Prosím o kontrolu logu,FF je pomalý,seká se..správce úloh Vyřešeno

[KamilaS]

RogueKiller V11.0.9.0 [Jan 24 2016] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/software/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno : Normální režim
Uživatel : kamca [Práva správce]
Started from : C:\Users\kamca\Desktop\PC V?CI\RogueKiller.exe
Mód : Smazat -- Datum : 01/27/2016 15:41:20

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 1 ¤¤¤
[PUM.HomePage] HKEY_USERS\S-1-5-21-4212083821-3544417083-1912268888-1000\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.edna.cz/legends-of-tomorrow/videa/ -> Nahrazeno (http://go.microsoft.com/fwlink/p/?LinkId=255141)

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 0 ¤¤¤

¤¤¤ Antirootkit : 2 (Driver: Nahrán) ¤¤¤
[SSDT:Inl(Hook.SSDT)] ZwDeleteAtom[99] : C:\Windows\System32\win32k.sys @ 0xffffffff998b7e76 (call dword [0x82f70d14])
[SSDT:Inl(Hook.SSDT)] ZwFlushWriteBuffer[129] : C:\Windows\System32\halmacpi.dll @ 0xffffffff82e1b468 (call dword [0x82e470b4])

¤¤¤ Webové prohlížeče : 3 ¤¤¤
[FIREFX:Addon] jeba2s35.default : YouTube mp3 [info@youtube-mp3.org] -> Smazáno
[FIREFX:Addon] jeba2s35.default : Pin It button [jid1-YcMV6ngYmQRA2w@jetpack] -> Smazáno
[PUM.HomePage][FIREFX:Config] jeba2s35.default : user_pref("browser.startup.homepage", "http://www.pc-help.cz/viewtopic.php?f=70&t=169115&p=1329916#p1329916"); -> Nahrazeno (about:home)

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: WDC WD10EALX-009BA0 ATA Device +++++
--- User ---
[MBR] 6986e884cb3b2f28300adee70fd3c2b6
[BSP] da6ca8bfc332d8b697f854e6bb8b6f7c : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 953767 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: Generic- SD/MMC USB Device +++++
Error reading User MBR! ([15] Za?ízení není p?ipraveno. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Po?adavek není podporován. )

+++++ PhysicalDrive2: Generic- Compact Flash USB Device +++++
Error reading User MBR! ([15] Za?ízení není p?ipraveno. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Po?adavek není podporován. )

+++++ PhysicalDrive3: Generic- SM/xD-Picture USB Device +++++
Error reading User MBR! ([15] Za?ízení není p?ipraveno. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Po?adavek není podporován. )

+++++ PhysicalDrive4: Generic- MS/MS-Pro USB Device +++++
Error reading User MBR! ([15] Za?ízení není p?ipraveno. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Po?adavek není podporován. )

[Reklama]

[KamilaS]

Zoek.exe v5.0.0.1 Updated 31-December-2015
Tool run by kamca on st 27.01.2016 at 16:03:02,23.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\kamca\Desktop\PC VĚCI\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2016-01-27-145411.log 1603 bytes

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\kamca\AppData\Roaming\Mozilla\Firefox\Profiles\jeba2s35.default\prefs.js:

Added to C:\Users\kamca\AppData\Roaming\Mozilla\Firefox\Profiles\jeba2s35.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Deleting Files \ Folders ======================

C:\Users\kamca\AppData\Roaming\Aegisub deleted
C:\dotNetFx40_Full_x86_x64.exe deleted
C:\windows6.1-KB976932-X86.exe deleted
C:\PROGRA~2\Package Cache deleted
C:\Users\kamca\AppData\Roaming\Mozilla\Firefox\Profiles\jeba2s35.default\Invalidprefs.js deleted
C:\Users\kamca\AppData\Roaming\Mozilla\Firefox\Profiles\jeba2s35.default\jetpack deleted

==== Orphaned Tasks deleted from Registry ======================

Opera N deleted
Opera N Saturday deleted
Opera N Sunday deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\kamca\AppData\Roaming\Mozilla\Firefox\Profiles\jeba2s35.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions ======================

AppDir: C:\Program Files\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\kamca\AppData\Roaming\Mozilla\Firefox\Profiles\jeba2s35.default
999A833D87C8CD918B5EE8C3F8149D2B - C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll - Adobe Acrobat
52CE0DBFD9738AE528CF525A0367EBEB - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin
E37E8A5C3F0CF5BB90267CCB5099AF96 - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll - NVIDIA 3D VISION
2760BC5D083565437C6FA22E71C8F7CE - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll - NVIDIA 3D Vision
F0E80E561C3F715DB01ACCC97B72463A - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Photo Gallery
1B743D5B6FD001660FAB17DD7C347A38 - c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll - Silverlight Plug-In
A107920551356DAEE665F0884F34D2D7 - C:\Windows\system32\Macromed\Flash\NPSWF32_20_0_0_286.dll - Shockwave Flash
4F3F6B17B4A5BDB68B3CB0367A2C214E - c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrlui.dll - Microsoft® Silverlight


==== Chromium Look ======================


Avast Online Security - kamca\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02

==== Reset Google Chrome ======================

C:\Users\kamca\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\kamca\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\kamca\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\kamca\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully

==== Empty IE Cache ======================

C:\Users\kamca\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\kamca\AppData\Local\Mozilla\Firefox\Profiles\jeba2s35.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\kamca\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=50 folders=23 628668109 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\kamca\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\kamca\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\MpCmdRun.log" not found

==== EOF on st 27.01.2016 at 16:16:08,65 ======================

[KamilaS]

