D6BE99E2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [TCP Query User{88B29DC3-70E0-4CFA-89CB-361F25361641}C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe () [File not signed]
FirewallRules: [UDP Query User{B72BB049-C7B9-4F42-B552-B19294D8C225}C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe () [File not signed]
FirewallRules: [{73C85418-B687-4D0A-92FF-2F139B23369B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{0878B140-B9F8-4013-9329-58675AF53027}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{F623B544-8312-43BA-B9C7-996C972A7C98}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Assassin's Creed Rogue\ACC.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{B8D381F4-6C83-4C59-9744-5480330880CD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Assassin's Creed Rogue\ACC.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{E5E6B632-EB09-4181-A19C-0B33197492F8}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed Unity\ACU.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{6C1EE169-8BAF-490B-A498-B5AAC10FEFD1}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed Unity\ACU.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{E29E9E08-A1F4-4D2D-834D-9291EF1A45E6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Conqueror's Blade\ConquerorsBladeSteamLoader.exe (Mail.Ru LLC -> )
FirewallRules: [{7837D799-BBD0-4A09-B7BF-7E37E8E562BF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Conqueror's Blade\ConquerorsBladeSteamLoader.exe (Mail.Ru LLC -> )
FirewallRules: [TCP Query User{1AABAC4D-CCCF-4B4A-8DF0-223F30341400}C:\program files (x86)\steam\steamapps\common\conqueror's blade\gamecenter\gamecenter.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\conqueror's blade\gamecenter\gamecenter.exe (Mail.Ru, LLC -> )
FirewallRules: [UDP Query User{58C853D1-E214-4607-8D7B-5714035040A8}C:\program files (x86)\steam\steamapps\common\conqueror's blade\gamecenter\gamecenter.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\conqueror's blade\gamecenter\gamecenter.exe (Mail.Ru, LLC -> )
FirewallRules: [{29E4ADDA-AFFE-4807-B24A-FF33AB884B41}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AoW3\AoW3Launcher.exe () [File not signed]
FirewallRules: [{F9B13AF3-FC5E-4C69-936E-8F29D8AF5AC9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AoW3\AoW3Launcher.exe () [File not signed]
FirewallRules: [{A8E4DD22-FA87-426B-80B8-D7FBF382E04B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Empires Apart\autorun.exe (Slitherine Ltd -> Slitherine Publishing Ltd.)
FirewallRules: [{34E410C3-C8A4-4E45-8939-79F86829CECC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Empires Apart\autorun.exe (Slitherine Ltd -> Slitherine Publishing Ltd.)
FirewallRules: [TCP Query User{468B639A-FA0E-4746-A815-07D5DC05B5D2}C:\program files (x86)\steam\steamapps\common\empires apart\impero\binaries\win64\impero-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\empires apart\impero\binaries\win64\impero-win64-shipping.exe (Slitherine Ltd -> DESTINYbit)
FirewallRules: [UDP Query User{9CC2A117-DF1F-4C94-8E51-3F2E1F7F9DC3}C:\program files (x86)\steam\steamapps\common\empires apart\impero\binaries\win64\impero-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\empires apart\impero\binaries\win64\impero-win64-shipping.exe (Slitherine Ltd -> DESTINYbit)
FirewallRules: [{D6D543C3-28F7-40F4-A02D-2B9758945E99}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AoW3\AoW3.exe () [File not signed]
FirewallRules: [{CF2F57F4-B090-4E75-9EE9-DAE1FC7BEBF0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AoW3\AoW3.exe () [File not signed]
FirewallRules: [{D9B26BB7-EF74-425B-9262-AEC3103BCAEF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AoW3\AoW3_Debug.exe () [File not signed]
FirewallRules: [{105C12BE-FB50-4EA4-A48F-549C8C065107}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AoW3\AoW3_Debug.exe () [File not signed]
FirewallRules: [{C80D00A2-EFC8-4615-9CC8-A081B796D9EC}] => (Allow) C:\Program Files\HP\HP LaserJet MFP M28-M31\bin\EWSProxy.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{236BDAFB-D3DC-4257-AFC6-4AE81A9E2224}] => (Allow) C:\Program Files\HP\HP LaserJet MFP M28-M31\bin\DigitalWizards.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{2B5D4F2A-69EB-467E-ACB5-E54F3E466AFD}] => (Allow) C:\Program Files\HP\HP LaserJet MFP M28-M31\Bin\DeviceSetup.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{8641151D-CBC2-46A1-96E4-A81ED031D730}] => (Allow) LPort=5357
FirewallRules: [{1C2A93B2-22A1-4109-A272-FC857A096158}] => (Allow) C:\Program Files\HP\HP LaserJet MFP M28-M31\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [TCP Query User{1BE2FD95-69F8-4258-BF8E-47D8F3BC8562}C:\program files (x86)\common files\oracle\java\javapath_target_1281610\javaw.exe] => (Allow) C:\program files (x86)\common files\oracle\java\javapath_target_1281610\javaw.exe
FirewallRules: [UDP Query User{E4C6CA7A-C3B0-4145-9F9A-700DA3BE4D32}C:\program files (x86)\common files\oracle\java\javapath_target_1281610\javaw.exe] => (Allow) C:\program files (x86)\common files\oracle\java\javapath_target_1281610\javaw.exe
FirewallRules: [{543BC28D-CB40-4F0E-AEE3-D8A8C7114FB5}] => (Allow) C:\Program Files (x86)\Project Reality\Project Reality BF2\prbf2.exe (Wouter Jansen -> )
FirewallRules: [{5365240B-7C47-4E34-B121-CCA57FE1FC0C}] => (Allow) C:\Program Files (x86)\Project Reality\Project Reality BF2\mods\pr\bin\PRLauncher.exe (Wouter Jansen -> Project Reality)
FirewallRules: [{55616E84-A249-4E8B-9BBA-98733792653D}] => (Allow) C:\Program Files (x86)\Project Reality\Project Reality BF2\mods\pr\bin\PRUpdater.exe (Wouter Jansen -> Project Reality)
FirewallRules: [{53B641D9-6D0F-45FA-B143-3B113B81289E}] => (Allow) C:\Program Files (x86)\Project Reality\Project Reality BF2\mods\pr\bin\PRMumble\PRMumble.exe (Wouter Jansen -> Project Reality)
FirewallRules: [TCP Query User{B2293439-60B9-46F8-AFF4-133A2A374F29}C:\users\amd\appdata\local\warthunder\launcher.exe] => (Allow) C:\users\amd\appdata\local\warthunder\launcher.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [UDP Query User{7CFEBC40-C68E-4632-8002-9F68EF132066}C:\users\amd\appdata\local\warthunder\launcher.exe] => (Allow) C:\users\amd\appdata\local\warthunder\launcher.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [TCP Query User{2428C6F4-8305-4B29-AEAB-4236248A17D6}C:\users\amd\appdata\local\warthunder\win32\aces.exe] => (Allow) C:\users\amd\appdata\local\warthunder\win32\aces.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [UDP Query User{F13F4C76-EDEC-4927-B4DD-85556CA8C182}C:\users\amd\appdata\local\warthunder\win32\aces.exe] => (Allow) C:\users\amd\appdata\local\warthunder\win32\aces.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [TCP Query User{A2530E8D-2D05-4002-9645-F42F1F49DE3F}C:\users\amd\appdata\local\warthunder\launcher.exe] => (Allow) C:\users\amd\appdata\local\warthunder\launcher.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [UDP Query User{166BD7AB-1234-442B-BAF5-666C6918FF93}C:\users\amd\appdata\local\warthunder\launcher.exe] => (Allow) C:\users\amd\appdata\local\warthunder\launcher.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [{8F378BC8-0B23-4E66-AFD1-6F9578F41B51}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\New Frontier\Launcher.exe (Free Reign Entertainment LLC -> Free Reign Entertainment LLC)
FirewallRules: [{F9A3D9E4-E8CA-42AF-97A9-2C0934A8549C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\New Frontier\Launcher.exe (Free Reign Entertainment LLC -> Free Reign Entertainment LLC)
FirewallRules: [{4AC525B0-4996-478C-AA0E-4E953DD84814}] => (Allow) C:\Riot Games\League of Legends\LeagueClient.exe (Riot Games, Inc. -> )
FirewallRules: [{CA80C526-325D-488A-B3DC-7DB46B56490E}] => (Allow) C:\Riot Games\League of Legends\LeagueClient.exe (Riot Games, Inc. -> )
FirewallRules: [TCP Query User{EEF370B8-2431-4076-A691-C4B430AF033D}C:\riot games\league of legends\game\league of legends.exe] => (Allow) C:\riot games\league of legends\game\league of legends.exe (Riot Games, Inc. -> )
FirewallRules: [UDP Query User{D05C5681-9521-4DEC-8A80-3E8EFCC67FD5}C:\riot games\league of legends\game\league of legends.exe] => (Allow) C:\riot games\league of legends\game\league of legends.exe (Riot Games, Inc. -> )
FirewallRules: [{A5A0F105-FB71-410C-80D4-2406AAD5023E}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{AAF0AAB8-5E17-4420-B3D3-5009B6F16D9D}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [TCP Query User{FF693A43-AB49-4A97-8468-3B225578D83D}C:\program files (x86)\sea3d\sea3d.exe] => (Allow) C:\program files (x86)\sea3d\sea3d.exe => No File
FirewallRules: [{C4F205B9-FD51-454D-B7D4-7728DAA2BDB8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\WW1GameSeries\Verdun\Verdun.exe () [File not signed]
FirewallRules: [{4A63D8BA-F8A2-447B-A9B3-089B6EB5AFF5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\WW1GameSeries\Verdun\Verdun.exe () [File not signed]
FirewallRules: [{D915B38E-B1EC-45CC-80EE-95BFD66AA385}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

22-03-2020 11:58:25 Naplánovaný kontrolní bod
29-03-2020 22:49:16 Naplánovaný kontrolní bod
08-04-2020 10:31:51 Naplánovaný kontrolní bod
16-04-2020 08:56:35 Naplánovaný kontrolní bod
16-04-2020 09:18:40 Removed Age of Empires III
20-04-2020 18:48:56 JRT Pre-Junkware Removal
20-04-2020 19:51:40 Installed Sophos Virus Removal Tool.
21-04-2020 20:38:29 zoek.exe restore point
23-04-2020 17:59:51 Revo Uninstaller's restore point - Kaspersky Anti-Virus
23-04-2020 21:09:35 Restore Point Created by FRST
01-05-2020 16:38:56 Naplánovaný kontrolní bod
10-05-2020 10:18:41 Naplánovaný kontrolní bod
17-05-2020 10:22:43 Naplánovaný kontrolní bod
24-05-2020 10:54:25 Naplánovaný kontrolní bod
31-05-2020 14:11:43 Naplánovaný kontrolní bod
09-06-2020 09:46:07 Naplánovaný kontrolní bod
16-06-2020 11:34:53 Naplánovaný kontrolní bod
23-06-2020 13:04:27 Naplánovaný kontrolní bod
01-07-2020 21:55:06 Naplánovaný kontrolní bod
09-07-2020 00:00:00 Naplánovaný kontrolní bod
16-07-2020 20:37:17 Naplánovaný kontrolní bod
23-07-2020 21:59:19 Naplánovaný kontrolní bod
31-07-2020 12:45:21 Naplánovaný kontrolní bod
07-08-2020 08:52:08 Revo Uninstaller's restore point - Booking
07-08-2020 08:53:13 Revo Uninstaller's restore point - Kaspersky Secure Connection
07-08-2020 08:54:18 Revo Uninstaller's restore point - Path of Exile
07-08-2020 08:56:12 Revo Uninstaller's restore point - PlanetSide 2
07-08-2020 08:56:58 Revo Uninstaller's restore point - TS Diktáty (plná instalace)
07-08-2020 08:58:53 Revo Uninstaller's restore point - RogueKiller version 14.4.0.0
07-08-2020 09:00:10 Revo Uninstaller's restore point - Sophos Virus Removal Tool
07-08-2020 09:02:53 Revo Uninstaller's restore point - Zemana AntiMalware verze 3.1.495
07-08-2020 09:03:47 Revo Uninstaller's restore point - Malwarebytes version 4.1.2.73
08-08-2020 10:27:35 JRT Pre-Junkware Removal
08-08-2020 10:31:56 Installed Sophos Virus Removal Tool.
08-08-2020 21:03:17 zoek.exe restore point

==================== Faulty Device Manager Devices ============

Name: kldisk
Description: kldisk
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: kldisk
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Kaspersky Anti-Virus NDIS 6 Filter
Description: Kaspersky Anti-Virus NDIS 6 Filter
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: klim6
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: kltdi
Description: kltdi
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: kltdi
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: klwfp
Description: klwfp
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: klwfp
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: KLwtp - WFP callout traffic inspector
Description: KLwtp - WFP callout traffic inspector
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: klwtp
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: kneps
Description: kneps
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: kneps
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: ========================

Application errors:
==================
Error: (08/09/2020 03:33:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (08/09/2020 12:03:42 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (08/09/2020 10:50:52 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (08/09/2020 10:03:19 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: Problém zabránil odeslání dat programu Zlepšování softwaru a služeb na základě zkušeností uživatelů společnosti Microsoft, (chyba 80004005).

Error: (08/09/2020 09:30:31 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (08/08/2020 09:20:45 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (08/08/2020 03:17:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Game.exe, verze: 1.0.0.0, časové razítko: 0x72454562
Název chybujícího modulu: LS3DF.dll, verze: 0.0.0.0, časové razítko: 0x3ef851b2
Kód výjimky: 0xc0000005
Posun chyby: 0x0005ac2e
ID chybujícího procesu: 0x634
Čas spuštění chybující aplikace: 0x01d66d7af2ca1a36
Cesta k chybující aplikaci: E:\Users\Travnicek\Desktop\Alois\Matouš HDD\hry\Mafia\Game.exe
Cesta k chybujícímu modulu: E:\Users\Travnicek\Desktop\Alois\Matouš HDD\hry\Mafia\LS3DF.dll
ID zprávy: 77023a2f-d979-11ea-a4a7-902b34a84b83

Error: (08/08/2020 10:48:43 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: Problém zabránil odeslání dat programu Zlepšování softwaru a služeb na základě zkušeností uživatelů společnosti Microsoft, (chyba 80004005).


System errors:
=============
Error: (08/09/2020 03:33:44 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
klbackupflt
klim6
klpd
kltdi
klwfp
klwtp
kneps

Error: (08/09/2020 03:33:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba McAfee WebAdvisor neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (08/09/2020 12:03:40 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
klbackupflt
klim6
klpd
kltdi
klwfp
klwtp
kneps

Error: (08/09/2020 12:03:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba McAfee WebAdvisor neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (08/09/2020 10:50:50 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
klbackupflt
klim6
klpd
kltdi
klwfp
klwtp
kneps

Error: (08/09/2020 10:50:45 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba McAfee WebAdvisor neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (08/09/2020 09:30:29 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
klbackupflt
klim6
klpd
kltdi
klwfp
klwtp
kneps

Error: (08/09/2020 09:30:24 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba McAfee WebAdvisor neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.


Windows Defender:
===================================
Date: 2019-06-13 05:28:04.259
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu:1.1.16000.6
Předchozí verze modulu:1.1.6402.0
Zdroj aktualizace:Uživatel
Uživatel:NT AUTHORITY\SYSTEM
Kód chyby:0x8050800c
Popis chyby:Došlo k neočekávaným potížím. Nainstalujte všechny dostupné aktualizace a potom opakujte spuštění programu. Informace o instalaci aktualizací naleznete v nápovědě a podpoře.

Date: 2019-06-11 11:27:55.586
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu:1.1.16000.6
Předchozí verze modulu:1.1.6402.0
Zdroj aktualizace:Uživatel
Uživatel:AMD-PC\AMD
Kód chyby:0x8050800c
Popis chyby:Došlo k neočekávaným potížím. Nainstalujte všechny dostupné aktualizace a potom opakujte spuštění programu. Informace o instalaci aktualizací naleznete v nápovědě a podpoře.

