Problém s knihovnou RPCRT4.dll

[il.mateji]

Zdravím,
od 15.3.2018 sa mi pri niektorých (z tých mála čo používam viem zatiaľ o paint.net (photoshop) a GTAV (hra)) aplikáciách vyskytuje pri spustení chyba (screenshot). Po potvrdení stlačením "OK" aplikácia beží ďalej a nezaregistroval som v nich žiadne zmeny/chyby.
Niečo málo z internetu mi nepomohlo prísť tomu na kĺb, ale nijak som do toho nezasahoval, len o tom čítal názory a fóra. (zive.cz/poradna, solvusoft.com).
Povedal som si, že to skúsim ešte u vás, zda ste sa s tým (podobným) problémom stretli, než by som mal urobiť nejakú hlúpu chybu z náhodného internetového fóra.

rpcrt4-chyba.jpg (53.4 KiB) Zobrazeno 2409 x

[il.mateji]

log FRST, (addition v prílohe):

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14.03.2018
Ran by Alternativa (administrator) on PC-PC (28-03-2018 14:15:14)
Running from C:\Users\Alternativa\Desktop
Loaded Profiles: Alternativa (Available Profiles: PC & Alternativa)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 9 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
(ASUS) C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
() C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(forum.viry.cz) C:\Users\Alternativa\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2661672 2015-01-14] (ELAN Microelectronics Corp.)
HKLM\...\Run: [ShadowPlay] => "C:\windows\system32\rundll32.exe" C:\windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [ASUS TP Center (x64)] => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe [235488 2012-07-14] (AsusTek)
HKLM\...\Run: [ASUS Quick Gesture (x86)] => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe [17376 2012-07-14] (ASUSTeK Computer Inc.)
HKLM\...\Run: [ASUS Quick Gesture (x64)] => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe [19424 2012-07-14] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2319536 2011-10-19] (ASUS)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-07] (Intel Corporation)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [408888 2014-10-08] (Power Software Ltd)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [322208 2012-06-26] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [174752 2012-06-19] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe [3576784 2012-12-19] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2013-02-23] (ASUSTek Computer Inc.)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-720473701-4286339666-290851041-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3198752 2018-03-27] (Valve Corporation)
HKU\S-1-5-21-720473701-4286339666-290851041-1002\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [718208 2010-03-16] (Microsoft Corporation)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [177952 2016-05-20] (NVIDIA Corporation)
AppInit_DLLs: ,C:\windows\system32\nvinitx.dll => C:\windows\system32\nvinitx.dll [177952 2016-05-20] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [155768 2016-05-20] (NVIDIA Corporation)
AppInit_DLLs-x32: ,C:\windows\SysWOW64\nvinit.dll => C:\windows\SysWOW64\nvinit.dll [155768 2016-05-20] (NVIDIA Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.255.255.10 10.255.255.20
Tcpip\..\Interfaces\{1C2FA7DC-D0A1-419A-89B8-A04D279CF579}: [DhcpNameServer] 10.255.255.10 10.255.255.20
Tcpip\..\Interfaces\{580F81EA-D1D4-42B1-A5E4-DB4FB76F1B37}: [DhcpNameServer] 10.255.255.10 10.255.255.20

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-720473701-4286339666-290851041-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-720473701-4286339666-290851041-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus13.msn.com
SearchScopes: HKU\S-1-5-21-720473701-4286339666-290851041-1002 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO: ASUS Browser Extension x64 -> {78234974-0C4B-4111-BDEB-D9A104418772} -> C:\Program Files (x86)\ASUS\ASUS Smart Gesture\install\x64\BrowserExtension64.dll [2012-07-14] (ASUSTeK Computer Inc.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-18] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20] (Hewlett-Packard Co.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO-x32: ASUS Browser Extension x86 -> {78234974-0C4B-4111-BDEB-D9A104418771} -> C:\Program Files (x86)\ASUS\ASUS Smart Gesture\install\x86\BrowserExtension.dll [2012-07-14] (ASUSTeK Computer Inc.)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-18] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20] (Hewlett-Packard Co.)