ComboFix 16-01-24.01 - kamca 27.01.2016 16:22:11.1.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3319.1982 [GMT 1:00]
Spuštěný z: c:\users\kamca\Desktop\PC V¦CI\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\PFRO.log
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-12-27 do 2016-01-27 )))))))))))))))))))))))))))))))
.
.
2016-01-27 15:27 . 2016-01-27 15:27 -------- d-----w- c:\users\kamca\AppData\Local\temp
2016-01-27 15:27 . 2016-01-27 15:27 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-01-27 15:14 . 2016-01-27 15:03 24064 ----a-w- c:\windows\zoek-delete.exe
2016-01-27 14:53 . 2016-01-27 14:53 -------- d-----w- c:\users\kamca\AppData\Local\CrashDumps
2016-01-27 14:51 . 2016-01-27 15:12 -------- d-----w- C:\zoek_backup
2016-01-26 11:00 . 2016-01-27 14:16 24688 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2016-01-26 11:00 . 2016-01-26 11:25 -------- d-----w- c:\programdata\RogueKiller
2016-01-26 07:56 . 2015-11-25 10:43 9014120 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5D2C859F-0442-4FD4-87E9-2D159F06988A}\mpengine.dll
2016-01-25 15:25 . 2016-01-25 15:25 -------- d-----w- c:\programdata\Malwarebytes
2016-01-25 15:20 . 2016-01-26 10:41 -------- d-----w- C:\AdwCleaner
2016-01-13 06:06 . 2015-12-30 18:41 65536 ----a-w- c:\windows\system32\TSpkg.dll
2016-01-03 11:40 . 2016-01-13 09:37 -------- d-----w- c:\program files\Microsoft Silverlight
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-01-20 19:47 . 2015-11-20 19:35 796864 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2016-01-20 19:47 . 2015-11-20 19:35 142528 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2015-12-30 18:40 . 2016-01-13 06:07 251392 ----a-w- c:\windows\system32\schannel.dll
2015-12-02 12:25 . 2015-11-20 19:16 247976 ------w- c:\windows\system32\MpSigStub.exe
2015-11-24 22:48 . 2015-12-01 18:31 91384 ----a-w- c:\windows\system32\NvRtmpStreamer32.dll
2015-11-24 22:48 . 2015-12-01 18:31 1509824 ----a-w- c:\windows\system32\nvspcap.dll
2015-11-24 22:48 . 2015-12-01 18:31 1316000 ----a-w- c:\windows\system32\nvspbridge.dll
2015-11-24 22:48 . 2015-12-01 18:28 69416 ----a-w- c:\windows\system32\nvaudcap32v.dll
2015-11-24 22:48 . 2015-12-01 18:28 44840 ----a-w- c:\windows\system32\drivers\nvvad32v.sys
2015-11-24 22:48 . 2015-12-01 18:28 35984 ----a-w- c:\windows\system32\nvhdap32.dll
2015-11-24 22:48 . 2015-12-01 18:28 170128 ----a-w- c:\windows\system32\drivers\nvhda32v.sys
2015-11-24 22:48 . 2015-11-10 01:56 926520 ----a-w- c:\windows\system32\nvhdagenco3220103.dll
2015-11-23 10:42 . 2012-07-17 13:37 24288 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2015-11-21 20:03 . 2015-11-21 20:03 194048 ----a-w- c:\windows\system32\elshyph.dll
2015-11-21 20:03 . 2015-11-21 20:03 71680 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2015-11-21 20:03 . 2015-11-21 20:03 645120 ----a-w- c:\windows\system32\jsIntl.dll
2015-11-21 20:03 . 2015-11-21 20:03 62464 ----a-w- c:\windows\system32\tdc.ocx
2015-11-21 20:03 . 2015-11-21 20:03 182272 ----a-w- c:\windows\system32\msls31.dll
2015-11-21 20:03 . 2015-11-21 20:03 24576 ----a-w- c:\windows\system32\licmgr10.dll
2015-11-21 20:03 . 2015-11-21 20:03 151552 ----a-w- c:\windows\system32\iexpress.exe
2015-11-21 20:03 . 2015-11-21 20:03 139264 ----a-w- c:\windows\system32\wextract.exe
2015-11-21 20:03 . 2015-11-21 20:03 86016 ----a-w- c:\windows\system32\iesysprep.dll
2015-11-21 20:03 . 2015-11-21 20:03 74240 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2015-11-21 20:03 . 2015-11-21 20:03 48640 ----a-w- c:\windows\system32\mshtmler.dll
2015-11-21 20:03 . 2015-11-21 20:03 36352 ----a-w- c:\windows\system32\imgutil.dll
2015-11-21 20:03 . 2015-11-21 20:03 13312 ----a-w- c:\windows\system32\mshta.exe
2015-11-21 20:03 . 2015-11-21 20:03 111616 ----a-w- c:\windows\system32\IEAdvpack.dll
2015-11-21 20:02 . 2015-11-21 20:02 231424 ----a-w- c:\windows\system32\mswsock.dll
2015-11-21 20:02 . 2015-11-21 20:02 49152 ----a-w- c:\windows\system32\taskhost.exe
2015-11-21 20:00 . 2015-11-21 20:00 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2015-11-21 20:00 . 2015-11-21 20:00 604160 ----a-w- c:\windows\system32\d3d10level9.dll
2015-11-21 20:00 . 2015-11-21 20:00 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2015-11-21 20:00 . 2015-11-21 20:00 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2015-11-21 20:00 . 2015-11-21 20:00 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2015-11-21 20:00 . 2015-11-21 20:00 364544 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2015-11-21 20:00 . 2015-11-21 20:00 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2015-11-21 20:00 . 2015-11-21 20:00 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2015-11-21 20:00 . 2015-11-21 20:00 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2015-11-21 20:00 . 2015-11-21 20:00 293376 ----a-w- c:\windows\system32\dxgi.dll
2015-11-21 20:00 . 2015-11-21 20:00 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2015-11-21 20:00 . 2015-11-21 20:00 249856 ----a-w- c:\windows\system32\d3d10_1core.dll
2015-11-21 20:00 . 2015-11-21 20:00 220160 ----a-w- c:\windows\system32\d3d10core.dll
2015-11-21 20:00 . 2015-11-21 20:00 207872 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2015-11-21 20:00 . 2015-11-21 20:00 187392 ----a-w- c:\windows\system32\UIAnimation.dll
2015-11-21 20:00 . 2015-11-21 20:00 161792 ----a-w- c:\windows\system32\d3d10_1.dll
2015-11-21 20:00 . 2015-11-21 20:00 1158144 ----a-w- c:\windows\system32\XpsPrint.dll
2015-11-21 20:00 . 2015-11-21 20:00 1080832 ----a-w- c:\windows\system32\d3d10.dll
2015-11-21 20:00 . 2015-11-21 20:00 10752 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2015-11-21 19:58 . 2015-11-21 19:58 1505280 ----a-w- c:\windows\system32\d3d11.dll
2015-11-20 21:01 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
2015-11-20 18:34 . 2015-12-09 05:50 2956800 ----a-w- c:\windows\system32\wucltux.dll
2015-11-20 18:34 . 2015-12-09 05:50 2062848 ----a-w- c:\windows\system32\wuaueng.dll
2015-11-20 18:34 . 2015-12-09 05:50 93696 ----a-w- c:\windows\system32\wudriver.dll
2015-11-20 18:34 . 2015-12-09 05:50 35840 ----a-w- c:\windows\system32\wups2.dll
2015-11-20 18:34 . 2015-12-09 05:50 30208 ----a-w- c:\windows\system32\wups.dll
2015-11-20 18:34 . 2015-12-09 05:50 174080 ----a-w- c:\windows\system32\wuwebv.dll
2015-11-20 18:34 . 2015-12-09 05:50 573440 ----a-w- c:\windows\system32\wuapi.dll
2015-11-20 18:34 . 2015-12-09 05:50 73728 ----a-w- c:\windows\system32\WinSetupUI.dll
2015-11-20 18:33 . 2015-12-09 05:50 11776 ----a-w- c:\windows\system32\wu.upgrade.ps.dll
2015-11-20 18:33 . 2015-12-09 05:50 35328 ----a-w- c:\windows\system32\wuapp.exe