CodeIntegrity:
===================================

Date: 2019-06-11 11:35:40.318
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\EtronHub3.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-06-11 11:35:40.272
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\EtronHub3.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-06-11 11:14:38.415
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\EtronXHCI.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-06-11 11:14:38.400
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\EtronXHCI.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-06-11 11:05:24.181
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\EtronXHCI.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-06-11 11:05:24.025
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\EtronXHCI.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-06-11 11:03:29.181
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\EtronXHCI.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-06-11 11:03:29.150
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\EtronXHCI.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

BIOS: Award Software International, Inc. F7d 09/09/2014
Motherboard: Gigabyte Technology Co., Ltd. GA-970A-DS3
Processor: AMD Athlon(tm) II X4 640 Processor
Percentage of memory in use: 37%
Total physical RAM: 8189.41 MB
Available physical RAM: 5148.09 MB
Total Virtual: 16376.96 MB
Available Virtual: 12810.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:894.15 GB) (Free:399.84 GB) NTFS
Drive e: (Nový svazek) (Fixed) (Total:1863.01 GB) (Free:1004.66 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive h: () (Removable) (Total:7.49 GB) (Free:0.35 GB) FAT32

\\?\Volume{969d068c-8c23-11e9-a1ca-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 894.3 GB) (Disk ID: C572D69C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=894.2 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 000BFF3D)
Partition 1: (Active) - (Size=1863 GB) - (Type=07 NTFS)

==========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 7.5 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=7.5 GB) - (Type=0B)

==================== End of Addition.txt =======================

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43054
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu

Příspěvekod jaro3 » 09 srp 2020 23:27

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CreateRestorePoint:
CloseProcesses:
Task: {1A899619-FA76-49AD-AC37-B1A474C9E49E} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe
SearchScopes: HKU\S-1-5-21-1390535825-3822005023-847873152-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
CHR Extension: (Ochrana Kaspersky) - C:\Users\AMD\AppData\Local\Google\Chrome\User Data\Default\Extensions\amkpcclbbgegoafihnpgomddadjhcadd [2020-08-08]
S3 klvssbridge64_19.0.0; "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\x64\vssbridge64.exe" [X]
S2 McAfee WebAdvisor; "C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe" [X]
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [246912 2019-02-16] (Kaspersky Lab -> AO Kaspersky Lab)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [531584 2019-03-18] (Kaspersky Lab -> AO Kaspersky Lab)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [79768 2020-02-09] (Kaspersky Lab -> AO Kaspersky Lab)
S1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [145504 2020-02-09] (Kaspersky Lab -> AO Kaspersky Lab)
S1 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [93312 2019-03-12] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [1123664 2019-10-17] (Kaspersky Lab -> AO Kaspersky Lab)
S1 klim6; C:\Windows\System32\DRIVERS\klim6.sys [58192 2019-03-19] (Kaspersky Lab -> AO Kaspersky Lab)
S3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [79184 2019-03-18] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [59512 2019-03-18] (Kaspersky Lab -> AO Kaspersky Lab)
S1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [51328 2019-03-13] (Kaspersky Lab -> AO Kaspersky Lab)
S1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [81632 2017-11-07] (Kaspersky Lab -> AO Kaspersky Lab)
S1 klwfp; C:\Windows\System32\DRIVERS\klwfp.sys [105600 2019-03-05] (Kaspersky Lab -> AO Kaspersky Lab)
S1 klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [211048 2020-02-09] (Kaspersky Lab -> AO Kaspersky Lab)
S1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [232272 2019-03-19] (Kaspersky Lab -> AO Kaspersky Lab)
C:\ProgramData\Kaspersky Lab
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\47866901.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\47866901.sys => ""="Driver"

EmptyTemp:
End

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt


Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

Kaspersky by měl být pryč - Vyzkoušet , zda je to OK. Pokud ne , budeme pokračovat zítra.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

panzeleny
nováček
Příspěvky: 36
Registrován: duben 20
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu

Příspěvekod panzeleny » 10 srp 2020 00:04

Bohužel, problém přetrvává.

Z Revo uin. zmizelo z autospuštěni Mcafee.


Fix result of Farbar Recovery Scan Tool (x64) Version: 09-08-2020
Ran by AMD (09-08-2020 23:53:49) Run:1
Running from C:\Users\AMD\Desktop
Loaded Profiles: AMD
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
Task: {1A899619-FA76-49AD-AC37-B1A474C9E49E} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe
SearchScopes: HKU\S-1-5-21-1390535825-3822005023-847873152-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
CHR Extension: (Ochrana Kaspersky) - C:\Users\AMD\AppData\Local\Google\Chrome\User Data\Default\Extensions\amkpcclbbgegoafihnpgomddadjhcadd [2020-08-08]
S3 klvssbridge64_19.0.0; "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\x64\vssbridge64.exe" [X]
S2 McAfee WebAdvisor; "C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe" [X]
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [246912 2019-02-16] (Kaspersky Lab -> AO Kaspersky Lab)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [531584 2019-03-18] (Kaspersky Lab -> AO Kaspersky Lab)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [79768 2020-02-09] (Kaspersky Lab -> AO Kaspersky Lab)
S1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [145504 2020-02-09] (Kaspersky Lab -> AO Kaspersky Lab)
S1 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [93312 2019-03-12] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [1123664 2019-10-17] (Kaspersky Lab -> AO Kaspersky Lab)
S1 klim6; C:\Windows\System32\DRIVERS\klim6.sys [58192 2019-03-19] (Kaspersky Lab -> AO Kaspersky Lab)
S3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [79184 2019-03-18] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [59512 2019-03-18] (Kaspersky Lab -> AO Kaspersky Lab)
S1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [51328 2019-03-13] (Kaspersky Lab -> AO Kaspersky Lab)
S1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [81632 2017-11-07] (Kaspersky Lab -> AO Kaspersky Lab)
S1 klwfp; C:\Windows\System32\DRIVERS\klwfp.sys [105600 2019-03-05] (Kaspersky Lab -> AO Kaspersky Lab)
S1 klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [211048 2020-02-09] (Kaspersky Lab -> AO Kaspersky Lab)
S1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [232272 2019-03-19] (Kaspersky Lab -> AO Kaspersky Lab)
C:\ProgramData\Kaspersky Lab
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\47866901.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\47866901.sys => ""="Driver"

EmptyTemp:
End
*****************

Restore point was successfully created.
Processes closed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1A899619-FA76-49AD-AC37-B1A474C9E49E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1A899619-FA76-49AD-AC37-B1A474C9E49E}" => removed successfully
C:\Windows\System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}" => removed successfully
HKU\S-1-5-21-1390535825-3822005023-847873152-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} => removed successfully
CHR Extension: (Ochrana Kaspersky) - C:\Users\AMD\AppData\Local\Google\Chrome\User Data\Default\Extensions\amkpcclbbgegoafihnpgomddadjhcadd [2020-08-08] => Error: No automatic fix found for this entry.
HKLM\System\CurrentControlSet\Services\klvssbridge64_19.0.0 => removed successfully
klvssbridge64_19.0.0 => service removed successfully
HKLM\System\CurrentControlSet\Services\McAfee WebAdvisor => removed successfully
McAfee WebAdvisor => service removed successfully
cm_km => Service stopped successfully.
HKLM\System\CurrentControlSet\Services\cm_km => removed successfully
cm_km => service removed successfully
kl1 => Unable to stop service.
HKLM\System\CurrentControlSet\Services\kl1 => removed successfully
kl1 => service removed successfully
klbackupdisk => Unable to stop service.
HKLM\System\CurrentControlSet\Services\klbackupdisk => removed successfully
klbackupdisk => service removed successfully
"HKLM\System\CurrentControlSet\Control\Class\{71A27CDD-812A-11D0-BEC7-08002BE2092F}\\UpperFilters" => removed successfully
HKLM\System\CurrentControlSet\Services\klbackupflt => removed successfully
klbackupflt => service removed successfully
HKLM\System\CurrentControlSet\Services\kldisk => removed successfully
kldisk => service removed successfully
klhk => Unable to stop service.
HKLM\System\CurrentControlSet\Services\klhk => removed successfully
klhk => service removed successfully
HKLM\System\CurrentControlSet\Services\klim6 => removed successfully
klim6 => service removed successfully
HKLM\System\CurrentControlSet\Services\klkbdflt => removed successfully
klkbdflt => service removed successfully
klmouflt => Unable to stop service.
HKLM\System\CurrentControlSet\Services\klmouflt => removed successfully
klmouflt => service removed successfully
HKLM\System\CurrentControlSet\Control\Class\{4D36E96F-E325-11CE-BFC1-08002BE10318}\\UpperFilters klmouflt => value removed successfully
HKLM\System\CurrentControlSet\Services\klpd => removed successfully
klpd => service removed successfully
HKLM\System\CurrentControlSet\Services\kltdi => removed successfully
kltdi => service removed successfully
HKLM\System\CurrentControlSet\Services\klwfp => removed successfully
klwfp => service removed successfully
HKLM\System\CurrentControlSet\Services\klwtp => removed successfully
klwtp => service removed successfully
HKLM\System\CurrentControlSet\Services\kneps => removed successfully
kneps => service removed successfully
C:\ProgramData\Kaspersky Lab => moved successfully
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\47866901.sys => removed successfully
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\47866901.sys => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 48757444 B
Java, Flash, Steam htmlcache => 152793 B
Windows/system/drivers => 44392 B
Edge => 0 B
Chrome => 379020130 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 0 B
AMD => 3890863 B

RecycleBin => 0 B
EmptyTemp: => 419.9 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 23:54:31 ====

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43054
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu

Příspěvekod jaro3 » 10 srp 2020 16:57

Asi tam něco zbylo , co nebylo v logu.

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

panzeleny
nováček
Příspěvky: 36
Registrován: duben 20
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu

Příspěvekod panzeleny » 10 srp 2020 23:34

ComboFix 19-11-04.01 - AMD 10.08.2020 22:31:41.1.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.8189.6390 [GMT 2:00]
Spuštěný z: c:\users\AMD\Desktop\ComboFix.exe
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\security\logs\scecomp.log
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2020-07-10 do 2020-08-10 )))))))))))))))))))))))))))))))
.
.
2020-08-10 20:43 . 2020-08-10 20:43 -------- d-----w- c:\users\Default\AppData\Local\temp
2020-08-09 19:59 . 2020-08-09 21:55 -------- d-----w- C:\FRST
2020-08-08 21:38 . 2020-08-08 21:38 -------- d-----w- c:\program files\CrystalDiskInfo
2020-08-08 19:24 . 2020-08-08 19:24 -------- d-----w- c:\users\AMD\AppData\Local\Zemana
2020-08-08 19:24 . 2020-08-08 19:24 232792 ----a-w- c:\windows\system32\drivers\amsdk.sys
2020-08-08 19:24 . 2020-08-08 19:24 -------- d-----w- c:\program files (x86)\Zemana
2020-08-08 19:22 . 2020-08-08 19:24 -------- d-----w- c:\users\AMD\AppData\Local\AMSDK
2020-08-08 19:19 . 2020-08-10 20:43 -------- d-----w- c:\users\AMD\AppData\Local\Temp
2020-08-08 19:19 . 2014-02-13 21:59 24064 ----a-w- c:\windows\zoek-delete.exe
2020-08-08 19:02 . 2020-08-08 19:16 -------- d-----w- C:\zoek_backup
2020-08-08 10:37 . 2020-08-10 08:41 -------- d-----w- c:\program files\RogueKiller
2020-08-08 10:37 . 2020-08-08 10:42 -------- d-----w- c:\programdata\RogueKiller
2020-08-08 08:32 . 2020-08-08 08:32 -------- d-----w- c:\programdata\Sophos
2020-08-08 08:32 . 2020-08-08 08:32 -------- d-----w- c:\program files (x86)\Sophos
2020-08-07 21:36 . 2020-08-10 07:30 -------- d-----w- c:\users\AMD\AppData\Local\CrashDumps
2020-08-07 20:05 . 2020-08-07 20:08 -------- d-----w- C:\AdwCleaner
2020-08-07 20:00 . 2020-08-08 11:56 -------- d-----w- c:\users\AMD\AppData\Local\Adobe
2020-08-07 19:58 . 2020-08-07 19:58 -------- d-----w- c:\users\AMD\AppData\Local\CEF
2020-08-07 07:29 . 2020-08-07 07:29 248968 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2020-08-07 07:29 . 2020-08-07 07:29 153312 ----a-w- c:\windows\system32\drivers\mbae64.sys
2020-08-07 07:29 . 2020-08-07 07:29 -------- d-----w- c:\programdata\Malwarebytes
2020-08-07 07:28 . 2020-08-07 07:28 -------- d-----w- c:\program files\Malwarebytes
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2020-08-08 11:29 . 2019-06-13 16:33 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2020-08-08 11:29 . 2019-06-13 02:42 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2020-07-17 15:31 . 2019-06-13 02:42 348360 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2020-07-31 3377440]
"f.lux"="c:\users\AMD\AppData\Local\FluxSoftware\Flux\flux.exe" [2020-06-17 1469968]
"CCleaner Smart Cleaning"="c:\program files\CCleaner\CCleaner64.exe" [2020-06-17 28990136]
"Bloody2"="c:\program files (x86)\Bloody6\Bloody6\Bloody6.exe" [2019-06-13 15900912]
"DAEMON Tools Lite Automount"="c:\program files\DAEMON Tools Lite\DTAgent.exe" [2019-09-07 371304]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"HideSCAHealth"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;Malwarebytes Service;c:\program files\Malwarebytes\Anti-Malware\MBAMService.exe;c:\program files\Malwarebytes\Anti-Malware\MBAMService.exe [x]
R3 amdhub3;AMD USB 3.0 Hub;c:\windows\system32\drivers\amdhub3.sys;c:\windows\SYSNATIVE\drivers\amdhub3.sys [x]
R3 amdhub30;AMD USB 3.0 Hub Driver;c:\windows\system32\drivers\amdhub30.sys;c:\windows\SYSNATIVE\drivers\amdhub30.sys [x]
R3 amdhub31;AMD USB3.1 Hub Service;c:\windows\system32\drivers\amdhub31.sys;c:\windows\SYSNATIVE\drivers\amdhub31.sys [x]
R3 amdxhc;AMD USB 3.0 Host Controller Driver;c:\windows\system32\drivers\amdxhc.sys;c:\windows\SYSNATIVE\drivers\amdxhc.sys [x]
R3 amdxhc31;AMD XHCI Service;c:\windows\system32\drivers\amdxhc31.sys;c:\windows\SYSNATIVE\drivers\amdxhc31.sys [x]
R3 amdxhci;AMD USB3 Host Controller Driver;c:\windows\system32\drivers\amdxhci.sys;c:\windows\SYSNATIVE\drivers\amdxhci.sys [x]
R3 asmthub3;ASMedia USB3.1 Hub Service;c:\windows\system32\drivers\asmthub3.sys;c:\windows\SYSNATIVE\drivers\asmthub3.sys [x]
R3 asmtxhci;ASMedia XHCI Service;c:\windows\system32\drivers\asmtxhci.sys;c:\windows\SYSNATIVE\drivers\asmtxhci.sys [x]
R3 BEService;BattlEye Service;c:\program files (x86)\Common Files\BattlEye\BEService.exe;c:\program files (x86)\Common Files\BattlEye\BEService.exe [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 EasyAntiCheat;EasyAntiCheat;c:\program files (x86)\EasyAntiCheat\EasyAntiCheat.exe;c:\program files (x86)\EasyAntiCheat\EasyAntiCheat.exe [x]
R3 EtronSTOR;Etron Enhance USB BOT/UASP Mass Storage Driver;c:\windows\System32\Drivers\EtronSTOR.sys;c:\windows\SYSNATIVE\Drivers\EtronSTOR.sys [x]
R3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver;c:\windows\system32\drivers\FLxHCIc.sys;c:\windows\SYSNATIVE\drivers\FLxHCIc.sys [x]
R3 FLxHCIh;Fresco Logic xHCI (USB3) Hub Device Driver;c:\windows\system32\drivers\FLxHCIh.sys;c:\windows\SYSNATIVE\drivers\FLxHCIh.sys [x]
R3 GoogleChromeElevationService;Google Chrome Elevation Service;c:\program files (x86)\Google\Chrome\Application\84.0.4147.105\elevation_service.exe;c:\program files (x86)\Google\Chrome\Application\84.0.4147.105\elevation_service.exe [x]
R3 IaNVMe;IaNVMe;c:\windows\system32\drivers\IaNVMe.sys;c:\windows\SYSNATIVE\drivers\IaNVMe.sys [x]
R3 IaRNVMe;IaRNVMe;c:\windows\system32\drivers\IaRNVMe.sys;c:\windows\SYSNATIVE\drivers\IaRNVMe.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\drivers\iusb3hub.sys;c:\windows\SYSNATIVE\drivers\iusb3hub.sys [x]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\drivers\iusb3xhc.sys;c:\windows\SYSNATIVE\drivers\iusb3xhc.sys [x]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\System32\Drivers\mbamswissarmy.sys;c:\windows\SYSNATIVE\Drivers\mbamswissarmy.sys [x]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys;c:\windows\SYSNATIVE\drivers\nusb3hub.sys [x]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys;c:\windows\SYSNATIVE\drivers\nusb3xhc.sys [x]
R3 nvme;nvme;c:\windows\system32\drivers\nvme.sys;c:\windows\SYSNATIVE\drivers\nvme.sys [x]
R3 ocznvme;ocznvme;c:\windows\system32\drivers\ocznvme.sys;c:\windows\SYSNATIVE\drivers\ocznvme.sys [x]
R3 Origin Client Service;Origin Client Service;c:\program files (x86)\Origin\OriginClientService.exe;c:\program files (x86)\Origin\OriginClientService.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_xata.sys [x]
S0 IaNVMeF;IaNVMeF;c:\windows\system32\drivers\IaNVMeF.sys;c:\windows\SYSNATIVE\drivers\IaNVMeF.sys [x]
S0 IaRNVMeF;IaRNVMeF;c:\windows\system32\drivers\IaRNVMeF.sys;c:\windows\SYSNATIVE\drivers\IaRNVMeF.sys [x]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\drivers\iusb3hcs.sys;c:\windows\SYSNATIVE\drivers\iusb3hcs.sys [x]
S0 nvmeF;nvmeF;c:\windows\system32\drivers\nvmeF.sys;c:\windows\SYSNATIVE\drivers\nvmeF.sys [x]
S0 ocztrimfilter;SSD Device Filter;c:\windows\system32\drivers\ocztrimfilter.sys;c:\windows\SYSNATIVE\drivers\ocztrimfilter.sys [x]
S1 amsdk;AMSDK Driver;c:\windows\system32\drivers\amsdk.sys;c:\windows\SYSNATIVE\drivers\amsdk.sys [x]
S1 MEmuDrv;MemuHyperv Service;c:\windows\system32\DRIVERS\MEmuDrv.sys;c:\windows\SYSNATIVE\DRIVERS\MEmuDrv.sys [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 MEmuSVC;MEmuSVC;c:\program files (x86)\Microvirt\MEmu\MemuService.exe;c:\program files (x86)\Microvirt\MEmu\MemuService.exe [x]
S2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS;c:\program files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe;c:\program files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [x]
S2 Origin Web Helper Service;Origin Web Helper Service;c:\program files (x86)\Origin\OriginWebHelperService.exe;c:\program files (x86)\Origin\OriginWebHelperService.exe [x]
S3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service;c:\program files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe;c:\program files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [x]
S3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus;c:\windows\system32\DRIVERS\dtlitescsibus.sys;c:\windows\SYSNATIVE\DRIVERS\dtlitescsibus.sys [x]
S3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus;c:\windows\system32\DRIVERS\dtliteusbbus.sys;c:\windows\SYSNATIVE\DRIVERS\dtliteusbbus.sys [x]
S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\Drivers\EtronHub3.sys;c:\windows\SYSNATIVE\Drivers\EtronHub3.sys [x]
S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\Drivers\EtronXHCI.sys;c:\windows\SYSNATIVE\Drivers\EtronXHCI.sys [x]
S3 GeneStor;Genesys Logic Storage Driver;c:\windows\system32\DRIVERS\GeneStor.sys;c:\windows\SYSNATIVE\DRIVERS\GeneStor.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*Deregistered* - TrueSight
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr QWAVE wcncsvc
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - LocalSystemNetworkRestricted
WiaRpc
.
.
.
--------- X64 Entries -----------
.
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalSystemNetworkRestricted
WiaRpc
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = https://www.seznam.cz/
mLocal Page = c:\windows\SYSTEM32\blank.htm
TCP: DhcpNameServer = 10.0.0.138
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
AddRemove-{050d4fc8-5d48-4b8f-8972-47c82c46020f} - c:\programdata\Package Cache\{050d4fc8-5d48-4b8f-8972-47c82c46020f}\vcredist_x64.exe
AddRemove-{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f} - c:\programdata\Package Cache\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}\vcredist_x86.exe
AddRemove-{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6} - c:\programdata\Package Cache\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}\vcredist_x64.exe
AddRemove-{d992c12e-cab2-426f-bde3-fb8c53950b0d} - c:\programdata\Package Cache\{d992c12e-cab2-426f-bde3-fb8c53950b0d}\VC_redist.x64.exe
AddRemove-{e2803110-78b3-4664-a479-3611a381656a} - c:\programdata\Package Cache\{e2803110-78b3-4664-a479-3611a381656a}\VC_redist.x86.exe
AddRemove-{f65db027-aff3-4070-886a-0d87064aabb1} - c:\programdata\Package Cache\{f65db027-aff3-4070-886a-0d87064aabb1}\vcredist_x86.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,7b,da,46,71,e2,5f,ed,48,bf,72,bd,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,7b,da,46,71,e2,5f,ed,48,bf,72,bd,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_32_0_0_238_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_32_0_0_238_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_32_0_0_238_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_32_0_0_238_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_32_0_0_238.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.32"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_32_0_0_238.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_32_0_0_238.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_32_0_0_238.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\AVAST Software]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2020-08-10 22:58:08
ComboFix-quarantined-files.txt 2020-08-10 20:58
.
Před spuštěním: Volných bajtů: 429 207 359 488
Po spuštění: Volných bajtů: 429 065 347 072
.
- - End Of File - - 56B6F6DD3C97A8F73064E54ED7B86085
A36C5E4F47E84449FF07ED3517B43A31