FireFox:
========
FF DefaultProfile: l0i5civt.default-1452523124673-1515193756700
FF ProfilePath: C:\Users\Alternativa\AppData\Roaming\Mozilla\Firefox\Profiles\l0i5civt.default-1452523124673-1515193756700 [2018-03-28]
FF Extension: (TLS 1.3 gradual roll-out) - C:\Users\Alternativa\AppData\Roaming\Mozilla\Firefox\Profiles\l0i5civt.default-1452523124673-1515193756700\features\{a49d678c-d9e0-4e0b-b409-4d58b897d48b}\tls13-rollout-bug1442042@mozilla.org.xpi [2018-03-28] [Legacy]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: (HP Smart Web Printing) - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2016-03-02] [Legacy] [not signed]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found
FF HKU\S-1-5-21-720473701-4286339666-290851041-1002\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_29_0_0_113.dll [2018-03-13] ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_29_0_0_113.dll [2018-03-13] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-13] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-02-12] (Adobe Systems Inc.)

Chrome:
=======
CHR HKU\S-1-5-21-720473701-4286339666-290851041-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [277120 2012-04-13] (ASUS)
S3 EasyAntiCheat; C:\windows\SysWOW64\EasyAntiCheat.exe [409128 2017-03-01] (EasyAntiCheat Ltd)
S3 GSService; C:\windows\SysWOW64\GSService.exe [444640 2014-07-28] ()
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2018-02-19] (Hi-Rez Studios) [File not signed]
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1037824 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-05-10] ()
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165144 2012-05-11] (Intel Corporation)
S3 mracsvc; C:\windows\System32\mracsvc.exe [8010968 2018-01-18] (LLC Mail.Ru)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2011-12-08] ()
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [521064 2018-01-10] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [521064 2018-01-10] (NVIDIA Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-01-12] (NVIDIA Corporation)
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [594704 2011-12-08] (Intel® Corporation)
S3 NvStreamNetworkSvc; "C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe" [X]
S2 NvStreamSvc; "C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe" [X]
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AiCharger; C:\Windows\SysWOW64\DRIVERS\AiCharger.sys [17152 2012-01-31] (ASUSTek Computer Inc.)
U5 AppMgmt; C:\windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R3 AsusVBus; C:\windows\System32\DRIVERS\AsusVBus.sys [35968 2012-07-14] (Windows (R) Win 7 DDK provider)
R3 AsusVTouch; C:\windows\System32\DRIVERS\AsusVTouch.sys [19104 2012-07-14] (ASUS)
R3 ATP; C:\windows\System32\DRIVERS\AsusTP.sys [49824 2012-07-14] (ASUS Corporation)
R3 kbfiltr; C:\windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R0 MpFilter; C:\windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R1 MpKsl21fdb3f4; C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{2F58C5C7-888A-4F83-8606-FDAF20380B64}\MpKsl21fdb3f4.sys [58120 2018-03-28] (Microsoft Corporation)
S3 mracdrv; C:\windows\System32\drivers\mracdrv.sys [7238880 2018-01-18] (LLC Mail.Ru)
S3 NisDrv; C:\windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [32104 2018-01-10] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\windows\System32\drivers\nvvad64v.sys [59240 2017-12-15] (NVIDIA Corporation)
R3 nvvhci; C:\windows\System32\DRIVERS\nvvhci.sys [59752 2018-01-10] (NVIDIA Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-03-28 14:15 - 2018-03-28 14:15 - 000020613 _____ C:\Users\Alternativa\Desktop\FRST.txt
2018-03-28 14:14 - 2018-03-28 14:15 - 000000000 ____D C:\FRST
2018-03-28 14:12 - 2018-03-28 14:12 - 000112640 _____ (forum.viry.cz) C:\Users\Alternativa\Desktop\FRSTLauncher.exe
2018-03-28 14:07 - 2018-03-28 14:07 - 002403328 _____ (Farbar) C:\Users\Alternativa\Desktop\FRST64.exe
2018-03-26 11:47 - 2018-03-26 12:15 - 000000451 _____ C:\Users\Alternativa\Desktop\bardon-chyby.txt
2018-03-22 13:44 - 2018-03-22 13:44 - 000000000 ____D C:\Users\Alternativa\AppData\Roaming\The Creative Assembly
2018-03-22 12:43 - 2018-03-22 12:43 - 000000000 ____D C:\ProgramData\Wargaming.net
2018-03-17 14:10 - 2018-03-17 14:10 - 000478078 _____ C:\Users\Alternativa\Documents\RD_Ilcik_dispozice.pdf
2018-03-13 18:36 - 2018-03-13 18:36 - 000004534 _____ C:\windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-03-08 11:24 - 2018-03-08 11:24 - 000003814 _____ C:\windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-03-08 11:24 - 2018-03-08 11:24 - 000003798 _____ C:\windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-03-08 11:23 - 2018-03-08 11:23 - 000004146 _____ C:\windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-03-08 11:22 - 2018-03-08 11:22 - 000003738 _____ C:\windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-03-08 11:22 - 2018-03-08 11:22 - 000003738 _____ C:\windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-03-08 11:22 - 2018-03-08 11:22 - 000003730 _____ C:\windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-03-08 11:22 - 2018-03-08 11:22 - 000003554 _____ C:\windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-03-08 11:22 - 2018-03-08 11:22 - 000003494 _____ C:\windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-03-08 11:22 - 2018-01-10 16:05 - 000059752 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvvhci.sys
2018-03-08 11:22 - 2018-01-10 11:41 - 000001951 _____ C:\windows\NvTelemetryContainerRecovery.bat
2018-03-08 11:22 - 2017-12-15 04:03 - 000059240 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvvad64v.sys
2018-03-08 11:22 - 2017-12-13 21:25 - 000001951 _____ C:\windows\NvContainerRecovery.bat
2018-03-06 22:30 - 2018-03-06 22:30 - 000000000 ____D C:\Users\Alternativa\ansel
2018-03-05 21:18 - 2018-03-07 23:51 - 000000000 ____D C:\ProgramData\ASUS
2018-03-05 21:18 - 2018-03-05 21:18 - 000000000 ____D C:\Users\Alternativa\Documents\ASUS