2015-11-20 18:33 . 2015-12-09 05:50 136192 ----a-w- c:\windows\system32\wuauclt.exe
2015-11-11 18:39 . 2015-12-09 05:50 1242624 ----a-w- c:\windows\system32\comsvcs.dll
2015-11-11 18:39 . 2015-12-09 05:50 487936 ----a-w- c:\windows\system32\catsrvut.dll
2015-11-10 18:39 . 2015-12-09 05:50 909824 ----a-w- c:\windows\system32\FntCache.dll
2015-11-10 18:39 . 2015-12-09 05:50 1251328 ----a-w- c:\windows\system32\DWrite.dll
2015-11-10 18:39 . 2015-12-09 05:50 811520 ----a-w- c:\windows\system32\user32.dll
2015-11-10 02:00 . 2015-12-01 18:43 113992 ----a-w- c:\windows\system32\OpenCL.dll
2015-11-10 01:59 . 2015-11-10 01:59 15130520 ----a-w- c:\windows\system32\nvwgf2um.dll
2015-11-10 01:58 . 2015-11-10 01:58 396752 ----a-w- c:\windows\system32\nvumdshim.dll
2015-11-10 01:58 . 2015-11-10 01:58 13535976 ----a-w- c:\windows\system32\nvopencl.dll
2015-11-10 01:58 . 2015-11-10 01:58 18370704 ----a-w- c:\windows\system32\nvoglv32.dll
2015-11-10 01:57 . 2015-11-10 01:57 137240 ----a-w- c:\windows\system32\nvoglshim32.dll
2015-11-10 01:57 . 2015-11-10 01:57 9391248 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2015-11-10 01:57 . 2015-11-10 01:57 164704 ----a-w- c:\windows\system32\nvinit.dll
2015-11-10 01:57 . 2015-11-10 01:57 682824 ----a-w- c:\windows\system32\NvIFR.dll
2015-11-10 01:56 . 2015-11-10 01:56 698000 ----a-w- c:\windows\system32\NvFBC.dll
2015-11-10 01:56 . 2015-11-10 01:56 925512 ----a-w- c:\windows\system32\nvdispgenco3235891.dll
2015-11-10 01:56 . 2015-11-10 01:56 1062032 ----a-w- c:\windows\system32\nvdispco3235891.dll
2015-11-10 01:56 . 2015-11-10 01:56 12779488 ----a-w- c:\windows\system32\nvd3dum.dll
2015-11-10 01:56 . 2015-11-10 01:56 2499216 ----a-w- c:\windows\system32\nvcuvid.dll
2015-11-10 01:56 . 2015-11-10 01:56 12043168 ----a-w- c:\windows\system32\nvcuda.dll
2015-11-10 01:54 . 2015-11-10 01:54 37890888 ----a-w- c:\windows\system32\nvcompiler.dll
2015-11-10 01:54 . 2015-11-10 01:54 3167464 ----a-w- c:\windows\system32\nvapi.dll
2015-11-05 19:02 . 2015-12-09 05:50 14848 ----a-w- c:\windows\system32\wshrm.dll
2015-11-05 19:00 . 2015-12-09 05:50 2048 ----a-w- c:\windows\system32\tzres.dll
2015-11-05 15:05 . 2015-12-01 18:43 3937072 ----a-w- c:\windows\system32\nvcpl.dll
2015-11-05 15:05 . 2015-12-01 18:43 2580088 ----a-w- c:\windows\system32\nvsvc.dll
2015-11-05 15:05 . 2015-12-01 18:43 671352 ----a-w- c:\windows\system32\nvvsvc.exe
2015-11-05 15:05 . 2015-12-01 18:43 61560 ----a-w- c:\windows\system32\nvshext.dll
2015-11-05 15:05 . 2015-12-01 18:43 374904 ----a-w- c:\windows\system32\nvmctray.dll
2015-11-05 15:05 . 2015-12-01 18:43 2554488 ----a-w- c:\windows\system32\nvsvcr.dll
2015-11-05 15:00 . 2015-12-01 18:43 102520 ----a-w- c:\windows\system32\nvStreaming.exe
2015-11-05 09:48 . 2015-12-09 05:50 117760 ----a-w- c:\windows\system32\drivers\rmcast.sys
2015-11-03 18:56 . 2015-12-09 05:50 627712 ----a-w- c:\windows\system32\usp10.dll
2015-11-03 18:55 . 2015-12-09 05:50 179712 ----a-w- c:\windows\system32\els.dll
2015-10-29 17:50 . 2015-11-21 18:13 5120 ----a-w- c:\windows\system32\shimeng.dll
2015-10-29 17:49 . 2015-11-21 18:13 295936 ----a-w- c:\windows\system32\apphelp.dll
2015-10-29 17:49 . 2015-11-21 18:13 2178560 ----a-w- c:\windows\apppatch\AcGenral.dll
2015-10-29 17:49 . 2015-11-21 18:13 62464 ----a-w- c:\windows\system32\aelupsvc.dll
2015-10-29 17:49 . 2015-11-21 18:13 562176 ----a-w- c:\windows\apppatch\AcLayers.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2016-01-18 50615936]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2012-06-11 10996368]
"NvBackend"="c:\program files\NVIDIA Corporation\Update Core\NvBackend.exe" [2015-11-24 2757424]
"ShadowPlay"="c:\windows\system32\nvspcap.dll" [2015-11-24 1509824]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer_For_P2G10]
2015-10-28 03:20 110008 ----a-w- c:\program files\CyberLink\Power2Go10\CLMLSvc_P2G10.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Power2GoExpress10]
2015-10-28 03:21 3063224 ----a-w- c:\program files\CyberLink\Power2Go10\Power2GoExpress10.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2016-01-18 22:50 50615936 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2015-07-09 327296]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2015-12-12 102912]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 642520]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-11-24 922928]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2013-08-27 595968]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-09-16 169432]
S2 NvNetworkService;NVIDIA Network Service;c:\program files\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-11-24 1872688]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2015-11-24 4611888]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-11-05 417400]
S3 CLVirtualBus01;CyberLink Virtual CDROM Bus Enumerator;c:\windows\system32\DRIVERS\CLVirtualBus01.sys [2014-11-05 79624]
S3 MEI;Intel(R) Management Engine Interface ;c:\windows\system32\DRIVERS\TeeDriver.sys [2013-09-16 85464]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-11-24 18736]
S3 NvStreamNetworkSvc;NVIDIA Streamer Network Service;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [2015-11-24 6288688]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad32v.sys [2015-11-24 44840]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2014-06-17 718552]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
utcsvc REG_MULTI_SZ DiagTrack
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A6EADE66-0000-0000-484E-7E8A45000000}]
2015-12-18 15:42 286904 ----a-w- c:\program files\Adobe\Acrobat Reader DC\Esl\AiodLite.dll
.
Obsah adresáře 'Naplánované úlohy'
.
2016-01-27 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-20 19:47]
.
.
------- Doplňkový sken -------
.
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\kamca\AppData\Roaming\Mozilla\Firefox\Profiles\jeba2s35.default\
FF - prefs.js: browser.startup.homepage - about:home
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
AddRemove-{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f} - c:\programdata\Package Cache\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}\vcredist_x86.exe
AddRemove-{ce085a78-074e-4823-8dc1-8a721b94b76d} - c:\programdata\Package Cache\{ce085a78-074e-4823-8dc1-8a721b94b76d}\vcredist_x86.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2016-01-27 16:28:06
ComboFix-quarantined-files.txt 2016-01-27 15:28
.
Před spuštěním: Volných bajtů: 469 608 759 296
Po spuštění: Volných bajtů: 469 510 356 992
.
- - End Of File - - B11E110139B46297A445677435798D86
A36C5E4F47E84449FF07ED3517B43A31