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43054
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu

Příspěvekod jaro3 » 11 srp 2020 17:45

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::
KillAll::
RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_32_0_0_238_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_32_0_0_238_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_32_0_0_238_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_32_0_0_238_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_32_0_0_238.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.32"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_32_0_0_238.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_32_0_0_238.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_32_0_0_238.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\AVAST Software]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\PCW\Security]
@Denied: (Full) (Everyone)



Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Stáhni si z některého odkazu SystemLook
SystemLook (32-bit)
http://images.malwareremoval.com/jpshor ... emLook.exe


SystemLook (64-bit)
http://images.malwareremoval.com/jpshor ... ok_x64.exe

a ulož si ho na plochu.

Poklepej na stažený SystemLook , zkopíruj do hlavního text. okna tento následující text:

Kód: Vybrat vše

:filefind
klbackupflt.*
klim6.*
klpd.*
kltdi.*
klwfp.*
klwtp.*
kneps.*

:folderfind
Avast
Kaspersky

:regfind
Kaspersky
Avast
klbackupflt
klim6
klpd
kltdi
klwfp
klwtp
kneps


Klikni na Look ke startu skenu. Když program skončí objeví se v poznámkovém bloku zpráva skenu. Zkopíruj sem celý jeho obsah. Log se také nachází na ploše pod názvem SystemLook.txt.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

panzeleny
nováček
Příspěvky: 36
Registrován: duben 20
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu

Příspěvekod panzeleny » 11 srp 2020 23:01

Po Combo fixu to vypadalo jako by to fungovalo, ale ve spodní liště vpravo nenaběhlo par programů Steam, flux, Malware, Rogue. nezobrazuji se tam. Ani neběží na pozadí.

Bohužel to teď už nemohu znovu vyzkoušet. Pokusím se brzy ráno.







ComboFix 19-11-04.01 - AMD 11.08.2020 22:35:32.2.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.8189.6313 [GMT 2:00]
Spuštěný z: c:\users\AMD\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\AMD\Desktop\CFScript.txt
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\security\logs\scecomp.log
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2020-07-11 do 2020-08-11 )))))))))))))))))))))))))))))))
.
.
2020-08-11 20:40 . 2020-08-11 20:40 41616 ----a-w- c:\windows\system32\drivers\rkflt.sys
2020-08-11 20:40 . 2020-08-11 20:40 38032 ----a-w- c:\windows\system32\drivers\truesight.sys
2020-08-11 20:40 . 2020-08-11 20:40 216056 ----a-w- c:\windows\system32\drivers\MbamChameleon.sys
2020-08-11 20:40 . 2020-08-11 20:40 -------- d-----w- c:\users\Default\AppData\Local\temp
2020-08-09 19:59 . 2020-08-09 21:55 -------- d-----w- C:\FRST
2020-08-08 21:38 . 2020-08-08 21:38 -------- d-----w- c:\program files\CrystalDiskInfo
2020-08-08 19:24 . 2020-08-08 19:24 -------- d-----w- c:\users\AMD\AppData\Local\Zemana
2020-08-08 19:24 . 2020-08-08 19:24 232792 ----a-w- c:\windows\system32\drivers\amsdk.sys
2020-08-08 19:24 . 2020-08-08 19:24 -------- d-----w- c:\program files (x86)\Zemana
2020-08-08 19:22 . 2020-08-08 19:24 -------- d-----w- c:\users\AMD\AppData\Local\AMSDK
2020-08-08 19:19 . 2020-08-11 20:40 -------- d-----w- c:\users\AMD\AppData\Local\Temp
2020-08-08 19:19 . 2014-02-13 21:59 24064 ----a-w- c:\windows\zoek-delete.exe
2020-08-08 19:02 . 2020-08-08 19:16 -------- d-----w- C:\zoek_backup
2020-08-08 10:37 . 2020-08-10 08:41 -------- d-----w- c:\program files\RogueKiller
2020-08-08 10:37 . 2020-08-08 10:42 -------- d-----w- c:\programdata\RogueKiller
2020-08-08 08:32 . 2020-08-08 08:32 -------- d-----w- c:\programdata\Sophos
2020-08-08 08:32 . 2020-08-08 08:32 -------- d-----w- c:\program files (x86)\Sophos
2020-08-07 21:36 . 2020-08-10 07:30 -------- d-----w- c:\users\AMD\AppData\Local\CrashDumps
2020-08-07 20:05 . 2020-08-07 20:08 -------- d-----w- C:\AdwCleaner
2020-08-07 20:00 . 2020-08-08 11:56 -------- d-----w- c:\users\AMD\AppData\Local\Adobe
2020-08-07 19:58 . 2020-08-07 19:58 -------- d-----w- c:\users\AMD\AppData\Local\CEF
2020-08-07 07:29 . 2020-08-07 07:29 248968 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2020-08-07 07:29 . 2020-08-07 07:29 153312 ----a-w- c:\windows\system32\drivers\mbae64.sys
2020-08-07 07:29 . 2020-08-07 07:29 -------- d-----w- c:\programdata\Malwarebytes
2020-08-07 07:28 . 2020-08-07 07:28 -------- d-----w- c:\program files\Malwarebytes
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2020-08-08 11:29 . 2019-06-13 16:33 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2020-08-08 11:29 . 2019-06-13 02:42 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2020-07-17 15:31 . 2019-06-13 02:42 348360 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2020-07-31 3377440]
"f.lux"="c:\users\AMD\AppData\Local\FluxSoftware\Flux\flux.exe" [2020-06-17 1469968]
"CCleaner Smart Cleaning"="c:\program files\CCleaner\CCleaner64.exe" [2020-06-17 28990136]
"Bloody2"="c:\program files (x86)\Bloody6\Bloody6\Bloody6.exe" [2019-06-13 15900912]
"DAEMON Tools Lite Automount"="c:\program files\DAEMON Tools Lite\DTAgent.exe" [2019-09-07 371304]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"HideSCAHealth"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 amdhub3;AMD USB 3.0 Hub;c:\windows\system32\drivers\amdhub3.sys;c:\windows\SYSNATIVE\drivers\amdhub3.sys [x]
R3 amdhub30;AMD USB 3.0 Hub Driver;c:\windows\system32\drivers\amdhub30.sys;c:\windows\SYSNATIVE\drivers\amdhub30.sys [x]
R3 amdhub31;AMD USB3.1 Hub Service;c:\windows\system32\drivers\amdhub31.sys;c:\windows\SYSNATIVE\drivers\amdhub31.sys [x]
R3 amdxhc;AMD USB 3.0 Host Controller Driver;c:\windows\system32\drivers\amdxhc.sys;c:\windows\SYSNATIVE\drivers\amdxhc.sys [x]
R3 amdxhc31;AMD XHCI Service;c:\windows\system32\drivers\amdxhc31.sys;c:\windows\SYSNATIVE\drivers\amdxhc31.sys [x]
R3 amdxhci;AMD USB3 Host Controller Driver;c:\windows\system32\drivers\amdxhci.sys;c:\windows\SYSNATIVE\drivers\amdxhci.sys [x]
R3 asmthub3;ASMedia USB3.1 Hub Service;c:\windows\system32\drivers\asmthub3.sys;c:\windows\SYSNATIVE\drivers\asmthub3.sys [x]
R3 asmtxhci;ASMedia XHCI Service;c:\windows\system32\drivers\asmtxhci.sys;c:\windows\SYSNATIVE\drivers\asmtxhci.sys [x]
R3 BEService;BattlEye Service;c:\program files (x86)\Common Files\BattlEye\BEService.exe;c:\program files (x86)\Common Files\BattlEye\BEService.exe [x]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service;c:\program files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe;c:\program files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 EasyAntiCheat;EasyAntiCheat;c:\program files (x86)\EasyAntiCheat\EasyAntiCheat.exe;c:\program files (x86)\EasyAntiCheat\EasyAntiCheat.exe [x]
R3 EtronSTOR;Etron Enhance USB BOT/UASP Mass Storage Driver;c:\windows\System32\Drivers\EtronSTOR.sys;c:\windows\SYSNATIVE\Drivers\EtronSTOR.sys [x]
R3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver;c:\windows\system32\drivers\FLxHCIc.sys;c:\windows\SYSNATIVE\drivers\FLxHCIc.sys [x]
R3 FLxHCIh;Fresco Logic xHCI (USB3) Hub Device Driver;c:\windows\system32\drivers\FLxHCIh.sys;c:\windows\SYSNATIVE\drivers\FLxHCIh.sys [x]
R3 GoogleChromeElevationService;Google Chrome Elevation Service;c:\program files (x86)\Google\Chrome\Application\84.0.4147.125\elevation_service.exe;c:\program files (x86)\Google\Chrome\Application\84.0.4147.125\elevation_service.exe [x]
R3 IaNVMe;IaNVMe;c:\windows\system32\drivers\IaNVMe.sys;c:\windows\SYSNATIVE\drivers\IaNVMe.sys [x]
R3 IaRNVMe;IaRNVMe;c:\windows\system32\drivers\IaRNVMe.sys;c:\windows\SYSNATIVE\drivers\IaRNVMe.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\drivers\iusb3hub.sys;c:\windows\SYSNATIVE\drivers\iusb3hub.sys [x]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\drivers\iusb3xhc.sys;c:\windows\SYSNATIVE\drivers\iusb3xhc.sys [x]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys;c:\windows\SYSNATIVE\drivers\nusb3hub.sys [x]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys;c:\windows\SYSNATIVE\drivers\nusb3xhc.sys [x]
R3 nvme;nvme;c:\windows\system32\drivers\nvme.sys;c:\windows\SYSNATIVE\drivers\nvme.sys [x]
R3 ocznvme;ocznvme;c:\windows\system32\drivers\ocznvme.sys;c:\windows\SYSNATIVE\drivers\ocznvme.sys [x]
R3 Origin Client Service;Origin Client Service;c:\program files (x86)\Origin\OriginClientService.exe;c:\program files (x86)\Origin\OriginClientService.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 rusb3hub;Renesas Electronics USB 3.0 Hub Driver (Version 3.0);c:\windows\system32\drivers\rusb3hub.sys;c:\windows\SYSNATIVE\drivers\rusb3hub.sys [x]
R3 rusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver (Version 3.0);c:\windows\system32\drivers\rusb3xhc.sys;c:\windows\SYSNATIVE\drivers\rusb3xhc.sys [x]
R3 stornvme;stornvme;c:\windows\system32\drivers\stornvme.sys;c:\windows\SYSNATIVE\drivers\stornvme.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 tihub3;TI USB3 Hub Service;c:\windows\system32\drivers\tihub3.sys;c:\windows\SYSNATIVE\drivers\tihub3.sys [x]
R3 tilfilter;TI xHCI Lower Filter Driver Service;c:\windows\system32\drivers\TIxHCIlfilter.sys;c:\windows\SYSNATIVE\drivers\TIxHCIlfilter.sys [x]
R3 tiufilter;TI xHCI Upper Filter Driver Service;c:\windows\system32\drivers\TIxHCIufilter.sys;c:\windows\SYSNATIVE\drivers\TIxHCIufilter.sys [x]
R3 tixhci;TI XHCI Service;c:\windows\system32\drivers\tixhci.sys;c:\windows\SYSNATIVE\drivers\tixhci.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 VUSB3HUB;VIA USB 3 Root Hub Service;c:\windows\system32\drivers\ViaHub3.sys;c:\windows\SYSNATIVE\drivers\ViaHub3.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WiaRpc;Události načítání snímků;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 xhcdrv;VIA USB eXtensible Host Controller Service;c:\windows\system32\drivers\xhcdrv.sys;c:\windows\SYSNATIVE\drivers\xhcdrv.sys [x]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_xata.sys [x]
S0 IaNVMeF;IaNVMeF;c:\windows\system32\drivers\IaNVMeF.sys;c:\windows\SYSNATIVE\drivers\IaNVMeF.sys [x]
S0 IaRNVMeF;IaRNVMeF;c:\windows\system32\drivers\IaRNVMeF.sys;c:\windows\SYSNATIVE\drivers\IaRNVMeF.sys [x]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\drivers\iusb3hcs.sys;c:\windows\SYSNATIVE\drivers\iusb3hcs.sys [x]
S0 nvmeF;nvmeF;c:\windows\system32\drivers\nvmeF.sys;c:\windows\SYSNATIVE\drivers\nvmeF.sys [x]
S0 ocztrimfilter;SSD Device Filter;c:\windows\system32\drivers\ocztrimfilter.sys;c:\windows\SYSNATIVE\drivers\ocztrimfilter.sys [x]
S1 amsdk;AMSDK Driver;c:\windows\system32\drivers\amsdk.sys;c:\windows\SYSNATIVE\drivers\amsdk.sys [x]
S1 MEmuDrv;MemuHyperv Service;c:\windows\system32\DRIVERS\MEmuDrv.sys;c:\windows\SYSNATIVE\DRIVERS\MEmuDrv.sys [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 MBAMChameleon;MBAMChameleon;c:\windows\System32\Drivers\MbamChameleon.sys;c:\windows\SYSNATIVE\Drivers\MbamChameleon.sys [x]
S2 MBAMService;Malwarebytes Service;c:\program files\Malwarebytes\Anti-Malware\MBAMService.exe;c:\program files\Malwarebytes\Anti-Malware\MBAMService.exe [x]
S2 MEmuSVC;MEmuSVC;c:\program files (x86)\Microvirt\MEmu\MemuService.exe;c:\program files (x86)\Microvirt\MEmu\MemuService.exe [x]
S2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS;c:\program files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe;c:\program files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [x]
S2 Origin Web Helper Service;Origin Web Helper Service;c:\program files (x86)\Origin\OriginWebHelperService.exe;c:\program files (x86)\Origin\OriginWebHelperService.exe [x]
S2 rkrtservice;RogueKiller RTP;c:\program files\RogueKiller\RogueKillerSvc.exe;c:\program files\RogueKiller\RogueKillerSvc.exe [x]
S3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus;c:\windows\system32\DRIVERS\dtlitescsibus.sys;c:\windows\SYSNATIVE\DRIVERS\dtlitescsibus.sys [x]
S3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus;c:\windows\system32\DRIVERS\dtliteusbbus.sys;c:\windows\SYSNATIVE\DRIVERS\dtliteusbbus.sys [x]
S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\Drivers\EtronHub3.sys;c:\windows\SYSNATIVE\Drivers\EtronHub3.sys [x]
S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\Drivers\EtronXHCI.sys;c:\windows\SYSNATIVE\Drivers\EtronXHCI.sys [x]
S3 GeneStor;Genesys Logic Storage Driver;c:\windows\system32\DRIVERS\GeneStor.sys;c:\windows\SYSNATIVE\DRIVERS\GeneStor.sys [x]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\System32\Drivers\mbamswissarmy.sys;c:\windows\SYSNATIVE\Drivers\mbamswissarmy.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - MBAMCHAMELEON
*Deregistered* - RkFlt
*Deregistered* - TrueSight
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr QWAVE wcncsvc
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - LocalSystemNetworkRestricted
WiaRpc
.
.
.
--------- X64 Entries -----------
.
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalSystemNetworkRestricted
WiaRpc
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = https://www.seznam.cz/
mLocal Page = c:\windows\SYSTEM32\blank.htm
TCP: DhcpNameServer = 10.0.0.138
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
AddRemove-{050d4fc8-5d48-4b8f-8972-47c82c46020f} - c:\programdata\Package Cache\{050d4fc8-5d48-4b8f-8972-47c82c46020f}\vcredist_x64.exe
AddRemove-{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f} - c:\programdata\Package Cache\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}\vcredist_x86.exe
AddRemove-{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6} - c:\programdata\Package Cache\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}\vcredist_x64.exe
AddRemove-{d992c12e-cab2-426f-bde3-fb8c53950b0d} - c:\programdata\Package Cache\{d992c12e-cab2-426f-bde3-fb8c53950b0d}\VC_redist.x64.exe
AddRemove-{e2803110-78b3-4664-a479-3611a381656a} - c:\programdata\Package Cache\{e2803110-78b3-4664-a479-3611a381656a}\VC_redist.x86.exe
AddRemove-{f65db027-aff3-4070-886a-0d87064aabb1} - c:\programdata\Package Cache\{f65db027-aff3-4070-886a-0d87064aabb1}\vcredist_x86.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,7b,da,46,71,e2,5f,ed,48,bf,72,bd,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,7b,da,46,71,e2,5f,ed,48,bf,72,bd,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_32_0_0_238_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_32_0_0_238_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\AVAST Software]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\SysWOW64\PnkBstrA.exe
.
**************************************************************************
.
Celkový čas: 2020-08-11 22:42:21 - počítač byl restartován
ComboFix-quarantined-files.txt 2020-08-11 20:42
ComboFix2.txt 2020-08-10 20:58
.
Před spuštěním: Volných bajtů: 425 613 565 952
Po spuštění: Volných bajtů: 425 509 224 448
.
- - End Of File - - D4C3D353B88BC4F6A358E042F4B1352C
A36C5E4F47E84449FF07ED3517B43A31