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-03-28 13:07 - 2016-11-16 17:16 - 000000000 ____D C:\Users\Alternativa\AppData\LocalLow\Mozilla
2018-03-28 12:48 - 2009-07-14 06:45 - 000018512 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-03-28 12:48 - 2009-07-14 06:45 - 000018512 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-03-28 12:40 - 2016-10-07 18:12 - 000000000 ____D C:\Program Files (x86)\Steam
2018-03-28 12:40 - 2009-07-14 04:34 - 000000545 _____ C:\windows\win.ini
2018-03-28 12:39 - 2015-06-27 14:31 - 000000000 ____D C:\ProgramData\NVIDIA
2018-03-28 12:39 - 2015-03-06 22:28 - 000000380 _____ C:\Users\Alternativa\AppData\Roaming\sp_data.sys
2018-03-28 09:51 - 2011-02-19 07:36 - 000668792 _____ C:\windows\system32\perfh005.dat
2018-03-28 09:51 - 2011-02-19 07:36 - 000141420 _____ C:\windows\system32\perfc005.dat
2018-03-28 09:51 - 2009-07-14 07:13 - 001583226 _____ C:\windows\system32\PerfStringBackup.INI
2018-03-28 09:51 - 2009-07-14 05:20 - 000000000 ____D C:\windows\inf
2018-03-28 09:46 - 2016-10-07 21:31 - 000000000 ____D C:\Program Files (x86)\Hi-Rez Studios
2018-03-28 09:45 - 2009-07-14 07:08 - 000000006 ____H C:\windows\Tasks\SA.DAT
2018-03-26 23:18 - 2016-11-16 16:58 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-03-26 23:18 - 2015-01-14 15:58 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-03-26 23:16 - 2017-09-03 16:50 - 000000000 ____D C:\AdwCleaner
2018-03-25 22:01 - 2015-06-06 19:38 - 000000000 ____D C:\Users\Alternativa\AppData\Local\NVIDIA
2018-03-25 21:59 - 2015-03-06 22:28 - 000000000 ____D C:\Users\Alternativa
2018-03-25 21:14 - 2016-12-10 17:05 - 000007597 _____ C:\Users\Alternativa\AppData\Local\resmon.resmoncfg
2018-03-25 20:58 - 2016-05-28 12:02 - 000000000 ____D C:\windows\SysWOW64\NV
2018-03-25 20:58 - 2016-05-28 12:02 - 000000000 ____D C:\windows\system32\NV
2018-03-25 20:58 - 2015-01-07 20:57 - 000000000 ___HD C:\windows\system32\WLANProfiles
2018-03-25 20:58 - 2015-01-07 13:02 - 000000000 ____D C:\Users\PC
2018-03-25 20:57 - 2015-06-06 19:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2018-03-25 20:57 - 2015-01-07 21:01 - 000000000 ____D C:\ProgramData\P4G
2018-03-25 20:57 - 2015-01-07 20:49 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-03-25 20:57 - 2015-01-07 20:49 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-03-25 20:57 - 2009-07-14 05:20 - 000000000 ____D C:\windows\Help
2018-03-25 20:57 - 2009-07-14 05:20 - 000000000 ____D C:\windows\AppCompat
2018-03-25 20:55 - 2009-07-14 05:20 - 000000000 ____D C:\windows\registration
2018-03-25 20:53 - 2015-01-07 20:49 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-03-25 20:33 - 2017-10-13 20:05 - 000000000 ____D C:\Users\Alternativa\AppData\Local\CrashDumps
2018-03-23 12:32 - 2016-11-19 19:08 - 000000000 ____D C:\Users\Alternativa\Documents\Elder Scrolls Online
2018-03-23 10:58 - 2016-03-02 16:50 - 000000000 ____D C:\Users\Alternativa\Documents\Moje naskenované obrázky
2018-03-22 13:44 - 2017-08-01 20:48 - 000000000 ____D C:\Users\Alternativa\AppData\Roaming\EasyAntiCheat