[jaro3]

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::
KillAll::
File::
c:\windows\Tasks\Adobe Flash Player Updater.job

Folder::
c:\program files\Skype\Updater

Driver::
SkypeUpdate

RegLock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.


Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

[KamilaS]

ComboFix 16-01-24.01 - kamca 28.01.2016 9:58.2.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3319.2349 [GMT 1:00]
Spuštěný z: c:\users\kamca\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\kamca\Desktop\CFScript.txt
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\Adobe Flash Player Updater.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Skype\Updater
c:\program files\Skype\Updater\Updater.dll
c:\program files\Skype\Updater\Updater.exe
c:\windows\Tasks\Adobe Flash Player Updater.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_SkypeUpdate
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-12-28 do 2016-01-28 )))))))))))))))))))))))))))))))
.
.
2016-01-28 09:03 . 2016-01-28 09:04 -------- d-----w- c:\users\kamca\AppData\Local\temp
2016-01-28 09:03 . 2016-01-28 09:03 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-01-28 06:31 . 2016-01-28 06:31 62576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5D2C859F-0442-4FD4-87E9-2D159F06988A}\offreg.852.dll
2016-01-27 15:14 . 2016-01-27 15:03 24064 ----a-w- c:\windows\zoek-delete.exe
2016-01-27 14:53 . 2016-01-27 14:53 -------- d-----w- c:\users\kamca\AppData\Local\CrashDumps
2016-01-27 14:51 . 2016-01-27 15:12 -------- d-----w- C:\zoek_backup
2016-01-26 11:00 . 2016-01-27 14:16 24688 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2016-01-26 11:00 . 2016-01-26 11:25 -------- d-----w- c:\programdata\RogueKiller
2016-01-26 07:56 . 2015-11-25 10:43 9014120 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5D2C859F-0442-4FD4-87E9-2D159F06988A}\mpengine.dll
2016-01-25 15:25 . 2016-01-25 15:25 -------- d-----w- c:\programdata\Malwarebytes
2016-01-25 15:20 . 2016-01-26 10:41 -------- d-----w- C:\AdwCleaner
2016-01-13 06:06 . 2015-12-30 18:41 65536 ----a-w- c:\windows\system32\TSpkg.dll
2016-01-03 11:40 . 2016-01-13 09:37 -------- d-----w- c:\program files\Microsoft Silverlight
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-01-20 19:47 . 2015-11-20 19:35 796864 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2016-01-20 19:47 . 2015-11-20 19:35 142528 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2015-12-30 18:40 . 2016-01-13 06:07 251392 ----a-w- c:\windows\system32\schannel.dll
2015-12-02 12:25 . 2015-11-20 19:16 247976 ------w- c:\windows\system32\MpSigStub.exe
2015-11-24 22:48 . 2015-12-01 18:31 91384 ----a-w- c:\windows\system32\NvRtmpStreamer32.dll
2015-11-24 22:48 . 2015-12-01 18:31 1509824 ----a-w- c:\windows\system32\nvspcap.dll
2015-11-24 22:48 . 2015-12-01 18:31 1316000 ----a-w- c:\windows\system32\nvspbridge.dll
2015-11-24 22:48 . 2015-12-01 18:28 69416 ----a-w- c:\windows\system32\nvaudcap32v.dll
2015-11-24 22:48 . 2015-12-01 18:28 44840 ----a-w- c:\windows\system32\drivers\nvvad32v.sys
2015-11-24 22:48 . 2015-12-01 18:28 35984 ----a-w- c:\windows\system32\nvhdap32.dll
2015-11-24 22:48 . 2015-12-01 18:28 170128 ----a-w- c:\windows\system32\drivers\nvhda32v.sys
2015-11-24 22:48 . 2015-11-10 01:56 926520 ----a-w- c:\windows\system32\nvhdagenco3220103.dll
2015-11-23 10:42 . 2012-07-17 13:37 24288 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2015-11-21 20:03 . 2015-11-21 20:03 194048 ----a-w- c:\windows\system32\elshyph.dll
2015-11-21 20:03 . 2015-11-21 20:03 71680 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2015-11-21 20:03 . 2015-11-21 20:03 645120 ----a-w- c:\windows\system32\jsIntl.dll
2015-11-21 20:03 . 2015-11-21 20:03 62464 ----a-w- c:\windows\system32\tdc.ocx
2015-11-21 20:03 . 2015-11-21 20:03 182272 ----a-w- c:\windows\system32\msls31.dll
2015-11-21 20:03 . 2015-11-21 20:03 24576 ----a-w- c:\windows\system32\licmgr10.dll
2015-11-21 20:03 . 2015-11-21 20:03 151552 ----a-w- c:\windows\system32\iexpress.exe
2015-11-21 20:03 . 2015-11-21 20:03 139264 ----a-w- c:\windows\system32\wextract.exe
2015-11-21 20:03 . 2015-11-21 20:03 86016 ----a-w- c:\windows\system32\iesysprep.dll
2015-11-21 20:03 . 2015-11-21 20:03 74240 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2015-11-21 20:03 . 2015-11-21 20:03 48640 ----a-w- c:\windows\system32\mshtmler.dll
2015-11-21 20:03 . 2015-11-21 20:03 36352 ----a-w- c:\windows\system32\imgutil.dll
2015-11-21 20:03 . 2015-11-21 20:03 13312 ----a-w- c:\windows\system32\mshta.exe
2015-11-21 20:03 . 2015-11-21 20:03 111616 ----a-w- c:\windows\system32\IEAdvpack.dll
2015-11-21 20:02 . 2015-11-21 20:02 231424 ----a-w- c:\windows\system32\mswsock.dll
2015-11-21 20:02 . 2015-11-21 20:02 49152 ----a-w- c:\windows\system32\taskhost.exe
2015-11-21 20:00 . 2015-11-21 20:00 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2015-11-21 20:00 . 2015-11-21 20:00 604160 ----a-w- c:\windows\system32\d3d10level9.dll
2015-11-21 20:00 . 2015-11-21 20:00 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2015-11-21 20:00 . 2015-11-21 20:00 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2015-11-21 20:00 . 2015-11-21 20:00 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2015-11-21 20:00 . 2015-11-21 20:00 364544 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2015-11-21 20:00 . 2015-11-21 20:00 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2015-11-21 20:00 . 2015-11-21 20:00 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2015-11-21 20:00 . 2015-11-21 20:00 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2015-11-21 20:00 . 2015-11-21 20:00 293376 ----a-w- c:\windows\system32\dxgi.dll
2015-11-21 20:00 . 2015-11-21 20:00 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2015-11-21 20:00 . 2015-11-21 20:00 249856 ----a-w- c:\windows\system32\d3d10_1core.dll
2015-11-21 20:00 . 2015-11-21 20:00 220160 ----a-w- c:\windows\system32\d3d10core.dll
2015-11-21 20:00 . 2015-11-21 20:00 207872 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2015-11-21 20:00 . 2015-11-21 20:00 187392 ----a-w- c:\windows\system32\UIAnimation.dll
2015-11-21 20:00 . 2015-11-21 20:00 161792 ----a-w- c:\windows\system32\d3d10_1.dll
2015-11-21 20:00 . 2015-11-21 20:00 1158144 ----a-w- c:\windows\system32\XpsPrint.dll
2015-11-21 20:00 . 2015-11-21 20:00 1080832 ----a-w- c:\windows\system32\d3d10.dll
2015-11-21 20:00 . 2015-11-21 20:00 10752 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2015-11-21 19:58 . 2015-11-21 19:58 1505280 ----a-w- c:\windows\system32\d3d11.dll
2015-11-20 21:01 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
2015-11-20 18:34 . 2015-12-09 05:50 2956800 ----a-w- c:\windows\system32\wucltux.dll
2015-11-20 18:34 . 2015-12-09 05:50 2062848 ----a-w- c:\windows\system32\wuaueng.dll
2015-11-20 18:34 . 2015-12-09 05:50 93696 ----a-w- c:\windows\system32\wudriver.dll