panzeleny
nováček
Příspěvky: 36
Registrován: duben 20
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu

Příspěvekod panzeleny » 11 srp 2020 23:01

SystemLook 30.07.11 by jpshortstuff
Log created at 22:47 on 11/08/2020 by AMD
Administrator - Elevation successful

========== filefind ==========

Searching for "klbackupflt.*"
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\klbackupflt.cat --a-s-- 8529 bytes [12:27 25/08/2019] [13:44 08/08/2019] 99AEF11E3226161BCF8F5AC2EC35F954
C:\Windows\System32\drivers\klbackupflt.sys --a---- 145504 bytes [05:48 09/02/2020] [05:48 09/02/2020] B6F007D2C9DEA23AD0B66FF2811587F3

Searching for "klim6.*"
C:\Windows\System32\drivers\klim6.sys --a---- 58192 bytes [05:21 19/03/2019] [05:21 19/03/2019] 067618420EE11E4D50A6CAB3123BDAB5
C:\Windows\System32\DriverStore\FileRepository\klim6.inf_amd64_neutral_8103e346a1a19994\klim6.cat --a---- 8566 bytes [13:44 08/08/2019] [13:44 08/08/2019] 6949BF120E3BC1573F0508322AA491C4
C:\Windows\System32\DriverStore\FileRepository\klim6.inf_amd64_neutral_8103e346a1a19994\klim6.inf --a---- 2674 bytes [13:44 08/08/2019] [13:44 08/08/2019] 0AF3931B1F849A909D1F6F9E0B6E4FF2
C:\Windows\System32\DriverStore\FileRepository\klim6.inf_amd64_neutral_8103e346a1a19994\klim6.PNF --a---- 8452 bytes [12:27 25/08/2019] [12:27 25/08/2019] 645AD27073917523A2A177C6506DA9C0
C:\Windows\System32\DriverStore\FileRepository\klim6.inf_amd64_neutral_8103e346a1a19994\klim6.sys --a---- 56144 bytes [13:44 08/08/2019] [13:44 08/08/2019] 09C89883AFF120DEFF59FB85B502AB9B
C:\Windows\System32\DriverStore\FileRepository\klim6.inf_amd64_neutral_95706fe59ff6923b\klim6.cat --a---- 8854 bytes [05:21 19/03/2019] [05:21 19/03/2019] B00DBFC51570047DCAB03041233D8975
C:\Windows\System32\DriverStore\FileRepository\klim6.inf_amd64_neutral_95706fe59ff6923b\klim6.inf --a---- 2675 bytes [05:14 19/03/2019] [05:14 19/03/2019] A920C5B8FB6F3093BF1A7D997E3C9B25
C:\Windows\System32\DriverStore\FileRepository\klim6.inf_amd64_neutral_95706fe59ff6923b\klim6.PNF --a---- 8452 bytes [07:01 16/04/2020] [07:01 16/04/2020] 54A2D1C1D87EB5B3A77042E16F93151B
C:\Windows\System32\DriverStore\FileRepository\klim6.inf_amd64_neutral_95706fe59ff6923b\klim6.sys --a---- 58192 bytes [05:21 19/03/2019] [05:21 19/03/2019] 067618420EE11E4D50A6CAB3123BDAB5

Searching for "klpd.*"
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\klpd.cat --a-s-- 8476 bytes [12:27 25/08/2019] [13:44 08/08/2019] 10113327269B99876281ED15E727D157
C:\Windows\System32\drivers\klpd.sys --a---- 51328 bytes [23:45 12/03/2019] [23:45 12/03/2019] 5B8DCC0AF048586E1F1719A2506021CF

Searching for "kltdi.*"
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\kltdi.cat --a-s-- 8374 bytes [12:27 25/08/2019] [21:56 07/11/2017] 65DA0A4C7828A0B56957A243477BB52D
C:\Windows\System32\drivers\kltdi.sys --a---- 81632 bytes [21:56 07/11/2017] [21:56 07/11/2017] D4D67FDAFC981E3FCC376B4548697EB8

Searching for "klwfp.*"
C:\Windows\System32\drivers\klwfp.sys --a---- 105600 bytes [00:00 05/03/2019] [00:00 05/03/2019] 048D6367FA3670D153FDF50F6C33DA0F

Searching for "klwtp.*"
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\klwtp.cat --a-s-- 8476 bytes [12:27 25/08/2019] [13:44 08/08/2019] 770E68055FB4DD3A0278E302288FC14D
C:\Windows\System32\drivers\klwtp.sys --a---- 211048 bytes [05:48 09/02/2020] [05:48 09/02/2020] C765B5D5E3180B46798AD4485670C74B

Searching for "kneps.*"
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\kneps.cat --a-s-- 8568 bytes [12:27 25/08/2019] [13:44 08/08/2019] 920BB1A06915B1499D29B3DDE09DBCBD
C:\Windows\System32\drivers\kneps.sys --a---- 232272 bytes [00:31 19/03/2019] [00:31 19/03/2019] 2213BD1A96F04A8A71A68C9329D67D13

========== folderfind ==========

Searching for "Avast"
C:\ProgramData\AVAST Software\Persistent Data\Avast d------ [11:51 19/07/2019]
C:\Users\All Users\AVAST Software\Persistent Data\Avast d------ [11:51 19/07/2019]

Searching for "Kaspersky"
No folders found.

========== regfind ==========

Searching for "Kaspersky"
[HKEY_CURRENT_USER\Software\KasperskyLabSetup]
[HKEY_CURRENT_USER\Software\KasperskyLabSetup\Setup20.0.14.1085.0.2090.0]
"TrashFiles"="C:\ProgramData\Kaspersky Lab Setup Files\KFA20.0.14.1085.0.2090.0
C:\ProgramData\Kaspersky Lab Setup Files\KFA
C:\ProgramData\Kaspersky Lab Setup Files\KFA\index.txt
C:\Users\AMD\Desktop\Nainstalovat produkt Kaspersky Free verze 20.0.14.1085.lnk
"
[HKEY_CURRENT_USER\Software\KasperskyLabSetup\Setup20.0.14.1085.0.4701.0]
"TrashFiles"="C:\ProgramData\Kaspersky Lab Setup Files\KFA\index.txt
C:\ProgramData\Kaspersky Lab Setup Files\KFA\index-bases-x64.txt
C:\ProgramData\Kaspersky Lab Setup Files\KFA\index-kleaner.txt
C:\ProgramData\Kaspersky Lab Setup Files\KFA20.0.14.1085.0.4701.0\eula_cs-cz.txt
C:\ProgramData\Kaspersky Lab Setup Files\KFA20.0.14.1085.0.4701.0\eula_gdpr_cs-cz.txt
C:\ProgramData\Kaspersky Lab Setup Files\KFA20.0.14.1085.0.4701.0\ksn_antispam_cs-cz.txt
C:\ProgramData\Kaspersky Lab Setup Files\KFA20.0.14.1085.0.4701.0\ksn_cs-cz.txt
C:\ProgramData\Kaspersky Lab Setup Files\KFA20.0.14.1085.0.4701.0\ksn_ep_cs-cz.txt
C:\ProgramData\Kaspersky Lab Setup Files\KFA20.0.14.1085.0.4701.0\ksn_marketing_cs-cz.txt
C:\ProgramData\Kaspersky Lab Setup Files\KFA20.0.14.1085.0.4701.0\ksde_eula_cs-cz.txt
C:\ProgramData\Kaspersky Lab Setup Files\KFA20.0.14.1085.0.4701.0\ksde_eula_gdpr_cs-cz.txt
C:\ProgramData\Kaspersky Lab Setup Files\KFA20.0.14.1085.0.4701.0\
[HKEY_CURRENT_USER\Software\KasperskyLabSetup\Setup20.0.14.1085.0.4701.0]
"AppCommandLine"=""C:\ProgramData\Kaspersky Lab Setup Files\KFA20.0.14.1085.0.4701.0\au_setup_A544C54D-7FAF-11EA-B4E7-902B34A84B83\startup.exe" -auto_update_mode="C:\Users\AMD\Downloads\kfa20.0.14.1085abccs_20888.exe" /-self_remove -l=cs-CZ -xpos=671 -ypos=256 -prevsetupver=20.0.14.1085.0.2090.0 -prevsetuppatch=c"
[HKEY_CURRENT_USER\Software\KasperskyLabSetup\Setup20.0.14.1085.0.4701.0\volatile]
"DDRootIndexFileUrlList"="1https://dm.s.kaspersky-labs.com/cs-CZ/KFA/20.0.14.1085/x64/;http://dm.kaspersky-labs.com/cs-CZ/KFA/20.0.14.1085/x64/
"
[HKEY_CURRENT_USER\Software\KasperskyLabSetup\Setup20.0.14.1085.0.4701.0\volatile]
"DFL_FileMappings"="kleaner.cab;C:\ProgramData\Kaspersky Lab Setup Files\KFA20.0.14.1085.0.4701.0\kleaner.cab;kleaner.cab;0;1;product.msi;product.msi;product.msi;0;0;"
[HKEY_CURRENT_USER\Software\KasperskyLabSetup\Setup20.0.14.1085.0.4701.0\volatile]
"DFL_MappedFolder"="C:\ProgramData\Kaspersky Lab Setup Files\KFA20.0.14.1085.0.4701.0"
[HKEY_CURRENT_USER\Software\KasperskyLabSetup\Setup20.0.14.1085.0.4701.0\volatile]
"DFL_OriginalFolder"="C:\ProgramData\Kaspersky Lab Setup Files\KFA20.0.14.1085.0.4701.0"
[HKEY_CURRENT_USER\Software\KasperskyLabSetup\Setup20.0.14.1085.0.4701.0\volatile]
"IndexState"="20.0.14.1085.0.4701.0
https://dm.s.kaspersky-labs.com/cs-CZ/K ... .1085/x64/
http://dm.kaspersky-labs.com/cs-CZ/KFA/ ... .1085/x64/
40
https://dm.s.kaspersky-labs.com/cs-CZ/K ... .1085/x64/
0
0
?
0
https://dm.s.kaspersky-labs.com/cs-CZ/K ... _cs-cz.txt
40211
0
8cfdc22af8ca21192095303829e9c4e0

https://dm.s.kaspersky-labs.com/cs-CZ/K ... _cs-cz.txt
56544
0
06982eced0e5e43c858bf80cf0f580db

https://dm.s.kaspersky-labs.com/cs-CZ/K ... _cs-cz.txt
39138
0
0a46717a5dc10c075bb57fe7ce0ad35d

https://dm.s.kaspersky-labs.com/cs-CZ/K ... _cs-cz.txt
48902
0
3a06c350c91c4aad407247c93ae421f4

https://dm.s.kaspersky-labs.com/cs-CZ/K ... _cs-cz.txt
16054
0
4cbe3a516fa9c0bd583252a6003907e2

https://dm.s.kaspersky-labs.com/cs-CZ/K ... _cs-cz.txt
6708
0
57dfe14e1ac1680eb81ef07f4327ab26