2018-03-22 12:46 - 2015-06-06 19:21 - 000000000 ____D C:\ProgramData\boost_interprocess
2018-03-22 12:45 - 2015-11-16 18:20 - 000000000 ____D C:\Games
2018-03-21 12:05 - 2017-12-09 23:19 - 000044984 _____ C:\Users\Alternativa\Desktop\epd.xlsx
2018-03-20 16:12 - 2016-11-26 12:22 - 000000000 ____D C:\Users\PC\AppData\LocalLow\Mozilla
2018-03-19 17:40 - 2015-01-07 13:02 - 000000380 _____ C:\Users\PC\AppData\Roaming\sp_data.sys
2018-03-16 15:29 - 2009-07-14 05:20 - 000000000 ____D C:\windows\system32\NDF
2018-03-15 22:20 - 2016-04-12 22:55 - 000000000 ____D C:\Users\Alternativa\Desktop\Favi
2018-03-13 19:28 - 2015-03-07 11:34 - 000004087 _____ C:\Users\Alternativa\Desktop\citaty.txt
2018-03-13 18:36 - 2013-02-23 09:37 - 000804352 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2018-03-13 18:36 - 2013-02-23 09:37 - 000144896 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-03-13 18:36 - 2013-02-23 09:37 - 000004312 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2018-03-13 18:36 - 2013-02-23 09:37 - 000000000 ____D C:\windows\SysWOW64\Macromed
2018-03-13 18:36 - 2013-02-23 09:37 - 000000000 ____D C:\windows\system32\Macromed
2018-03-10 06:30 - 2015-06-11 10:00 - 000000000 ____D C:\Users\PC\AppData\Local\NVIDIA Corporation
2018-03-08 19:22 - 2013-02-23 09:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2018-03-08 19:22 - 2013-02-23 09:45 - 000000000 ____D C:\Program Files (x86)\ASUS
2018-03-08 18:16 - 2015-01-07 21:01 - 000002075 _____ C:\windows\system32\ServiceFilter.ini
2018-03-08 00:04 - 2015-01-14 18:13 - 000000000 ____D C:\Program Files\Elantech
2018-03-08 00:02 - 2016-11-19 18:30 - 000000000 ____D C:\windows\jre
2018-03-08 00:01 - 2016-11-19 18:30 - 000000000 ____D C:\Users\Alternativa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Elder Scrolls Online
2018-03-08 00:01 - 2015-05-09 22:28 - 000000000 ____D C:\Users\Alternativa\AppData\Local\Activision
2018-03-08 00:00 - 2015-01-07 20:45 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2018-03-08 00:00 - 2015-01-07 12:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite
2018-03-08 00:00 - 2015-01-07 12:15 - 000000000 ____D C:\Program Files (x86)\CyberLink
2018-03-08 00:00 - 2009-07-14 07:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2018-03-07 23:51 - 2015-03-06 22:28 - 000000000 ____D C:\Users\Alternativa\AppData\Local\ASUS
2018-03-07 23:50 - 2016-05-28 12:02 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2018-03-07 23:19 - 2015-01-07 12:15 - 000000000 ____D C:\ProgramData\Temp
2018-03-07 22:17 - 2015-06-06 19:38 - 000000000 ____D C:\Users\Alternativa\AppData\Local\NVIDIA Corporation
2018-03-07 11:30 - 2017-09-20 21:07 - 000000000 ____D C:\Users\Alternativa\AppData\Roaming\MPC-HC
2018-03-06 22:47 - 2017-09-03 12:14 - 000000000 ____D C:\Users\Alternativa\AppData\Local\Google
2018-03-06 22:45 - 2017-09-03 12:14 - 000000000 ____D C:\Program Files (x86)\Google
2018-03-06 18:51 - 2015-12-20 19:01 - 000000000 ____D C:\Users\Alternativa\AppData\Roaming\NVIDIA
2018-02-27 09:43 - 2015-06-23 09:43 - 000004476 _____ C:\windows\System32\Tasks\Adobe Acrobat Update Task