2015-11-20 18:34 . 2015-12-09 05:50 35840 ----a-w- c:\windows\system32\wups2.dll
2015-11-20 18:34 . 2015-12-09 05:50 30208 ----a-w- c:\windows\system32\wups.dll
2015-11-20 18:34 . 2015-12-09 05:50 174080 ----a-w- c:\windows\system32\wuwebv.dll
2015-11-20 18:34 . 2015-12-09 05:50 573440 ----a-w- c:\windows\system32\wuapi.dll
2015-11-20 18:34 . 2015-12-09 05:50 73728 ----a-w- c:\windows\system32\WinSetupUI.dll
2015-11-20 18:33 . 2015-12-09 05:50 11776 ----a-w- c:\windows\system32\wu.upgrade.ps.dll
2015-11-20 18:33 . 2015-12-09 05:50 35328 ----a-w- c:\windows\system32\wuapp.exe
2015-11-20 18:33 . 2015-12-09 05:50 136192 ----a-w- c:\windows\system32\wuauclt.exe
2015-11-11 18:39 . 2015-12-09 05:50 1242624 ----a-w- c:\windows\system32\comsvcs.dll
2015-11-11 18:39 . 2015-12-09 05:50 487936 ----a-w- c:\windows\system32\catsrvut.dll
2015-11-10 18:39 . 2015-12-09 05:50 909824 ----a-w- c:\windows\system32\FntCache.dll
2015-11-10 18:39 . 2015-12-09 05:50 1251328 ----a-w- c:\windows\system32\DWrite.dll
2015-11-10 18:39 . 2015-12-09 05:50 811520 ----a-w- c:\windows\system32\user32.dll
2015-11-10 02:00 . 2015-12-01 18:43 113992 ----a-w- c:\windows\system32\OpenCL.dll
2015-11-10 01:59 . 2015-11-10 01:59 15130520 ----a-w- c:\windows\system32\nvwgf2um.dll
2015-11-10 01:58 . 2015-11-10 01:58 396752 ----a-w- c:\windows\system32\nvumdshim.dll
2015-11-10 01:58 . 2015-11-10 01:58 13535976 ----a-w- c:\windows\system32\nvopencl.dll
2015-11-10 01:58 . 2015-11-10 01:58 18370704 ----a-w- c:\windows\system32\nvoglv32.dll
2015-11-10 01:57 . 2015-11-10 01:57 137240 ----a-w- c:\windows\system32\nvoglshim32.dll
2015-11-10 01:57 . 2015-11-10 01:57 9391248 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2015-11-10 01:57 . 2015-11-10 01:57 164704 ----a-w- c:\windows\system32\nvinit.dll
2015-11-10 01:57 . 2015-11-10 01:57 682824 ----a-w- c:\windows\system32\NvIFR.dll
2015-11-10 01:56 . 2015-11-10 01:56 698000 ----a-w- c:\windows\system32\NvFBC.dll
2015-11-10 01:56 . 2015-11-10 01:56 925512 ----a-w- c:\windows\system32\nvdispgenco3235891.dll
2015-11-10 01:56 . 2015-11-10 01:56 1062032 ----a-w- c:\windows\system32\nvdispco3235891.dll
2015-11-10 01:56 . 2015-11-10 01:56 12779488 ----a-w- c:\windows\system32\nvd3dum.dll
2015-11-10 01:56 . 2015-11-10 01:56 2499216 ----a-w- c:\windows\system32\nvcuvid.dll
2015-11-10 01:56 . 2015-11-10 01:56 12043168 ----a-w- c:\windows\system32\nvcuda.dll
2015-11-10 01:54 . 2015-11-10 01:54 37890888 ----a-w- c:\windows\system32\nvcompiler.dll
2015-11-10 01:54 . 2015-11-10 01:54 3167464 ----a-w- c:\windows\system32\nvapi.dll
2015-11-05 19:02 . 2015-12-09 05:50 14848 ----a-w- c:\windows\system32\wshrm.dll
2015-11-05 19:00 . 2015-12-09 05:50 2048 ----a-w- c:\windows\system32\tzres.dll
2015-11-05 15:05 . 2015-12-01 18:43 3937072 ----a-w- c:\windows\system32\nvcpl.dll
2015-11-05 15:05 . 2015-12-01 18:43 2580088 ----a-w- c:\windows\system32\nvsvc.dll
2015-11-05 15:05 . 2015-12-01 18:43 671352 ----a-w- c:\windows\system32\nvvsvc.exe
2015-11-05 15:05 . 2015-12-01 18:43 61560 ----a-w- c:\windows\system32\nvshext.dll
2015-11-05 15:05 . 2015-12-01 18:43 374904 ----a-w- c:\windows\system32\nvmctray.dll
2015-11-05 15:05 . 2015-12-01 18:43 2554488 ----a-w- c:\windows\system32\nvsvcr.dll
2015-11-05 15:00 . 2015-12-01 18:43 102520 ----a-w- c:\windows\system32\nvStreaming.exe
2015-11-05 09:48 . 2015-12-09 05:50 117760 ----a-w- c:\windows\system32\drivers\rmcast.sys
2015-11-03 18:56 . 2015-12-09 05:50 627712 ----a-w- c:\windows\system32\usp10.dll
2015-11-03 18:55 . 2015-12-09 05:50 179712 ----a-w- c:\windows\system32\els.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2016-01-18 50615936]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2012-06-11 10996368]
"NvBackend"="c:\program files\NVIDIA Corporation\Update Core\NvBackend.exe" [2015-11-24 2757424]
"ShadowPlay"="c:\windows\system32\nvspcap.dll" [2015-11-24 1509824]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer_For_P2G10]
2015-10-28 03:20 110008 ----a-w- c:\program files\CyberLink\Power2Go10\CLMLSvc_P2G10.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Power2GoExpress10]
2015-10-28 03:21 3063224 ----a-w- c:\program files\CyberLink\Power2Go10\Power2GoExpress10.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2016-01-18 22:50 50615936 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2015-12-12 102912]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 642520]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-11-24 922928]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2013-08-27 595968]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-09-16 169432]
S2 NvNetworkService;NVIDIA Network Service;c:\program files\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-11-24 1872688]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2015-11-24 4611888]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-11-05 417400]
S3 CLVirtualBus01;CyberLink Virtual CDROM Bus Enumerator;c:\windows\system32\DRIVERS\CLVirtualBus01.sys [2014-11-05 79624]
S3 MEI;Intel(R) Management Engine Interface ;c:\windows\system32\DRIVERS\TeeDriver.sys [2013-09-16 85464]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-11-24 18736]
S3 NvStreamNetworkSvc;NVIDIA Streamer Network Service;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [2015-11-24 6288688]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad32v.sys [2015-11-24 44840]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2014-06-17 718552]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
utcsvc REG_MULTI_SZ DiagTrack
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A6EADE66-0000-0000-484E-7E8A45000000}]
2015-12-18 15:42 286904 ----a-w- c:\program files\Adobe\Acrobat Reader DC\Esl\AiodLite.dll
.
.
------- Doplňkový sken -------
.
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\kamca\AppData\Roaming\Mozilla\Firefox\Profiles\jeba2s35.default\
FF - prefs.js: browser.startup.homepage - hxxps://psychosomatika.cz/kontakty/
.
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\NVIDIA Corporation\Display\nvxdsync.exe
c:\windows\system32\nvvsvc.exe
c:\windows\system32\taskhost.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\System32\WUDFHost.exe
c:\windows\system32\GWX\GWX.exe
c:\windows\system32\sppsvc.exe
c:\windows\system32\conhost.exe
c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
c:\windows\system32\conhost.exe
c:\program files\NVIDIA Corporation\Display\nvtray.exe
c:\program files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Celkový čas: 2016-01-28 10:07:02 - počítač byl restartován
ComboFix-quarantined-files.txt 2016-01-28 09:07
ComboFix2.txt 2016-01-27 15:28
.
Před spuštěním: Volných bajtů: 468 434 804 736
Po spuštění: Volných bajtů: 467 954 372 608
.
- - End Of File - - 676D4BEB35CA349802E774169A6D8D50
A36C5E4F47E84449FF07ED3517B43A31