https://dm.s.k
[HKEY_CURRENT_USER\Software\KasperskyLabSetup\Setup20.0.14.1085.0.4701.0\volatile]
"VerifiedSignaturesOk"="1
C:\ProgramData\Kaspersky Lab Setup Files\KFA20.0.14.1085.0.4701.0\product.msi
"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1390535825-3822005023-847873152-1000\SOFTWARE\KasperskyLab]
[HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Users\AMD\Desktop\KVRT.exe"="Kaspersky Virus Removal Tool"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{01D7D203-BF4B-4E4E-8DE9-169082FA6386}\InprocServer32]
@="C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\x64\mcou.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2E729E38-CE12-4050-A1A6-6432AB2403A5}\InprocServer32]
@="C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\x64\office_antivirus.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{480135C4-4227-4480-9528-50FF779652DB}\InprocServer32]
@="C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\x64\antimalware_provider.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{49E3A777-5E8E-4725-ABBC-71673BDE08B3}]
@="Kaspersky JavascriptApi"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{49E3A777-5E8E-4725-ABBC-71673BDE08B3}\InprocServer32]
@="C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\x64\IEExt\ie_plugin.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{49E3A777-5E8E-4725-ABBC-71673BDE08B3}\ProgID]
@="Kaspersky.IeVirtualKeyboardPlugin.JavascriptApi.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{49E3A777-5E8E-4725-ABBC-71673BDE08B3}\VersionIndependentProgID]
@="Kaspersky.IeVirtualKeyboardPlugin.JavascriptApi"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7461DB24-611D-40C2-ACD8-7113E4335D6D}\InprocServer32]
@="C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\x64\mcou.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7461DB24-611D-40C2-ACD8-7113E4335D6D}\ToolboxBitmap32]
@="C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\x64\mcou.dll, 102"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AF5D4E49-9037-4119-9718-59D17C7CF216}\InprocServer32]
@="C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\x64\mcou.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B2575F56-4E67-45D7-A5F7-0850B330E5BE}\InprocServer32]
@="C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\x64\mcou.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B2575F56-4E67-45D7-A5F7-0850B330E5BE}\ToolboxBitmap32]
@="C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\x64\mcou.dll, 102"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B9CB0852-34E8-473B-BE2B-4004234F0847}\LocalServer32]
@=""C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\x64\vssbridge64.exe""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\KasperskyBackupFolder]
[HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\NativeMessagingHosts\com.kaspersky.amkpcclbbgegoafihnpgomddadjhcadd.host]
[HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\NativeMessagingHosts\com.kaspersky.amkpcclbbgegoafihnpgomddadjhcadd.host]
@="C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\plugins.chrome.manifest"
[HKEY_LOCAL_MACHINE\SOFTWARE\KasperskyLab]
[HKEY_LOCAL_MACHINE\SOFTWARE\KasperskyLab\ExternalPlugins\kiskavpure]
"light_plugin_F88CEF8523DE460F9FA1D6E48BF8D340@kaspersky.com_iid"="381F8798-46BD-F44D-B045-3E45E70CBD87"
[HKEY_LOCAL_MACHINE\SOFTWARE\KasperskyLab\ExternalPlugins\kiskavpure]
"{755D388B-420B-4692-A974-84AAF0E577D3}"="C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Outlook\Addins\OutlookKLAvPlg.Addin_25135DE3-BB52-4185-9E7D-A72F82E5A224]
"FriendlyName"="Kaspersky Outlook Anti-Virus Addin"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\ProgramData\Kaspersky Lab\"="1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\StartMenu\KSDE\"="1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\StartMenu\"="1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\ProgramData\Kaspersky Lab\AVP20.0\Bases\"="1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\ProgramData\Kaspersky Lab\AVP20.0\Report\Database\"="1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\ProgramData\Kaspersky Lab\AVP20.0\Report\"="1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 20.0\"="1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 20.0\klimx64\"="1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 20.0\x64\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
"{755D388B-420B-4692-A974-84AAF0E577D3}"="Scan with Kaspersky Anti-Virus"
[HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\NativeMessagingHosts\com.kaspersky.light_plugin_F88CEF8523DE460F9FA1D6E48BF8D340.kaspersky.com.host]
[HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\NativeMessagingHosts\com.kaspersky.light_plugin_F88CEF8523DE460F9FA1D6E48BF8D340.kaspersky.com.host]
@="C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\plugins.firefox.manifest"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\NativeMessagingHosts\com.kaspersky.amkpcclbbgegoafihnpgomddadjhcadd.host]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\NativeMessagingHosts\com.kaspersky.amkpcclbbgegoafihnpgomddadjhcadd.host]
@="C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\plugins.chrome.manifest"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\KasperskyLab]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\KasperskyLab\ExternalPlugins\kiskavpure]
"light_plugin_F88CEF8523DE460F9FA1D6E48BF8D340@kaspersky.com_iid"="381F8798-46BD-F44D-B045-3E45E70CBD87"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\KasperskyLab\ExternalPlugins\kiskavpure]
"{755D388B-420B-4692-A974-84AAF0E577D3}"="C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\KasperskyLab\ExternalPlugins\kiskavpure\78B95FD6-F6C9-4BD9-9AAC-A093E259B3FD]
"DbgTraceFileFullName"="C:\ProgramData\Kaspersky Lab\KAV.19.0.0.1088g_08.25_14.27_4912.!pid!_!pref!.log"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\KasperskyLab\ExternalPlugins\kiskavpure\78B95FD6-F6C9-4BD9-9AAC-A093E259B3FD]
"KlipModuleFileName"="C:\ProgramData\Kaspersky Lab\AVP19.0.0\Bases\Cache\klip\klip32_65d64e7df8ad808bf293f3272ef7ac38.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\KasperskyLab\ExternalPlugins\kiskavpure\78B95FD6-F6C9-4BD9-9AAC-A093E259B3FD]
"KlipModuleFileName64"="C:\ProgramData\Kaspersky Lab\AVP19.0.0\Bases\Cache\klip\klip_9fd9120a5a513f5f7ca1681242a4da08.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Exchange\Client\Extensions]
"Kaspersky Mail Checker"="4.0;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\mcou.dll;1;10000111111100"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Outlook\Addins\OutlookKLAvPlg.Addin_25135DE3-BB52-4185-9E7D-A72F82E5A224]
"FriendlyName"="Kaspersky Outlook Anti-Virus Addin"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Mozilla\NativeMessagingHosts\com.kaspersky.light_plugin_F88CEF8523DE460F9FA1D6E48BF8D340.kaspersky.com.host]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Mozilla\NativeMessagingHosts\com.kaspersky.light_plugin_F88CEF8523DE460F9FA1D6E48BF8D340.kaspersky.com.host]
@="C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\plugins.firefox.manifest"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Swearware\backup\winsock2\Parameters\AppId_Catalog\329A428C]
"AppFullPath"="C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\avp.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Swearware\backup\winsock2\Parameters\AppId_Catalog\34B5A736]
"AppFullPath"="C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 20.0\avp.exe"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\BackupRestore\FilesNotToSnapshot]
"KLSSL_KAV"="C:\ProgramData\Kaspersky Lab\AVP19.0.0\Data\Cert\1.pkey"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}\0011]
"Manufacturer"="Kaspersky Security Data Escort Provider"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}\0011]
"ProductName"="Kaspersky Security Data Escort Adapter"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}\0011]
"ProviderName"="Kaspersky Security Data Escort Provider"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}\0011]
"DriverDesc"="Kaspersky Security Data Escort Adapter"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\Descriptions]
"Kaspersky Security Data Escort Adapter"="1"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4d36e974-e325-11ce-bfc1-08002be10318}\{C477F579-9F31-474D-86CC-E1567F0BFD1D}]
"LocDescription"="@oem42.inf,%klim6_desc%;Kaspersky Anti-Virus NDIS 6 Filter"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4d36e974-e325-11ce-bfc1-08002be10318}\{C477F579-9F31-474D-86CC-E1567F0BFD1D}]
"Description"="Kaspersky Anti-Virus NDIS 6 Filter"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4d36e974-e325-11ce-bfc1-08002be10318}\{C477F579-9F31-474D-86CC-E1567F0BFD1D}\Ndi]
"HelpText"="Kaspersky Anti-Virus Network Filter"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_CM_KM\0000]
"DeviceDesc"="AO Kaspersky Lab Cryptographic Module x64 (56 bit)"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_KLBACKUPDISK\0000]
"DeviceDesc"="Kaspersky Lab klbackupdisk"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_KLBACKUPFLT\0000]
"DeviceDesc"="Kaspersky Lab klbackupflt"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_KLGSE\0000]
"DeviceDesc"="Kaspersky Lab Security Extender Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_KLHK\0000]
"DeviceDesc"="Kaspersky Lab service driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_KLIM6\0000]
"DeviceDesc"="Kaspersky Anti-Virus NDIS 6 Filter"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_KLKBDFLT2\0000]
"DeviceDesc"="Kaspersky Lab KlKbdFlt2"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_KLPD\0000]
"DeviceDesc"="Kaspersky Lab format recognizer driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\NET\0000]
"Mfg"="@oem43.inf,%provider%;Kaspersky Security Data Escort Provider"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\NET\0000]
"DeviceDesc"="@oem43.inf,%devicedescription%;Kaspersky Security Data Escort Adapter"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AVP19.0.0]
"ImagePath"=""C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\avp.exe" -r"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AVP19.0.0]
"DisplayName"="Služba Kaspersky Anti-Virus 19.0.0"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\cm_km]
"DisplayName"="AO Kaspersky Lab Cryptographic Module x64 (56 bit)"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\cm_km]
"Description"="AO Kaspersky Lab Cryptographic Module x64 (56 bit)"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\kl1\Parameters\arkmon]
"RestartPath"="C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\avpui.exe"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\klbackupdisk]
"DisplayName"="Kaspersky Lab klbackupdisk"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\klbackupdisk]
"Description"="Kaspersky Lab volume filter"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\klbackupflt]
"DisplayName"="Kaspersky Lab klbackupflt"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\klbackupflt]
"Description"="Kaspersky Lab File Backup"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\klhk]
"DisplayName"="Kaspersky Lab service driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\klim6]
"DisplayName"="Kaspersky Anti-Virus NDIS 6 Filter"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\klim6]
"Description"="Kaspersky Anti-Virus NDIS 6 Filter"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\klkbdflt]
"DisplayName"="Kaspersky Lab KLKBDFLT"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\klkbdflt]
"Description"="Kaspersky Lab Keyboard Class Filter"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\klmouflt]
"DisplayName"="Kaspersky Lab KLMOUFLT"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\klmouflt]
"Description"="Kaspersky Lab Mouse Class Filter"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\klpd]
"DisplayName"="Kaspersky Lab format recognizer driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\kltap]
"DisplayName"="Kaspersky Security Data Escort Adapter"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\klvssbridge64_19.0.0]
"ImagePath"=""C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\x64\vssbridge64.exe""
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\kneps]
"idsbase"="C:\ProgramData\Kaspersky Lab\AVP19.0.0\Bases\idsdrop.dat"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\KSDE3.0.0]
"ImagePath"=""C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksde.exe" -r"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\KSDE3.0.0]
"DisplayName"="Služba Kaspersky Secure Connection 3.0.0"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WinSock2\Parameters\AppId_Catalog\329A428C]
"AppFullPath"="C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\avp.exe"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WinSock2\Parameters\AppId_Catalog\34B5A736]
"AppFullPath"="C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 20.0\avp.exe"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Network\{4d36e974-e325-11ce-bfc1-08002be10318}\{C477F579-9F31-474D-86CC-E1567F0BFD1D}]
"LocDescription"="@oem42.inf,%klim6_desc%;Kaspersky Anti-Virus NDIS 6 Filter"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Network\{4d36e974-e325-11ce-bfc1-08002be10318}\{C477F579-9F31-474D-86CC-E1567F0BFD1D}]
"Description"="Kaspersky Anti-Virus NDIS 6 Filter"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Network\{4d36e974-e325-11ce-bfc1-08002be10318}\{C477F579-9F31-474D-86CC-E1567F0BFD1D}\Ndi]
"HelpText"="Kaspersky Anti-Virus Network Filter"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_CM_KM\0000]
"DeviceDesc"="AO Kaspersky Lab Cryptographic Module x64 (56 bit)"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_KLBACKUPDISK\0000]
"DeviceDesc"="Kaspersky Lab klbackupdisk"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_KLBACKUPFLT\0000]
"DeviceDesc"="Kaspersky Lab klbackupflt"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_KLGSE\0000]
"DeviceDesc"="Kaspersky Lab Security Extender Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_KLHK\0000]
"DeviceDesc"="Kaspersky Lab service driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_KLIM6\0000]
"DeviceDesc"="Kaspersky Anti-Virus NDIS 6 Filter"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_KLKBDFLT2\0000]
"DeviceDesc"="Kaspersky Lab KlKbdFlt2"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_KLPD\0000]
"DeviceDesc"="Kaspersky Lab format recognizer driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\WinSock2\Parameters\AppId_Catalog\329A428C]
"AppFullPath"="C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\avp.exe"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\WinSock2\Parameters\AppId_Catalog\34B5A736]
"AppFullPath"="C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 20.0\avp.exe"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Network\{4d36e974-e325-11ce-bfc1-08002be10318}\{C477F579-9F31-474D-86CC-E1567F0BFD1D}]
"LocDescription"="@oem42.inf,%klim6_desc%;Kaspersky Anti-Virus NDIS 6 Filter"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Network\{4d36e974-e325-11ce-bfc1-08002be10318}\{C477F579-9F31-474D-86CC-E1567F0BFD1D}]
"Description"="Kaspersky Anti-Virus NDIS 6 Filter"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Network\{4d36e974-e325-11ce-bfc1-08002be10318}\{C477F579-9F31-474D-86CC-E1567F0BFD1D}\Ndi]
"HelpText"="Kaspersky Anti-Virus Network Filter"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_CM_KM\0000]
"DeviceDesc"="AO Kaspersky Lab Cryptographic Module x64 (56 bit)"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_KLBACKUPDISK\0000]
"DeviceDesc"="Kaspersky Lab klbackupdisk"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_KLBACKUPFLT\0000]
"DeviceDesc"="Kaspersky Lab klbackupflt"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_KLGSE\0000]
"DeviceDesc"="Kaspersky Lab Security Extender Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_KLHK\0000]
"DeviceDesc"="Kaspersky Lab service driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_KLIM6\0000]
"DeviceDesc"="Kaspersky Anti-Virus NDIS 6 Filter"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_KLKBDFLT2\0000]
"DeviceDesc"="Kaspersky Lab KlKbdFlt2"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_KLPD\0000]
"DeviceDesc"="Kaspersky Lab format recognizer driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\services\WinSock2\Parameters\AppId_Catalog\329A428C]
"AppFullPath"="C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\avp.exe"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\services\WinSock2\Parameters\AppId_Catalog\34B5A736]
"AppFullPath"="C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 20.0\avp.exe"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Network\{4d36e974-e325-11ce-bfc1-08002be10318}\{C477F579-9F31-474D-86CC-E1567F0BFD1D}]
"LocDescription"="@oem42.inf,%klim6_desc%;Kaspersky Anti-Virus NDIS 6 Filter"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Network\{4d36e974-e325-11ce-bfc1-08002be10318}\{C477F579-9F31-474D-86CC-E1567F0BFD1D}]
"Description"="Kaspersky Anti-Virus NDIS 6 Filter"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Network\{4d36e974-e325-11ce-bfc1-08002be10318}\{C477F579-9F31-474D-86CC-E1567F0BFD1D}\Ndi]
"HelpText"="Kaspersky Anti-Virus Network Filter"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CM_KM\0000]
"DeviceDesc"="AO Kaspersky Lab Cryptographic Module x64 (56 bit)"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_KLBACKUPDISK\0000]
"DeviceDesc"="Kaspersky Lab klbackupdisk"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_KLBACKUPFLT\0000]
"DeviceDesc"="Kaspersky Lab klbackupflt"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_KLGSE\0000]
"DeviceDesc"="Kaspersky Lab Security Extender Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_KLHK\0000]
"DeviceDesc"="Kaspersky Lab service driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_KLIM6\0000]
"DeviceDesc"="Kaspersky Anti-Virus NDIS 6 Filter"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_KLKBDFLT2\0000]
"DeviceDesc"="Kaspersky Lab KlKbdFlt2"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_KLPD\0000]
"DeviceDesc"="Kaspersky Lab format recognizer driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\WinSock2\Parameters\AppId_Catalog\329A428C]
"AppFullPath"="C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\avp.exe"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\WinSock2\Parameters\AppId_Catalog\34B5A736]
"AppFullPath"="C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 20.0\avp.exe"
[HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-18\Software\KasperskyLab]
[HKEY_USERS\S-1-5-21-1390535825-3822005023-847873152-1000\Software\KasperskyLabSetup]
[HKEY_USERS\S-1-5-21-1390535825-3822005023-847873152-1000\Software\KasperskyLabSetup\Setup20.0.14.1085.0.2090.0]
"TrashFiles"="C:\ProgramData\Kaspersky Lab Setup Files\KFA20.0.14.1085.0.2090.0
C:\ProgramData\Kaspersky Lab Setup Files\KFA
C:\ProgramData\Kaspersky Lab Setup Files\KFA\index.txt
C:\Users\AMD\Desktop\Nainstalovat produkt Kaspersky Free verze 20.0.14.1085.lnk
"
[HKEY_USERS\S-1-5-21-1390535825-3822005023-847873152-1000\Software\KasperskyLabSetup\Setup20.0.14.1085.0.4701.0]
"TrashFiles"="C:\ProgramData\Kaspersky Lab Setup Files\KFA\index.txt
C:\ProgramData\Kaspersky Lab Setup Files\KFA\index-bases-x64.txt
C:\ProgramData\Kaspersky Lab Setup Files\KFA\index-kleaner.txt
C:\ProgramData\Kaspersky Lab Setup Files\KFA20.0.14.1085.0.4701.0\eula_cs-cz.txt
C:\ProgramData\Kaspersky Lab Setup Files\KFA20.0.14.1085.0.4701.0\eula_gdpr_cs-cz.txt
C:\ProgramData\Kaspersky Lab Setup Files\KFA20.0.14.1085.0.4701.0\ksn_antispam_cs-cz.txt
C:\ProgramData\Kaspersky Lab Setup Files\KFA20.0.14.1085.0.4701.0\ksn_cs-cz.txt
C:\ProgramData\Kaspersky Lab Setup Files\KFA20.0.14.1085.0.4701.0\ksn_ep_cs-cz.txt
C:\ProgramData\Kaspersky Lab Setup Files\KFA20.0.14.1085.0.4701.0\ksn_marketing_cs-cz.txt
C:\ProgramData\Kaspersky Lab Setup Files\KFA20.0.14.1085.0.4701.0\ksde_eula_cs-cz.txt
C:\ProgramData\Kaspersky Lab Setup Files\KFA20.0.14.1085.0.4701.0\ksde_eula_gdpr_cs-cz.txt
C:\ProgramData\Kaspersky La
[HKEY_USERS\S-1-5-21-1390535825-3822005023-847873152-1000\Software\KasperskyLabSetup\Setup20.0.14.1085.0.4701.0]
"AppCommandLine"=""C:\ProgramData\Kaspersky Lab Setup Files\KFA20.0.14.1085.0.4701.0\au_setup_A544C54D-7FAF-11EA-B4E7-902B34A84B83\startup.exe" -auto_update_mode="C:\Users\AMD\Downloads\kfa20.0.14.1085abccs_20888.exe" /-self_remove -l=cs-CZ -xpos=671 -ypos=256 -prevsetupver=20.0.14.1085.0.2090.0 -prevsetuppatch=c"
[HKEY_USERS\S-1-5-21-1390535825-3822005023-847873152-1000\Software\KasperskyLabSetup\Setup20.0.14.1085.0.4701.0\volatile]
"DDRootIndexFileUrlList"="1https://dm.s.kaspersky-labs.com/cs-CZ/KFA/20.0.14.1085/x64/;http://dm.kaspersky-labs.com/cs-CZ/KFA/20.0.14.1085/x64/
"
[HKEY_USERS\S-1-5-21-1390535825-3822005023-847873152-1000\Software\KasperskyLabSetup\Setup20.0.14.1085.0.4701.0\volatile]
"DFL_FileMappings"="kleaner.cab;C:\ProgramData\Kaspersky Lab Setup Files\KFA20.0.14.1085.0.4701.0\kleaner.cab;kleaner.cab;0;1;product.msi;product.msi;product.msi;0;0;"
[HKEY_USERS\S-1-5-21-1390535825-3822005023-847873152-1000\Software\KasperskyLabSetup\Setup20.0.14.1085.0.4701.0\volatile]
"DFL_MappedFolder"="C:\ProgramData\Kaspersky Lab Setup Files\KFA20.0.14.1085.0.4701.0"
[HKEY_USERS\S-1-5-21-1390535825-3822005023-847873152-1000\Software\KasperskyLabSetup\Setup20.0.14.1085.0.4701.0\volatile]
"DFL_OriginalFolder"="C:\ProgramData\Kaspersky Lab Setup Files\KFA20.0.14.1085.0.4701.0"
[HKEY_USERS\S-1-5-21-1390535825-3822005023-847873152-1000\Software\KasperskyLabSetup\Setup20.0.14.1085.0.4701.0\volatile]
"IndexState"="20.0.14.1085.0.4701.0
https://dm.s.kaspersky-labs.com/cs-CZ/K ... .1085/x64/
http://dm.kaspersky-labs.com/cs-CZ/KFA/ ... .1085/x64/
40
https://dm.s.kaspersky-labs.com/cs-CZ/K ... .1085/x64/
0
0
?
0
https://dm.s.kaspersky-labs.com/cs-CZ/K ... _cs-cz.txt
40211
0
8cfdc22af8ca21192095303829e9c4e0