==================== Files in the root of some directories =======

2009-07-29 07:21 - 2009-07-28 20:31 - 000000223 _____ () C:\ProgramData\setwallpaper.cmd
2017-03-19 02:28 - 2017-09-03 08:50 - 000000097 _____ () C:\Users\Alternativa\AppData\Roaming\LauncherSettings_live.cfg
2015-03-06 22:28 - 2018-03-28 12:39 - 000000380 _____ () C:\Users\Alternativa\AppData\Roaming\sp_data.sys
2017-03-19 02:43 - 2017-08-06 08:35 - 000000042 _____ () C:\Users\Alternativa\AppData\Roaming\TheHunterSettings_steam_live.cfg
2016-12-10 17:05 - 2018-03-25 21:14 - 000007597 _____ () C:\Users\Alternativa\AppData\Local\resmon.resmoncfg

Some files in TEMP:
====================
2004-11-18 23:25 - 2004-11-18 23:25 - 000684032 _____ (Electronic Arts Inc.) C:\Users\Alternativa\AppData\Local\Temp\AutoRun.exe
2018-01-20 16:45 - 2004-11-14 17:08 - 000929792 _____ (Electronic Arts Inc.) C:\Users\Alternativa\AppData\Local\Temp\AutoRunGUI.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\SysWOW64\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-03-20 12:45

==================== End of FRST.txt ============================



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: (OS) (Fixed) (Total:300 GB) (Free:38.18 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (DATA) (Fixed) (Total:373.54 GB) (Free:91.31 GB) NTFS
\\?\Volume{1d57df01-969c-11e4-810e-806e6f6e6963}\ (System) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

Available physical RAM: 2809.62 MB
Total physical RAM: 6029.48 MB
Percentage of memory in use: 53%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7/8/10) (Size: 698.6 GB) (Disk ID: 74963475)
Partition 1: (Not Active) - (Size=25 GB) - (Type=1C)
Partition 2: (Active) - (Size=100 MB) - (Type=27)
Partition 3: (Not Active) - (Size=300 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=373.5 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Microsoft Security Essentials (Disabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Disabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Alternativa\Desktop" je 97161 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ACMON
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update
C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDVCPL
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk
C:\PROGRA~2\HP\DIGITA~1\bin\hpqtra08.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Alternativa^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^GTProtector.asi.upk
C:\Users\Alternativa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GTProtector.asi.upk [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Alternativa^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^GTProtector.dll.upk
C:\Users\Alternativa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GTProtector.dll.upk [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Alternativa^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^reload.vbs
C:\Users\Alternativa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\reload.vbs [x]


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

[Rudy]

Zdravím!
Oprava chyby RPCRT4: http://www.dllkit.com/cs/dll/rpcrt4_dll ... gLHqPD_BwE .

[il.mateji]

Urobil som scan, a ako ma to vydesilo, tak i pobavilo.

dllkit-28.3.2018.jpg (104.02 KiB) Zobrazeno 2402 x

Ale s opravou to asi musí počkať, chce to po mne pár stovek zaplatiť, tak po výplate.

[Rudy]

Systém se dá vyčistit i zadarmo. Myslel jsem, že vám jde o opravu té knihovny. Pokud chcete PC vyčistit, spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

Pak to ještě dočistíme ručně pomocí FRST.