[KamilaS]

ComboFix 16-01-24.01 - kamca 28.01.2016 9:58.2.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3319.2349 [GMT 1:00]
Spuštěný z: c:\users\kamca\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\kamca\Desktop\CFScript.txt
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\Adobe Flash Player Updater.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Skype\Updater
c:\program files\Skype\Updater\Updater.dll
c:\program files\Skype\Updater\Updater.exe
c:\windows\Tasks\Adobe Flash Player Updater.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_SkypeUpdate
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-12-28 do 2016-01-28 )))))))))))))))))))))))))))))))
.
.
2016-01-28 09:03 . 2016-01-28 09:04 -------- d-----w- c:\users\kamca\AppData\Local\temp
2016-01-28 09:03 . 2016-01-28 09:03 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-01-28 06:31 . 2016-01-28 06:31 62576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5D2C859F-0442-4FD4-87E9-2D159F06988A}\offreg.852.dll
2016-01-27 15:14 . 2016-01-27 15:03 24064 ----a-w- c:\windows\zoek-delete.exe
2016-01-27 14:53 . 2016-01-27 14:53 -------- d-----w- c:\users\kamca\AppData\Local\CrashDumps
2016-01-27 14:51 . 2016-01-27 15:12 -------- d-----w- C:\zoek_backup
2016-01-26 11:00 . 2016-01-27 14:16 24688 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2016-01-26 11:00 . 2016-01-26 11:25 -------- d-----w- c:\programdata\RogueKiller
2016-01-26 07:56 . 2015-11-25 10:43 9014120 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5D2C859F-0442-4FD4-87E9-2D159F06988A}\mpengine.dll
2016-01-25 15:25 . 2016-01-25 15:25 -------- d-----w- c:\programdata\Malwarebytes
2016-01-25 15:20 . 2016-01-26 10:41 -------- d-----w- C:\AdwCleaner
2016-01-13 06:06 . 2015-12-30 18:41 65536 ----a-w- c:\windows\system32\TSpkg.dll
2016-01-03 11:40 . 2016-01-13 09:37 -------- d-----w- c:\program files\Microsoft Silverlight
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-01-20 19:47 . 2015-11-20 19:35 796864 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2016-01-20 19:47 . 2015-11-20 19:35 142528 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2015-12-30 18:40 . 2016-01-13 06:07 251392 ----a-w- c:\windows\system32\schannel.dll
2015-12-02 12:25 . 2015-11-20 19:16 247976 ------w- c:\windows\system32\MpSigStub.exe
2015-11-24 22:48 . 2015-12-01 18:31 91384 ----a-w- c:\windows\system32\NvRtmpStreamer32.dll
2015-11-24 22:48 . 2015-12-01 18:31 1509824 ----a-w- c:\windows\system32\nvspcap.dll
2015-11-24 22:48 . 2015-12-01 18:31 1316000 ----a-w- c:\windows\system32\nvspbridge.dll
2015-11-24 22:48 . 2015-12-01 18:28 69416 ----a-w- c:\windows\system32\nvaudcap32v.dll
2015-11-24 22:48 . 2015-12-01 18:28 44840 ----a-w- c:\windows\system32\drivers\nvvad32v.sys
2015-11-24 22:48 . 2015-12-01 18:28 35984 ----a-w- c:\windows\system32\nvhdap32.dll
2015-11-24 22:48 . 2015-12-01 18:28 170128 ----a-w- c:\windows\system32\drivers\nvhda32v.sys
2015-11-24 22:48 . 2015-11-10 01:56 926520 ----a-w- c:\windows\system32\nvhdagenco3220103.dll
2015-11-23 10:42 . 2012-07-17 13:37 24288 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2015-11-21 20:03 . 2015-11-21 20:03 194048 ----a-w- c:\windows\system32\elshyph.dll
2015-11-21 20:03 . 2015-11-21 20:03 71680 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2015-11-21 20:03 . 2015-11-21 20:03 645120 ----a-w- c:\windows\system32\jsIntl.dll
2015-11-21 20:03 . 2015-11-21 20:03 62464 ----a-w- c:\windows\system32\tdc.ocx
2015-11-21 20:03 . 2015-11-21 20:03 182272 ----a-w- c:\windows\system32\msls31.dll
2015-11-21 20:03 . 2015-11-21 20:03 24576 ----a-w- c:\windows\system32\licmgr10.dll
2015-11-21 20:03 . 2015-11-21 20:03 151552 ----a-w- c:\windows\system32\iexpress.exe
2015-11-21 20:03 . 2015-11-21 20:03 139264 ----a-w- c:\windows\system32\wextract.exe
2015-11-21 20:03 . 2015-11-21 20:03 86016 ----a-w- c:\windows\system32\iesysprep.dll
2015-11-21 20:03 . 2015-11-21 20:03 74240 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2015-11-21 20:03 . 2015-11-21 20:03 48640 ----a-w- c:\windows\system32\mshtmler.dll
2015-11-21 20:03 . 2015-11-21 20:03 36352 ----a-w- c:\windows\system32\imgutil.dll
2015-11-21 20:03 . 2015-11-21 20:03 13312 ----a-w- c:\windows\system32\mshta.exe
2015-11-21 20:03 . 2015-11-21 20:03 111616 ----a-w- c:\windows\system32\IEAdvpack.dll
2015-11-21 20:02 . 2015-11-21 20:02 231424 ----a-w- c:\windows\system32\mswsock.dll
2015-11-21 20:02 . 2015-11-21 20:02 49152 ----a-w- c:\windows\system32\taskhost.exe
2015-11-21 20:00 . 2015-11-21 20:00 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2015-11-21 20:00 . 2015-11-21 20:00 604160 ----a-w- c:\windows\system32\d3d10level9.dll
2015-11-21 20:00 . 2015-11-21 20:00 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2015-11-21 20:00 . 2015-11-21 20:00 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2015-11-21 20:00 . 2015-11-21 20:00 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2015-11-21 20:00 . 2015-11-21 20:00 364544 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2015-11-21 20:00 . 2015-11-21 20:00 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2015-11-21 20:00 . 2015-11-21 20:00 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2015-11-21 20:00 . 2015-11-21 20:00 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2015-11-21 20:00 . 2015-11-21 20:00 293376 ----a-w- c:\windows\system32\dxgi.dll
2015-11-21 20:00 . 2015-11-21 20:00 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2015-11-21 20:00 . 2015-11-21 20:00 249856 ----a-w- c:\windows\system32\d3d10_1core.dll
2015-11-21 20:00 . 2015-11-21 20:00 220160 ----a-w- c:\windows\system32\d3d10core.dll
2015-11-21 20:00 . 2015-11-21 20:00 207872 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2015-11-21 20:00 . 2015-11-21 20:00 187392 ----a-w- c:\windows\system32\UIAnimation.dll
2015-11-21 20:00 . 2015-11-21 20:00 161792 ----a-w- c:\windows\system32\d3d10_1.dll
2015-11-21 20:00 . 2015-11-21 20:00 1158144 ----a-w- c:\windows\system32\XpsPrint.dll
2015-11-21 20:00 . 2015-11-21 20:00 1080832 ----a-w- c:\windows\system32\d3d10.dll
2015-11-21 20:00 . 2015-11-21 20:00 10752 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2015-11-21 19:58 . 2015-11-21 19:58 1505280 ----a-w- c:\windows\system32\d3d11.dll
2015-11-20 21:01 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
2015-11-20 18:34 . 2015-12-09 05:50 2956800 ----a-w- c:\windows\system32\wucltux.dll
2015-11-20 18:34 . 2015-12-09 05:50 2062848 ----a-w- c:\windows\system32\wuaueng.dll
2015-11-20 18:34 . 2015-12-09 05:50 93696 ----a-w- c:\windows\system32\wudriver.dll
2015-11-20 18:34 . 2015-12-09 05:50 35840 ----a-w- c:\windows\system32\wups2.dll