https://dm.s.kaspersky-labs.com/cs-CZ/K ... _cs-cz.txt
56544
0
06982eced0e5e43c858bf80cf0f580db

https://dm.s.kaspersky-labs.com/cs-CZ/K ... _cs-cz.txt
39138
0
0a46717a5dc10c075bb57fe7ce0ad35d

https://dm.s.kaspersky-labs.com/cs-CZ/K ... _cs-cz.txt
48902
0
3a06c350c91c4aad407247c93ae421f4

https://dm.s.kaspersky-labs.com/cs-CZ/K ... _cs-cz.txt
16054
0
4cbe3a516fa9c0bd583252a6003907e2

https://dm.s.kaspersky-labs.com/cs-CZ/K ... _cs-cz.txt
6708
0
57dfe14e1
[HKEY_USERS\S-1-5-21-1390535825-3822005023-847873152-1000\Software\KasperskyLabSetup\Setup20.0.14.1085.0.4701.0\volatile]
"VerifiedSignaturesOk"="1
C:\ProgramData\Kaspersky Lab Setup Files\KFA20.0.14.1085.0.4701.0\product.msi
"
[HKEY_USERS\S-1-5-21-1390535825-3822005023-847873152-1000\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1390535825-3822005023-847873152-1000\SOFTWARE\KasperskyLab]
[HKEY_USERS\S-1-5-21-1390535825-3822005023-847873152-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Users\AMD\Desktop\KVRT.exe"="Kaspersky Virus Removal Tool"
[HKEY_USERS\S-1-5-21-1390535825-3822005023-847873152-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Users\AMD\Desktop\KVRT.exe"="Kaspersky Virus Removal Tool"
[HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-18\Software\KasperskyLab]

Searching for "Avast"
[HKEY_CURRENT_USER\Software\AvastAdSDK]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\cb6f022_0]
@="{0.0.0.00000000}.{dcfd5e51-fe02-4b4e-a0c8-73befbbec446}|\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\AvastUI.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\d7efc37c_0]
@="{0.0.0.00000000}.{d7b68022-deeb-4ef7-bebe-4c4939eee549}|\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\AvastUI.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_CURRENT_USER\Software\Piriform\CCleaner]
"CookiesToSave"="*.avast.com|*.ccleaner.com|*.ccleanercloud.com|*.piriform.com|accounts.google.com|facebook.com|google.com|twitter.com|www.google.com|yahoo.com"
[HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Program Files\AVAST Software\Avast\AvastUI.exe"="Avast Antivirus"
[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\amd64_avast.vc140.crt_fcc99ee6193ebbca_14.0.27012.0_none_5ca6eb17137337f1]
[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\amd64_avast.vc140.mfc_fcc99ee6193ebbca_14.0.27012.0_none_6186ed0910476724]
[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\amd64_policy.14.0.avast.vc140.crt_fcc99ee6193ebbca_14.0.27012.0_none_4f95660acc611f2b]
[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\amd64_policy.14.0.avast.vc140.mfc_fcc99ee6193ebbca_14.0.27012.0_none_547567fcc9354e5e]
[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.27012.0_none_a45421ee27ef60f7]
[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_avast.vc140.mfc_fcc99ee6193ebbca_14.0.27012.0_none_a93423e024c3902a]
[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_policy.14.0.avast.vc140.crt_fcc99ee6193ebbca_14.0.27012.0_none_97429ce1e0dd4831]
[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_policy.14.0.avast.vc140.mfc_fcc99ee6193ebbca_14.0.27012.0_none_9c229ed3ddb17764]
[HKEY_LOCAL_MACHINE\SOFTWARE\AVAST Software]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\avast]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AvastPersistentStorage]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AvastPersistentStorage]
"InstupProgress_Description"="Odstraňuji soubor: C:\Program Files\AVAST Software\Avast\defs\19082404\engsup.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\amd64_avast.vc140.crt_fcc99ee6193ebbca_none_020285fe6d6e0580]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\amd64_avast.vc140.mfc_fcc99ee6193ebbca_none_018be6966dc83925]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\amd64_policy.14.0.avast.vc140.crt_fcc99ee6193ebbca_none_ef17e13d91c55d96]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\amd64_policy.14.0.avast.vc140.mfc_fcc99ee6193ebbca_none_eea141d5921f913b]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\x86_avast.vc140.crt_fcc99ee6193ebbca_none_49afbcd581ea2e86]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\x86_avast.vc140.mfc_fcc99ee6193ebbca_none_49391d6d8244622b]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\x86_policy.14.0.avast.vc140.crt_fcc99ee6193ebbca_none_36c51814a641869c]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\x86_policy.14.0.avast.vc140.mfc_fcc99ee6193ebbca_none_364e78aca69bba41]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\AVAST Software]
[HKEY_USERS\S-1-5-21-1390535825-3822005023-847873152-1000\Software\AvastAdSDK]
[HKEY_USERS\S-1-5-21-1390535825-3822005023-847873152-1000\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\cb6f022_0]
@="{0.0.0.00000000}.{dcfd5e51-fe02-4b4e-a0c8-73befbbec446}|\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\AvastUI.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-1390535825-3822005023-847873152-1000\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\d7efc37c_0]
@="{0.0.0.00000000}.{d7b68022-deeb-4ef7-bebe-4c4939eee549}|\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\AvastUI.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-1390535825-3822005023-847873152-1000\Software\Piriform\CCleaner]
"CookiesToSave"="*.avast.com|*.ccleaner.com|*.ccleanercloud.com|*.piriform.com|accounts.google.com|facebook.com|google.com|twitter.com|www.google.com|yahoo.com"
[HKEY_USERS\S-1-5-21-1390535825-3822005023-847873152-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Program Files\AVAST Software\Avast\AvastUI.exe"="Avast Antivirus"
[HKEY_USERS\S-1-5-21-1390535825-3822005023-847873152-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Program Files\AVAST Software\Avast\AvastUI.exe"="Avast Antivirus"

Searching for "klbackupflt"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_KLBACKUPFLT]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_KLBACKUPFLT\0000]
"Service"="klbackupflt"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_KLBACKUPFLT\0000]
"DeviceDesc"="Kaspersky Lab klbackupflt"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\klbackupflt]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\klbackupflt]
"ImagePath"="system32\DRIVERS\klbackupflt.sys"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\klbackupflt]
"DisplayName"="Kaspersky Lab klbackupflt"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\klbackupflt\Instances]
"DefaultInstance"="klbackupflt"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\klbackupflt\Instances\klbackupflt]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_KLBACKUPFLT]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_KLBACKUPFLT\0000]
"Service"="klbackupflt"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_KLBACKUPFLT\0000]
"DeviceDesc"="Kaspersky Lab klbackupflt"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_KLBACKUPFLT]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_KLBACKUPFLT\0000]
"Service"="klbackupflt"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_KLBACKUPFLT\0000]
"DeviceDesc"="Kaspersky Lab klbackupflt"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_KLBACKUPFLT]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_KLBACKUPFLT\0000]
"Service"="klbackupflt"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_KLBACKUPFLT\0000]
"DeviceDesc"="Kaspersky Lab klbackupflt"

Searching for "klim6"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4d36e974-e325-11ce-bfc1-08002be10318}\{C477F579-9F31-474D-86CC-E1567F0BFD1D}]
"LocDescription"="@oem42.inf,%klim6_desc%;Kaspersky Anti-Virus NDIS 6 Filter"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4d36e974-e325-11ce-bfc1-08002be10318}\{C477F579-9F31-474D-86CC-E1567F0BFD1D}]
"ComponentId"="KL_KLIM6"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4d36e974-e325-11ce-bfc1-08002be10318}\{C477F579-9F31-474D-86CC-E1567F0BFD1D}\Ndi]
"Service"="klim6"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4d36e974-e325-11ce-bfc1-08002be10318}\{C477F579-9F31-474D-86CC-E1567F0BFD1D}\Ndi]
"CoServices"="klim6"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_KLIM6]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_KLIM6\0000]
"Service"="klim6"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\klim6]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\klim6]
"ImagePath"="system32\DRIVERS\klim6.sys"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Network\{4d36e974-e325-11ce-bfc1-08002be10318}\{C477F579-9F31-474D-86CC-E1567F0BFD1D}]
"LocDescription"="@oem42.inf,%klim6_desc%;Kaspersky Anti-Virus NDIS 6 Filter"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Network\{4d36e974-e325-11ce-bfc1-08002be10318}\{C477F579-9F31-474D-86CC-E1567F0BFD1D}]
"ComponentId"="KL_KLIM6"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Network\{4d36e974-e325-11ce-bfc1-08002be10318}\{C477F579-9F31-474D-86CC-E1567F0BFD1D}\Ndi]
"Service"="klim6"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Network\{4d36e974-e325-11ce-bfc1-08002be10318}\{C477F579-9F31-474D-86CC-E1567F0BFD1D}\Ndi]
"CoServices"="klim6"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_KLIM6]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_KLIM6\0000]
"Service"="klim6"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Network\{4d36e974-e325-11ce-bfc1-08002be10318}\{C477F579-9F31-474D-86CC-E1567F0BFD1D}]
"LocDescription"="@oem42.inf,%klim6_desc%;Kaspersky Anti-Virus NDIS 6 Filter"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Network\{4d36e974-e325-11ce-bfc1-08002be10318}\{C477F579-9F31-474D-86CC-E1567F0BFD1D}]
"ComponentId"="KL_KLIM6"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Network\{4d36e974-e325-11ce-bfc1-08002be10318}\{C477F579-9F31-474D-86CC-E1567F0BFD1D}\Ndi]
"Service"="klim6"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Network\{4d36e974-e325-11ce-bfc1-08002be10318}\{C477F579-9F31-474D-86CC-E1567F0BFD1D}\Ndi]
"CoServices"="klim6"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_KLIM6]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_KLIM6\0000]
"Service"="klim6"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Network\{4d36e974-e325-11ce-bfc1-08002be10318}\{C477F579-9F31-474D-86CC-E1567F0BFD1D}]
"LocDescription"="@oem42.inf,%klim6_desc%;Kaspersky Anti-Virus NDIS 6 Filter"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Network\{4d36e974-e325-11ce-bfc1-08002be10318}\{C477F579-9F31-474D-86CC-E1567F0BFD1D}]
"ComponentId"="KL_KLIM6"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Network\{4d36e974-e325-11ce-bfc1-08002be10318}\{C477F579-9F31-474D-86CC-E1567F0BFD1D}\Ndi]
"Service"="klim6"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Network\{4d36e974-e325-11ce-bfc1-08002be10318}\{C477F579-9F31-474D-86CC-E1567F0BFD1D}\Ndi]
"CoServices"="klim6"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_KLIM6]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_KLIM6\0000]
"Service"="klim6"