2015-11-20 18:34 . 2015-12-09 05:50 30208 ----a-w- c:\windows\system32\wups.dll
2015-11-20 18:34 . 2015-12-09 05:50 174080 ----a-w- c:\windows\system32\wuwebv.dll
2015-11-20 18:34 . 2015-12-09 05:50 573440 ----a-w- c:\windows\system32\wuapi.dll
2015-11-20 18:34 . 2015-12-09 05:50 73728 ----a-w- c:\windows\system32\WinSetupUI.dll
2015-11-20 18:33 . 2015-12-09 05:50 11776 ----a-w- c:\windows\system32\wu.upgrade.ps.dll
2015-11-20 18:33 . 2015-12-09 05:50 35328 ----a-w- c:\windows\system32\wuapp.exe
2015-11-20 18:33 . 2015-12-09 05:50 136192 ----a-w- c:\windows\system32\wuauclt.exe
2015-11-11 18:39 . 2015-12-09 05:50 1242624 ----a-w- c:\windows\system32\comsvcs.dll
2015-11-11 18:39 . 2015-12-09 05:50 487936 ----a-w- c:\windows\system32\catsrvut.dll
2015-11-10 18:39 . 2015-12-09 05:50 909824 ----a-w- c:\windows\system32\FntCache.dll
2015-11-10 18:39 . 2015-12-09 05:50 1251328 ----a-w- c:\windows\system32\DWrite.dll
2015-11-10 18:39 . 2015-12-09 05:50 811520 ----a-w- c:\windows\system32\user32.dll
2015-11-10 02:00 . 2015-12-01 18:43 113992 ----a-w- c:\windows\system32\OpenCL.dll
2015-11-10 01:59 . 2015-11-10 01:59 15130520 ----a-w- c:\windows\system32\nvwgf2um.dll
2015-11-10 01:58 . 2015-11-10 01:58 396752 ----a-w- c:\windows\system32\nvumdshim.dll
2015-11-10 01:58 . 2015-11-10 01:58 13535976 ----a-w- c:\windows\system32\nvopencl.dll
2015-11-10 01:58 . 2015-11-10 01:58 18370704 ----a-w- c:\windows\system32\nvoglv32.dll
2015-11-10 01:57 . 2015-11-10 01:57 137240 ----a-w- c:\windows\system32\nvoglshim32.dll
2015-11-10 01:57 . 2015-11-10 01:57 9391248 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2015-11-10 01:57 . 2015-11-10 01:57 164704 ----a-w- c:\windows\system32\nvinit.dll
2015-11-10 01:57 . 2015-11-10 01:57 682824 ----a-w- c:\windows\system32\NvIFR.dll
2015-11-10 01:56 . 2015-11-10 01:56 698000 ----a-w- c:\windows\system32\NvFBC.dll
2015-11-10 01:56 . 2015-11-10 01:56 925512 ----a-w- c:\windows\system32\nvdispgenco3235891.dll
2015-11-10 01:56 . 2015-11-10 01:56 1062032 ----a-w- c:\windows\system32\nvdispco3235891.dll
2015-11-10 01:56 . 2015-11-10 01:56 12779488 ----a-w- c:\windows\system32\nvd3dum.dll
2015-11-10 01:56 . 2015-11-10 01:56 2499216 ----a-w- c:\windows\system32\nvcuvid.dll
2015-11-10 01:56 . 2015-11-10 01:56 12043168 ----a-w- c:\windows\system32\nvcuda.dll
2015-11-10 01:54 . 2015-11-10 01:54 37890888 ----a-w- c:\windows\system32\nvcompiler.dll
2015-11-10 01:54 . 2015-11-10 01:54 3167464 ----a-w- c:\windows\system32\nvapi.dll
2015-11-05 19:02 . 2015-12-09 05:50 14848 ----a-w- c:\windows\system32\wshrm.dll
2015-11-05 19:00 . 2015-12-09 05:50 2048 ----a-w- c:\windows\system32\tzres.dll
2015-11-05 15:05 . 2015-12-01 18:43 3937072 ----a-w- c:\windows\system32\nvcpl.dll
2015-11-05 15:05 . 2015-12-01 18:43 2580088 ----a-w- c:\windows\system32\nvsvc.dll
2015-11-05 15:05 . 2015-12-01 18:43 671352 ----a-w- c:\windows\system32\nvvsvc.exe
2015-11-05 15:05 . 2015-12-01 18:43 61560 ----a-w- c:\windows\system32\nvshext.dll
2015-11-05 15:05 . 2015-12-01 18:43 374904 ----a-w- c:\windows\system32\nvmctray.dll
2015-11-05 15:05 . 2015-12-01 18:43 2554488 ----a-w- c:\windows\system32\nvsvcr.dll
2015-11-05 15:00 . 2015-12-01 18:43 102520 ----a-w- c:\windows\system32\nvStreaming.exe
2015-11-05 09:48 . 2015-12-09 05:50 117760 ----a-w- c:\windows\system32\drivers\rmcast.sys
2015-11-03 18:56 . 2015-12-09 05:50 627712 ----a-w- c:\windows\system32\usp10.dll
2015-11-03 18:55 . 2015-12-09 05:50 179712 ----a-w- c:\windows\system32\els.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2016-01-18 50615936]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2012-06-11 10996368]
"NvBackend"="c:\program files\NVIDIA Corporation\Update Core\NvBackend.exe" [2015-11-24 2757424]
"ShadowPlay"="c:\windows\system32\nvspcap.dll" [2015-11-24 1509824]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer_For_P2G10]
2015-10-28 03:20 110008 ----a-w- c:\program files\CyberLink\Power2Go10\CLMLSvc_P2G10.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Power2GoExpress10]
2015-10-28 03:21 3063224 ----a-w- c:\program files\CyberLink\Power2Go10\Power2GoExpress10.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2016-01-18 22:50 50615936 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2015-12-12 102912]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 642520]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-11-24 922928]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2013-08-27 595968]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-09-16 169432]
S2 NvNetworkService;NVIDIA Network Service;c:\program files\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-11-24 1872688]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2015-11-24 4611888]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-11-05 417400]
S3 CLVirtualBus01;CyberLink Virtual CDROM Bus Enumerator;c:\windows\system32\DRIVERS\CLVirtualBus01.sys [2014-11-05 79624]
S3 MEI;Intel(R) Management Engine Interface ;c:\windows\system32\DRIVERS\TeeDriver.sys [2013-09-16 85464]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-11-24 18736]
S3 NvStreamNetworkSvc;NVIDIA Streamer Network Service;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [2015-11-24 6288688]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad32v.sys [2015-11-24 44840]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2014-06-17 718552]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
utcsvc REG_MULTI_SZ DiagTrack
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A6EADE66-0000-0000-484E-7E8A45000000}]
2015-12-18 15:42 286904 ----a-w- c:\program files\Adobe\Acrobat Reader DC\Esl\AiodLite.dll
.
.
------- Doplňkový sken -------
.
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\kamca\AppData\Roaming\Mozilla\Firefox\Profiles\jeba2s35.default\
FF - prefs.js: browser.startup.homepage - hxxps://psychosomatika.cz/kontakty/
.
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\NVIDIA Corporation\Display\nvxdsync.exe
c:\windows\system32\nvvsvc.exe
c:\windows\system32\taskhost.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\System32\WUDFHost.exe
c:\windows\system32\GWX\GWX.exe
c:\windows\system32\sppsvc.exe
c:\windows\system32\conhost.exe
c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
c:\windows\system32\conhost.exe
c:\program files\NVIDIA Corporation\Display\nvtray.exe
c:\program files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Celkový čas: 2016-01-28 10:07:02 - počítač byl restartován
ComboFix-quarantined-files.txt 2016-01-28 09:07
ComboFix2.txt 2016-01-27 15:28
.
Před spuštěním: Volných bajtů: 468 434 804 736
Po spuštění: Volných bajtů: 467 954 372 608
.
- - End Of File - - 676D4BEB35CA349802E774169A6D8D50
A36C5E4F47E84449FF07ED3517B43A31

[KamilaS]

jeba2s35
vykoukala jsem to z toho logu, co jsem sem teď dala, děkuju? jestli to není důležitý, dobrý ale jestli je to nějakej uživatel v mým pc, měla bych to vědět?

jo a super, víte, co mám za domovskou stránku
ještěže tam není něco jinýho, moc pěknýho třeba nahýho apod....by mě zajímalo, jestli jste se s tím už setkali? ...

[KamilaS]

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:28:56, on 28.1.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18163)

FIREFOX: 44.0 (x86 cs)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\GWX\GWX.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\Explorer.exe
C:\Users\kamca\Desktop\PC VĚCI\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [NvBackend] "C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe"
O4 - HKLM\..\Run: [ShadowPlay] "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Network Service (NvStreamNetworkSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

--
End of file - 4420 bytes

[KamilaS]

aswMBR version 1.0.1.2290 Copyright(c) 2014 AVAST Software
Run date: 2016-01-28 10:36:54
-----------------------------
10:36:54.749 OS Version: Windows 6.1.7601 Service Pack 1
10:36:54.749 Number of processors: 2 586 0x2A07
10:36:54.750 ComputerName: PKSZABOVI UserName: kamca
10:37:19.501 Initialize success
10:37:19.532 VM: initialized successfully
10:37:19.532 VM: Intel CPU supported
10:37:22.388 VM: supported disk I/O ataport.SYS
10:37:45.369 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
10:37:45.369 Disk 0 Vendor: WDC_WD10EALX-009BA0 15.01H15 Size: 953869MB BusType: 11
10:37:45.462 VM: Disk 0 MBR read successfully
10:37:45.478 Disk 0 MBR scan
10:37:45.478 Disk 0 Windows 7 default MBR code
10:37:45.478 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
10:37:45.478 Disk 0 Boot: NTFS code=2
10:37:45.493 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 953767 MB offset 206848
10:37:45.509 Disk 0 scanning sectors +1953521664
10:37:45.556 Disk 0 scanning C:\Windows\system32\drivers
10:37:49.331 Service scanning
10:37:58.364 Modules scanning
10:37:58.364 Disk 0 trace - called modules:
10:37:58.379 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS PCIIDEX.SYS msahci.sys
10:37:58.395 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x863a1360]
10:37:58.395 3 CLASSPNP.SYS[8bf8759e] -> nt!IofCallDriver -> [0x85efd368]
10:37:58.395 5 ACPI.sys[8ba3a3d4] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x85eea030]
10:37:58.410 Disk 0 statistics 75143/0/274 @ 10,27 MB/s
10:37:58.410 Scan finished successfully
10:38:06.054 Disk 0 MBR has been saved successfully to "C:\Users\kamca\Desktop\PC VĚCI\MBR.dat"
10:38:06.070 The log file has been saved successfully to "C:\Users\kamca\Desktop\PC VĚCI\aswMBR.txt"

[Orcus]

jeba2s35 - náhodně generovaný sled znaků, který ukrývá uživ, profil Firefoxu.

Ad domovská stránka - nejsme tu od toho, abychom někoho soudili či si dělali názory.


ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

====================================================

Vyčisti systém CCleanerem

====================================================

Stáhni si zde DelFix
http://general-changelog-team.fr/fr/dow ... e/9-delfix

ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7 a 8, musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore) .
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci.

Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem. Jinak je zpráva zde: C: \ DelFix.txt

Co problémy?

[KamilaS]

# DelFix v1.011 - Logfile created 29/01/2016 at 09:01:56
# Updated 18/08/2015 by Xplode
# Username : kamca - PKSZABOVI
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)

~ Removing disinfection tools ...

Deleted : C:\zoek_backup
Deleted : C:\AdwCleaner
Deleted : C:\ComboFix.txt
Deleted : C:\zoek-results.log
Deleted : C:\zoek-results2016-01-27-145411.log
Deleted : C:\Users\kamca\Desktop\JRT.txt
Deleted : C:\Users\kamca\Downloads\ZHPCleaner.exe
Deleted : HKLM\SOFTWARE\AdwCleaner
Deleted : HKLM\SOFTWARE\Swearware
Deleted : HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ASWMBR

~ Cleaning system restore ...

Deleted : RP #55 [ComboFix created restore point | 01/29/2016 08:00:24]

New restore point created !

########## - EOF - ##########

[KamilaS]

ahoj, vypadá to, že je všechno dobrý, edna videa jdou, už se neseká a nepotřebuju správce úloh, a ta cesta ComboFix /Uninstall, jak vymazat combof. je dobrá, si musím zapamatovat, to jsou vychytávky
jsi moc hodný a šikovný a můžu se ještě zeptat, mně se líbí tenhle doplněk, nebude mi dělat zase v pc rošambo?
https://addons.mozilla.org/cs/firefox/a ... p3/?src=ss
děkuju Kamča, si můžu změnit nick, když už z logu víš, že se správce pc jmenuje Kamča a ne KamilaS : ))