Searching for "klpd"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6414876250E69FF3395387C6C7F05BEB\Features]
"F_clr_core_x86"="2bH9udR2w@L`!Fr`$CwYDQzPu~vx'9F^ni_KqNz+9l,AZ2=Od==bStauA7UO651Wahf$J?6$'Ljzqr]XUW_Fj~q*&=a3!?&$B@zoega71~IYj8_~KeH@`GKAKQ!rA=l'*@R=!x4mdBB2555wm_Ws,A,4)NYIS)^3371@1h}[29k2%^7Ue!5Fa.Sz7I0%J@9][OtBqH,PS7aGF133U@@L~e3E_!W58RG96tGaK7=Op!IddCh.THF2vH?mX8$wLa?34Batd9jN8CtMA@qO_*Y(+ugOKlpdoLtDJAd'FE+K)jeXL)Al=Uux)A(-~nF=+3R]tb!i?cL}K5JfOe1UB62Th`~G%L5]p8s%-jNkj)GrqKq$gAwGI?ndX&N49U]yx1,UDQ`,m3[Qr.6nm(7Y*}d%tm']37Rk`Af(6$oTIrIyKDcD5=6GK&'!OYSiQi5q&*uyJ=S&vBs[Xq51GTR%l&lAX?~9hzo4r6[eei&+{h25I6Fp(h96.8E4Cq@$d5ei692RhW!1(UyQ&[xZeI2R2=d!J^^?Yc*!wH~fxJ*4n?dIfn&9Qlf^v&YIVoM{{?oS'EbIDat6KBxYogCf5='IDFP1,qiq!uf7xGwZ^@1A{*6NWG1Rg$!3Tydk?=OvE,7M,l9!mgMduON(75qFPuRK!%UnEH+I7Ia?8A7mQRLlI3O3cnMg_?]d-=1}`c!}r5`uKL]XR^Ihg9'oDLa_BSRzgwL30M%x0AHCQz_lYm42-e,~GqoN}3y,r)x+)[Hq(!ym[FQtX?g7.~VS`)=X&7o97X_}w=EFi@)GL}iT?MW'MR^Kz?up(e)$634SNetFx_Full_x86"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_KLPD]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_KLPD\0000]
"Service"="klpd"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\klpd]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\klpd]
"ImagePath"="system32\DRIVERS\klpd.sys"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_KLPD]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_KLPD\0000]
"Service"="klpd"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_KLPD]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_KLPD\0000]
"Service"="klpd"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_KLPD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_KLPD\0000]
"Service"="klpd"

Searching for "kltdi"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_KLTDI]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_KLTDI\0000]
"Service"="kltdi"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_KLTDI\0000]
"DeviceDesc"="kltdi"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\kltdi]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\kltdi]
"ImagePath"="system32\DRIVERS\kltdi.sys"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\kltdi]
"DisplayName"="kltdi"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_KLTDI]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_KLTDI\0000]
"Service"="kltdi"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_KLTDI\0000]
"DeviceDesc"="kltdi"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_KLTDI]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_KLTDI\0000]
"Service"="kltdi"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_KLTDI\0000]
"DeviceDesc"="kltdi"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_KLTDI]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_KLTDI\0000]
"Service"="kltdi"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_KLTDI\0000]
"DeviceDesc"="kltdi"

Searching for "klwfp"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_KLWFP]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_KLWFP\0000]
"Service"="klwfp"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_KLWFP\0000]
"DeviceDesc"="klwfp"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\klwfp]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\klwfp]
"ImagePath"="system32\DRIVERS\klwfp.sys"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\klwfp]
"DisplayName"="klwfp"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_KLWFP]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_KLWFP\0000]
"Service"="klwfp"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_KLWFP\0000]
"DeviceDesc"="klwfp"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_KLWFP]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_KLWFP\0000]
"Service"="klwfp"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_KLWFP\0000]
"DeviceDesc"="klwfp"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_KLWFP]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_KLWFP\0000]
"Service"="klwfp"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_KLWFP\0000]
"DeviceDesc"="klwfp"

Searching for "klwtp"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_KLWTP]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_KLWTP\0000]
"Service"="klwtp"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_KLWTP\0000]
"DeviceDesc"="KLwtp - WFP callout traffic inspector"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\klwtp]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\klwtp]
"ImagePath"="system32\DRIVERS\klwtp.sys"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\klwtp]
"DisplayName"="KLwtp - WFP callout traffic inspector"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\klwtp]
"Description"="KLwtp - WFP callout traffic inspector"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_KLWTP]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_KLWTP\0000]
"Service"="klwtp"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_KLWTP\0000]
"DeviceDesc"="KLwtp - WFP callout traffic inspector"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_KLWTP]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_KLWTP\0000]
"Service"="klwtp"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_KLWTP\0000]
"DeviceDesc"="KLwtp - WFP callout traffic inspector"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_KLWTP]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_KLWTP\0000]
"Service"="klwtp"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_KLWTP\0000]
"DeviceDesc"="KLwtp - WFP callout traffic inspector"

Searching for "kneps"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_KNEPS]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_KNEPS\0000]
"Service"="kneps"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_KNEPS\0000]
"DeviceDesc"="kneps"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\kneps]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\kneps]
"ImagePath"="system32\DRIVERS\kneps.sys"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\kneps]
"DisplayName"="kneps"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_KNEPS]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_KNEPS\0000]
"Service"="kneps"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_KNEPS\0000]
"DeviceDesc"="kneps"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_KNEPS]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_KNEPS\0000]
"Service"="kneps"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_KNEPS\0000]
"DeviceDesc"="kneps"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_KNEPS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_KNEPS\0000]
"Service"="kneps"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_KNEPS\0000]
"DeviceDesc"="kneps"

-= EOF =-

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43054
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu

Příspěvekod jaro3 » 11 srp 2020 23:35

Obvykle stačí párkrát restart PC.

kaspersky je moc rozlezlej..

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

KillAll::
File::
C:\Windows\System32\drivers\klim6.sys
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\klpd.cat
C:\Windows\System32\drivers\klpd.sys
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\kltdi.cat
C:\Windows\System32\drivers\kltdi.sys
C:\Windows\System32\drivers\klwfp.sys
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\klwtp.cat
C:\Windows\System32\drivers\klwtp.sys
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\kneps.cat
C:\Windows\System32\drivers\kneps.sys
C:\Users\AMD\Desktop\Nainstalovat produkt Kaspersky Free verze 20.0.14.1085.lnk
C:\ProgramData\Kaspersky Lab Setup Files\KFA\index-bases-x64.txt
C:\ProgramData\Kaspersky Lab Setup Files\KFA\index-kleaner.txt
C:\ProgramData\Kaspersky Lab Setup Files\KFA20.0.14.1085.0.4701.0\eula_cs-cz.txt
C:\ProgramData\Kaspersky Lab Setup Files\KFA20.0.14.1085.0.4701.0\eula_gdpr_cs-cz.txt
C:\ProgramData\Kaspersky Lab Setup Files\KFA20.0.14.1085.0.4701.0\ksn_antispam_cs-cz.txt
C:\ProgramData\Kaspersky Lab Setup Files\KFA20.0.14.1085.0.4701.0\ksn_cs-cz.txt
C:\ProgramData\Kaspersky Lab Setup Files\KFA20.0.14.1085.0.4701.0\ksn_ep_cs-cz.txt
C:\ProgramData\Kaspersky Lab Setup Files\KFA20.0.14.1085.0.4701.0\ksn_marketing_cs-cz.txt
C:\ProgramData\Kaspersky Lab Setup Files\KFA20.0.14.1085.0.4701.0\ksde_eula_cs-cz.txt
C:\ProgramData\Kaspersky Lab Setup Files\KFA20.0.14.1085.0.4701.0\ksde_eula_gdpr_cs-cz.txt
C:\Users\AMD\Downloads\kfa20.0.14.1085abccs_20888.exe

Folder::
C:\ProgramData\AVAST Software\Persistent Data\Avast
C:\Users\All Users\AVAST Software\Persistent Data\Avast
C:\ProgramData\Kaspersky Lab Setup Files\KFA
C:\ProgramData\Kaspersky Lab Setup Files
C:\ProgramData\Kaspersky Lab Setup Files\KFA20.0.14.1085.0.4701.0\
C:\ProgramData\Kaspersky Lab Setup

Registry::
[-HKEY_CURRENT_USER\Software\KasperskyLabSetup]
[HKEY_CURRENT_USER\Software\KasperskyLabSetup\Setup20.0.14.1085.0.2090.0]
"TrashFiles"=-
[HKEY_CURRENT_USER\Software\KasperskyLabSetup\Setup20.0.14.1085.0.4701.0]
"TrashFiles"=-
[HKEY_CURRENT_USER\Software\KasperskyLabSetup\Setup20.0.14.1085.0.4701.0]
"AppCommandLine"=-
[-HKEY_CURRENT_USER\Software\KasperskyLabSetup\Setup20.0.14.1085.0.4701.0\volatile]
[-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1390535825-3822005023-847873152-1000\SOFTWARE\KasperskyLab]
[HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Users\AMD\Desktop\KVRT.exe"=-


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Pak ještě použij jejich nástroj:
https://support.kaspersky.com/common/uninstall/1464

Download the kavremover tool
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

panzeleny
nováček
Příspěvky: 36
Registrován: duben 20
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu

Příspěvekod panzeleny » 12 srp 2020 08:53

Zdá se že to funguje, vše naběhlo a internet byl okamžitě připojen ještě to zkusím 2x vypnout zapnout.

Z kasp. uinst. je vic logu mel jsem tam 2 programy (pravděpodobně KVRT a Antivirus.



ComboFix 19-11-04.01 - AMD 12.08.2020 8:12.3.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.8189.6543 [GMT 2:00]
Spuštěný z: c:\users\AMD\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\AMD\Desktop\CFScript.txt
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\programdata\Kaspersky Lab Setup Files\KFA\index-bases-x64.txt"
"c:\programdata\Kaspersky Lab Setup Files\KFA\index-kleaner.txt"
"c:\programdata\Kaspersky Lab Setup Files\KFA20.0.14.1085.0.4701.0\eula_cs-cz.txt"
"c:\programdata\Kaspersky Lab Setup Files\KFA20.0.14.1085.0.4701.0\eula_gdpr_cs-cz.txt"
"c:\programdata\Kaspersky Lab Setup Files\KFA20.0.14.1085.0.4701.0\ksde_eula_cs-cz.txt"
"c:\programdata\Kaspersky Lab Setup Files\KFA20.0.14.1085.0.4701.0\ksde_eula_gdpr_cs-cz.txt"
"c:\programdata\Kaspersky Lab Setup Files\KFA20.0.14.1085.0.4701.0\ksn_antispam_cs-cz.txt"
"c:\programdata\Kaspersky Lab Setup Files\KFA20.0.14.1085.0.4701.0\ksn_cs-cz.txt"
"c:\programdata\Kaspersky Lab Setup Files\KFA20.0.14.1085.0.4701.0\ksn_ep_cs-cz.txt"
"c:\programdata\Kaspersky Lab Setup Files\KFA20.0.14.1085.0.4701.0\ksn_marketing_cs-cz.txt"
"c:\users\AMD\Desktop\Nainstalovat produkt Kaspersky Free verze 20.0.14.1085.lnk"
"c:\users\AMD\Downloads\kfa20.0.14.1085abccs_20888.exe"
"c:\windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\klpd.cat"
"c:\windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\kltdi.cat"
"c:\windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\klwtp.cat"
"c:\windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\kneps.cat"
"c:\windows\System32\drivers\klim6.sys"
"c:\windows\System32\drivers\klpd.sys"
"c:\windows\System32\drivers\kltdi.sys"
"c:\windows\System32\drivers\klwfp.sys"
"c:\windows\System32\drivers\klwtp.sys"
"c:\windows\System32\drivers\kneps.sys"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\AVAST Software\Persistent Data\Avast
c:\programdata\AVAST Software\Persistent Data\Avast\Logs\AvEmUpdate.log
c:\programdata\AVAST Software\Persistent Data\Avast\Logs\event_manager.log
c:\programdata\AVAST Software\Persistent Data\Avast\Logs\Setup.log
c:\programdata\AVAST Software\Persistent Data\Avast\Logs\Update.log
c:\programdata\AVAST Software\Persistent Data\Avast\Logs\Update.log.old
c:\programdata\Kaspersky Lab Setup Files
c:\programdata\Kaspersky Lab Setup Files\KFA20.0.14.1085.0.4701.0\common.z
c:\programdata\Kaspersky Lab Setup Files\KFA20.0.14.1085.0.4701.0\corebases.cab
c:\programdata\Kaspersky Lab Setup Files\KFA20.0.14.1085.0.4701.0\corebasesx64.cab
c:\programdata\Kaspersky Lab Setup Files\KFA20.0.14.1085.0.4701.0\coreproduct.z
c:\programdata\Kaspersky Lab Setup Files\KFA20.0.14.1085.0.4701.0\coreproductgdpr.z
c:\programdata\Kaspersky Lab Setup Files\KFA20.0.14.1085.0.4701.0\coreproductnogdpr.z
c:\programdata\Kaspersky Lab Setup Files\KFA20.0.14.1085.0.4701.0\coreproductx64.z
c:\programdata\Kaspersky Lab Setup Files\KFA20.0.14.1085.0.4701.0\eula_cs-cz.txt
c:\programdata\Kaspersky Lab Setup Files\KFA20.0.14.1085.0.4701.0\eula_gdpr_cs-cz.txt
c:\programdata\Kaspersky Lab Setup Files\KFA20.0.14.1085.0.4701.0\instx64.z
c:\programdata\Kaspersky Lab Setup Files\KFA20.0.14.1085.0.4701.0\ipm.cab
c:\programdata\Kaspersky Lab Setup Files\KFA20.0.14.1085.0.4701.0\kleaner.cab
c:\programdata\Kaspersky Lab Setup Files\KFA20.0.14.1085.0.4701.0\ksde.cab
c:\programdata\Kaspersky Lab Setup Files\KFA20.0.14.1085.0.4701.0\ksde.cab.z
c:\programdata\Kaspersky Lab Setup Files\KFA20.0.14.1085.0.4701.0\ksde.msi
c:\programdata\Kaspersky Lab Setup Files\KFA20.0.14.1085.0.4701.0\ksde.msi.z
c:\programdata\Kaspersky Lab Setup Files\KFA20.0.14.1085.0.4701.0\ksde_corebases.cab
c:\programdata\Kaspersky Lab Setup Files\KFA20.0.14.1085.0.4701.0\ksde_coreproduct.z
c:\programdata\Kaspersky Lab Setup Files\KFA20.0.14.1085.0.4701.0\ksde_coreproductgdpr.z
c:\programdata\Kaspersky Lab Setup Files\KFA20.0.14.1085.0.4701.0\ksde_coreproductnogdpr.z
c:\programdata\Kaspersky Lab Setup Files\KFA20.0.14.1085.0.4701.0\ksde_eula_cs-cz.txt
c:\programdata\Kaspersky Lab Setup Files\KFA20.0.14.1085.0.4701.0\ksde_eula_gdpr_cs-cz.txt
c:\programdata\Kaspersky Lab Setup Files\KFA20.0.14.1085.0.4701.0\ksde_ipm.cab
c:\programdata\Kaspersky Lab Setup Files\KFA20.0.14.1085.0.4701.0\ksde_ksn_cs-cz.txt
c:\programdata\Kaspersky Lab Setup Files\KFA20.0.14.1085.0.4701.0\ksde_ksn_ep_cs-cz.txt
c:\programdata\Kaspersky Lab Setup Files\KFA20.0.14.1085.0.4701.0\ksde_ksn_marketing_cs-cz.txt
c:\programdata\Kaspersky Lab Setup Files\KFA20.0.14.1085.0.4701.0\ksde_rdp_cs-cz.txt
c:\programdata\Kaspersky Lab Setup Files\KFA20.0.14.1085.0.4701.0\ksde_x64.cab
c:\programdata\Kaspersky Lab Setup Files\KFA20.0.14.1085.0.4701.0\ksde_x64.cab.z
c:\programdata\Kaspersky Lab Setup Files\KFA20.0.14.1085.0.4701.0\ksn_antispam_cs-cz.txt
c:\programdata\Kaspersky Lab Setup Files\KFA20.0.14.1085.0.4701.0\ksn_cs-cz.txt
c:\programdata\Kaspersky Lab Setup Files\KFA20.0.14.1085.0.4701.0\ksn_ep_cs-cz.txt
c:\programdata\Kaspersky Lab Setup Files\KFA20.0.14.1085.0.4701.0\ksn_marketing_cs-cz.txt
c:\programdata\Kaspersky Lab Setup Files\KFA20.0.14.1085.0.4701.0\product.cab
c:\programdata\Kaspersky Lab Setup Files\KFA20.0.14.1085.0.4701.0\product.cab.z
c:\programdata\Kaspersky Lab Setup Files\KFA20.0.14.1085.0.4701.0\product.msi
c:\programdata\Kaspersky Lab Setup Files\KFA20.0.14.1085.0.4701.0\product.msi.z
c:\programdata\Kaspersky Lab Setup Files\KFA20.0.14.1085.0.4701.0\productbases.cab
c:\programdata\Kaspersky Lab Setup Files\KFA20.0.14.1085.0.4701.0\rdp_cs-cz.txt
c:\programdata\Kaspersky Lab Setup Files\KFA20.0.14.1085.0.4701.0\x64.cab
c:\programdata\Kaspersky Lab Setup Files\KFA20.0.14.1085.0.4701.0\x64.cab.z
c:\programdata\Kaspersky Lab Setup Files\KFA20.0.14.1085.0.4701.0\ztuu.z
c:\users\All Users\AVAST Software\Persistent Data\Avast\Logs\AvEmUpdate.log
c:\users\All Users\AVAST Software\Persistent Data\Avast\Logs\event_manager.log
c:\users\All Users\AVAST Software\Persistent Data\Avast\Logs\Setup.log
c:\users\All Users\AVAST Software\Persistent Data\Avast\Logs\Update.log
c:\users\All Users\AVAST Software\Persistent Data\Avast\Logs\Update.log.old
c:\windows\security\logs\scecomp.log
c:\windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\klpd.cat
c:\windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\kltdi.cat
c:\windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\klwtp.cat
c:\windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\kneps.cat
c:\windows\System32\drivers\klim6.sys
c:\windows\System32\drivers\klpd.sys
c:\windows\System32\drivers\kltdi.sys
c:\windows\System32\drivers\klwfp.sys
c:\windows\System32\drivers\klwtp.sys
c:\windows\System32\drivers\kneps.sys
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2020-07-12 do 2020-08-12 )))))))))))))))))))))))))))))))
.
.
2020-08-12 06:16 . 2020-08-12 06:16 41616 ----a-w- c:\windows\system32\drivers\rkflt.sys
2020-08-12 06:16 . 2020-08-12 06:16 38032 ----a-w- c:\windows\system32\drivers\truesight.sys
2020-08-12 06:16 . 2020-08-12 06:16 216056 ----a-w- c:\windows\system32\drivers\MbamChameleon.sys
2020-08-12 06:16 . 2020-08-12 06:16 -------- d-----w- c:\users\Default\AppData\Local\temp
2020-08-09 19:59 . 2020-08-09 21:55 -------- d-----w- C:\FRST
2020-08-08 21:38 . 2020-08-08 21:38 -------- d-----w- c:\program files\CrystalDiskInfo
2020-08-08 19:24 . 2020-08-08 19:24 -------- d-----w- c:\users\AMD\AppData\Local\Zemana
2020-08-08 19:24 . 2020-08-08 19:24 232792 ----a-w- c:\windows\system32\drivers\amsdk.sys
2020-08-08 19:24 . 2020-08-08 19:24 -------- d-----w- c:\program files (x86)\Zemana
2020-08-08 19:22 . 2020-08-08 19:24 -------- d-----w- c:\users\AMD\AppData\Local\AMSDK
2020-08-08 19:19 . 2020-08-12 06:16 -------- d-----w- c:\users\AMD\AppData\Local\Temp
2020-08-08 19:19 . 2014-02-13 21:59 24064 ----a-w- c:\windows\zoek-delete.exe
2020-08-08 19:02 . 2020-08-08 19:16 -------- d-----w- C:\zoek_backup
2020-08-08 10:37 . 2020-08-10 08:41 -------- d-----w- c:\program files\RogueKiller
2020-08-08 10:37 . 2020-08-08 10:42 -------- d-----w- c:\programdata\RogueKiller
2020-08-08 08:32 . 2020-08-08 08:32 -------- d-----w- c:\programdata\Sophos
2020-08-08 08:32 . 2020-08-08 08:32 -------- d-----w- c:\program files (x86)\Sophos
2020-08-07 21:36 . 2020-08-10 07:30 -------- d-----w- c:\users\AMD\AppData\Local\CrashDumps
2020-08-07 20:05 . 2020-08-07 20:08 -------- d-----w- C:\AdwCleaner
2020-08-07 20:00 . 2020-08-08 11:56 -------- d-----w- c:\users\AMD\AppData\Local\Adobe
2020-08-07 19:58 . 2020-08-07 19:58 -------- d-----w- c:\users\AMD\AppData\Local\CEF
2020-08-07 07:29 . 2020-08-07 07:29 248968 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2020-08-07 07:29 . 2020-08-07 07:29 153312 ----a-w- c:\windows\system32\drivers\mbae64.sys
2020-08-07 07:29 . 2020-08-07 07:29 -------- d-----w- c:\programdata\Malwarebytes
2020-08-07 07:28 . 2020-08-07 07:28 -------- d-----w- c:\program files\Malwarebytes
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2020-08-08 11:29 . 2019-06-13 16:33 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2020-08-08 11:29 . 2019-06-13 02:42 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2020-07-17 15:31 . 2019-06-13 02:42 348360 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2020-07-31 3377440]
"f.lux"="c:\users\AMD\AppData\Local\FluxSoftware\Flux\flux.exe" [2020-06-17 1469968]
"CCleaner Smart Cleaning"="c:\program files\CCleaner\CCleaner64.exe" [2020-06-17 28990136]
"Bloody2"="c:\program files (x86)\Bloody6\Bloody6\Bloody6.exe" [2019-06-13 15900912]
"DAEMON Tools Lite Automount"="c:\program files\DAEMON Tools Lite\DTAgent.exe" [2019-09-07 371304]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"HideSCAHealth"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 amdhub3;AMD USB 3.0 Hub;c:\windows\system32\drivers\amdhub3.sys;c:\windows\SYSNATIVE\drivers\amdhub3.sys [x]
R3 amdhub30;AMD USB 3.0 Hub Driver;c:\windows\system32\drivers\amdhub30.sys;c:\windows\SYSNATIVE\drivers\amdhub30.sys [x]
R3 amdhub31;AMD USB3.1 Hub Service;c:\windows\system32\drivers\amdhub31.sys;c:\windows\SYSNATIVE\drivers\amdhub31.sys [x]
R3 amdxhc;AMD USB 3.0 Host Controller Driver;c:\windows\system32\drivers\amdxhc.sys;c:\windows\SYSNATIVE\drivers\amdxhc.sys [x]
R3 amdxhc31;AMD XHCI Service;c:\windows\system32\drivers\amdxhc31.sys;c:\windows\SYSNATIVE\drivers\amdxhc31.sys [x]
R3 amdxhci;AMD USB3 Host Controller Driver;c:\windows\system32\drivers\amdxhci.sys;c:\windows\SYSNATIVE\drivers\amdxhci.sys [x]
R3 asmthub3;ASMedia USB3.1 Hub Service;c:\windows\system32\drivers\asmthub3.sys;c:\windows\SYSNATIVE\drivers\asmthub3.sys [x]
R3 asmtxhci;ASMedia XHCI Service;c:\windows\system32\drivers\asmtxhci.sys;c:\windows\SYSNATIVE\drivers\asmtxhci.sys [x]
R3 BEService;BattlEye Service;c:\program files (x86)\Common Files\BattlEye\BEService.exe;c:\program files (x86)\Common Files\BattlEye\BEService.exe [x]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service;c:\program files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe;c:\program files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 EasyAntiCheat;EasyAntiCheat;c:\program files (x86)\EasyAntiCheat\EasyAntiCheat.exe;c:\program files (x86)\EasyAntiCheat\EasyAntiCheat.exe [x]
R3 EtronSTOR;Etron Enhance USB BOT/UASP Mass Storage Driver;c:\windows\System32\Drivers\EtronSTOR.sys;c:\windows\SYSNATIVE\Drivers\EtronSTOR.sys [x]
R3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver;c:\windows\system32\drivers\FLxHCIc.sys;c:\windows\SYSNATIVE\drivers\FLxHCIc.sys [x]
R3 FLxHCIh;Fresco Logic xHCI (USB3) Hub Device Driver;c:\windows\system32\drivers\FLxHCIh.sys;c:\windows\SYSNATIVE\drivers\FLxHCIh.sys [x]
R3 GoogleChromeElevationService;Google Chrome Elevation Service;c:\program files (x86)\Google\Chrome\Application\84.0.4147.125\elevation_service.exe;c:\program files (x86)\Google\Chrome\Application\84.0.4147.125\elevation_service.exe [x]
R3 IaNVMe;IaNVMe;c:\windows\system32\drivers\IaNVMe.sys;c:\windows\SYSNATIVE\drivers\IaNVMe.sys [x]
R3 IaRNVMe;IaRNVMe;c:\windows\system32\drivers\IaRNVMe.sys;c:\windows\SYSNATIVE\drivers\IaRNVMe.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\drivers\iusb3hub.sys;c:\windows\SYSNATIVE\drivers\iusb3hub.sys [x]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\drivers\iusb3xhc.sys;c:\windows\SYSNATIVE\drivers\iusb3xhc.sys [x]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys;c:\windows\SYSNATIVE\drivers\nusb3hub.sys [x]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys;c:\windows\SYSNATIVE\drivers\nusb3xhc.sys [x]
R3 nvme;nvme;c:\windows\system32\drivers\nvme.sys;c:\windows\SYSNATIVE\drivers\nvme.sys [x]
R3 ocznvme;ocznvme;c:\windows\system32\drivers\ocznvme.sys;c:\windows\SYSNATIVE\drivers\ocznvme.sys [x]
R3 Origin Client Service;Origin Client Service;c:\program files (x86)\Origin\OriginClientService.exe;c:\program files (x86)\Origin\OriginClientService.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 rusb3hub;Renesas Electronics USB 3.0 Hub Driver (Version 3.0);c:\windows\system32\drivers\rusb3hub.sys;c:\windows\SYSNATIVE\drivers\rusb3hub.sys [x]
R3 rusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver (Version 3.0);c:\windows\system32\drivers\rusb3xhc.sys;c:\windows\SYSNATIVE\drivers\rusb3xhc.sys [x]
R3 stornvme;stornvme;c:\windows\system32\drivers\stornvme.sys;c:\windows\SYSNATIVE\drivers\stornvme.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 tihub3;TI USB3 Hub Service;c:\windows\system32\drivers\tihub3.sys;c:\windows\SYSNATIVE\drivers\tihub3.sys [x]
R3 tilfilter;TI xHCI Lower Filter Driver Service;c:\windows\system32\drivers\TIxHCIlfilter.sys;c:\windows\SYSNATIVE\drivers\TIxHCIlfilter.sys [x]
R3 tiufilter;TI xHCI Upper Filter Driver Service;c:\windows\system32\drivers\TIxHCIufilter.sys;c:\windows\SYSNATIVE\drivers\TIxHCIufilter.sys [x]
R3 tixhci;TI XHCI Service;c:\windows\system32\drivers\tixhci.sys;c:\windows\SYSNATIVE\drivers\tixhci.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 VUSB3HUB;VIA USB 3 Root Hub Service;c:\windows\system32\drivers\ViaHub3.sys;c:\windows\SYSNATIVE\drivers\ViaHub3.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WiaRpc;Události načítání snímků;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 xhcdrv;VIA USB eXtensible Host Controller Service;c:\windows\system32\drivers\xhcdrv.sys;c:\windows\SYSNATIVE\drivers\xhcdrv.sys [x]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_xata.sys [x]
S0 IaNVMeF;IaNVMeF;c:\windows\system32\drivers\IaNVMeF.sys;c:\windows\SYSNATIVE\drivers\IaNVMeF.sys [x]
S0 IaRNVMeF;IaRNVMeF;c:\windows\system32\drivers\IaRNVMeF.sys;c:\windows\SYSNATIVE\drivers\IaRNVMeF.sys [x]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\drivers\iusb3hcs.sys;c:\windows\SYSNATIVE\drivers\iusb3hcs.sys [x]
S0 nvmeF;nvmeF;c:\windows\system32\drivers\nvmeF.sys;c:\windows\SYSNATIVE\drivers\nvmeF.sys [x]
S0 ocztrimfilter;SSD Device Filter;c:\windows\system32\drivers\ocztrimfilter.sys;c:\windows\SYSNATIVE\drivers\ocztrimfilter.sys [x]
S1 amsdk;AMSDK Driver;c:\windows\system32\drivers\amsdk.sys;c:\windows\SYSNATIVE\drivers\amsdk.sys [x]
S1 MEmuDrv;MemuHyperv Service;c:\windows\system32\DRIVERS\MEmuDrv.sys;c:\windows\SYSNATIVE\DRIVERS\MEmuDrv.sys [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 MBAMChameleon;MBAMChameleon;c:\windows\System32\Drivers\MbamChameleon.sys;c:\windows\SYSNATIVE\Drivers\MbamChameleon.sys [x]
S2 MBAMService;Malwarebytes Service;c:\program files\Malwarebytes\Anti-Malware\MBAMService.exe;c:\program files\Malwarebytes\Anti-Malware\MBAMService.exe [x]
S2 MEmuSVC;MEmuSVC;c:\program files (x86)\Microvirt\MEmu\MemuService.exe;c:\program files (x86)\Microvirt\MEmu\MemuService.exe [x]
S2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS;c:\program files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe;c:\program files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [x]
S2 Origin Web Helper Service;Origin Web Helper Service;c:\program files (x86)\Origin\OriginWebHelperService.exe;c:\program files (x86)\Origin\OriginWebHelperService.exe [x]
S2 rkrtservice;RogueKiller RTP;c:\program files\RogueKiller\RogueKillerSvc.exe;c:\program files\RogueKiller\RogueKillerSvc.exe [x]
S3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus;c:\windows\system32\DRIVERS\dtlitescsibus.sys;c:\windows\SYSNATIVE\DRIVERS\dtlitescsibus.sys [x]
S3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus;c:\windows\system32\DRIVERS\dtliteusbbus.sys;c:\windows\SYSNATIVE\DRIVERS\dtliteusbbus.sys [x]
S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\Drivers\EtronHub3.sys;c:\windows\SYSNATIVE\Drivers\EtronHub3.sys [x]
S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\Drivers\EtronXHCI.sys;c:\windows\SYSNATIVE\Drivers\EtronXHCI.sys [x]
S3 GeneStor;Genesys Logic Storage Driver;c:\windows\system32\DRIVERS\GeneStor.sys;c:\windows\SYSNATIVE\DRIVERS\GeneStor.sys [x]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\System32\Drivers\mbamswissarmy.sys;c:\windows\SYSNATIVE\Drivers\mbamswissarmy.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - MBAMCHAMELEON
*Deregistered* - RkFlt
*Deregistered* - TrueSight
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr QWAVE wcncsvc
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - LocalSystemNetworkRestricted
WiaRpc
.
.
.
--------- X64 Entries -----------
.
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalSystemNetworkRestricted
WiaRpc
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = https://www.seznam.cz/
mLocal Page = c:\windows\SYSTEM32\blank.htm
TCP: DhcpNameServer = 10.0.0.138
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
AddRemove-{050d4fc8-5d48-4b8f-8972-47c82c46020f} - c:\programdata\Package Cache\{050d4fc8-5d48-4b8f-8972-47c82c46020f}\vcredist_x64.exe
AddRemove-{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f} - c:\programdata\Package Cache\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}\vcredist_x86.exe
AddRemove-{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6} - c:\programdata\Package Cache\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}\vcredist_x64.exe
AddRemove-{d992c12e-cab2-426f-bde3-fb8c53950b0d} - c:\programdata\Package Cache\{d992c12e-cab2-426f-bde3-fb8c53950b0d}\VC_redist.x64.exe
AddRemove-{e2803110-78b3-4664-a479-3611a381656a} - c:\programdata\Package Cache\{e2803110-78b3-4664-a479-3611a381656a}\VC_redist.x86.exe
AddRemove-{f65db027-aff3-4070-886a-0d87064aabb1} - c:\programdata\Package Cache\{f65db027-aff3-4070-886a-0d87064aabb1}\vcredist_x86.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,7b,da,46,71,e2,5f,ed,48,bf,72,bd,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,7b,da,46,71,e2,5f,ed,48,bf,72,bd,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_32_0_0_238_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_32_0_0_238_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\AVAST Software]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\SysWOW64\PnkBstrA.exe
.
**************************************************************************
.
Celkový čas: 2020-08-12 08:18:28 - počítač byl restartován
ComboFix-quarantined-files.txt 2020-08-12 06:18
ComboFix2.txt 2020-08-11 20:42
ComboFix3.txt 2020-08-10 20:58
.
Před spuštěním: Volných bajtů: 425 666 740 224
Po spuštění: Volných bajtů: 425 539 235 840
.
- - End Of File - - 0A155809DFA43C5675FE57F634621AAB
A36C5E4F47E84449FF07ED3517B43A31


Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 13 hostů