[il.mateji]

Knihovnu opraviť potrebujem, ale zdá sa, že som buď ten program nepochopil použiť (spustil som to a pokračoval podľa sprievodcu na scan a repair už chcel zapatiť), alebo tú opravu ten program ponúka (len) po zaplatení spolu s vyčistením oných cca 37 tisíc súborov.

Prikladám log z adw

# AdwCleaner 7.0.8.0 - Logfile created on Wed Mar 28 17:26:50 2018
# Updated on 2018/08/02 by Malwarebytes
# Running on Windows 7 Home Premium (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

Deleted: C:\Program Files (x86)\DllKitPRO
Deleted: C:\Users\Alternativa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dll Kit Pro


***** [ Files ] *****

No malicious files deleted.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

Deleted: [Key] - HKLM\SOFTWARE\DllKitPRO
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DllKit Pro 2018


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[C0].txt - [1462 B] - [2017/9/3 14:54:51]
C:/AdwCleaner/AdwCleaner[C1].txt - [1368 B] - [2017/9/19 8:23:48]
C:/AdwCleaner/AdwCleaner[C2].txt - [1706 B] - [2018/3/26 21:16:56]
C:/AdwCleaner/AdwCleaner[S0].txt - [1257 B] - [2017/9/3 14:52:51]
C:/AdwCleaner/AdwCleaner[S1].txt - [1324 B] - [2017/9/3 14:54:21]
C:/AdwCleaner/AdwCleaner[S2].txt - [1196 B] - [2017/9/19 8:23:16]
C:/AdwCleaner/AdwCleaner[S3].txt - [1287 B] - [2017/9/23 9:57:57]
C:/AdwCleaner/AdwCleaner[S4].txt - [1354 B] - [2017/10/1 0:14:18]
C:/AdwCleaner/AdwCleaner[S5].txt - [1421 B] - [2017/11/24 21:11:12]
C:/AdwCleaner/AdwCleaner[S6].txt - [1533 B] - [2018/3/26 21:15:46]
C:/AdwCleaner/AdwCleaner[S7].txt - [1896 B] - [2018/3/28 17:25:58]


########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt ##########

[Rudy]

Teď dejte nový log FRST.

[il.mateji]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14.03.2018
Ran by Alternativa (administrator) on PC-PC (28-03-2018 22:06:33)
Running from C:\Users\Alternativa\Desktop\viry.cz
Loaded Profiles: Alternativa (Available Profiles: PC & Alternativa)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 9 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
(ASUS) C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
() C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2661672 2015-01-14] (ELAN Microelectronics Corp.)
HKLM\...\Run: [ShadowPlay] => "C:\windows\system32\rundll32.exe" C:\windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [ASUS TP Center (x64)] => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe [235488 2012-07-14] (AsusTek)
HKLM\...\Run: [ASUS Quick Gesture (x86)] => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe [17376 2012-07-14] (ASUSTeK Computer Inc.)
HKLM\...\Run: [ASUS Quick Gesture (x64)] => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe [19424 2012-07-14] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2319536 2011-10-19] (ASUS)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-07] (Intel Corporation)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [408888 2014-10-08] (Power Software Ltd)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [322208 2012-06-26] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [174752 2012-06-19] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe [3576784 2012-12-19] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2013-02-23] (ASUSTek Computer Inc.)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-720473701-4286339666-290851041-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3198752 2018-03-27] (Valve Corporation)
HKU\S-1-5-21-720473701-4286339666-290851041-1002\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [718208 2010-03-16] (Microsoft Corporation)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [177952 2016-05-20] (NVIDIA Corporation)
AppInit_DLLs: ,C:\windows\system32\nvinitx.dll => C:\windows\system32\nvinitx.dll [177952 2016-05-20] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [155768 2016-05-20] (NVIDIA Corporation)
AppInit_DLLs-x32: ,C:\windows\SysWOW64\nvinit.dll => C:\windows\SysWOW64\nvinit.dll [155768 2016-05-20] (NVIDIA Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.255.255.10 10.255.255.20
Tcpip\..\Interfaces\{1C2FA7DC-D0A1-419A-89B8-A04D279CF579}: [DhcpNameServer] 10.255.255.10 10.255.255.20
Tcpip\..\Interfaces\{580F81EA-D1D4-42B1-A5E4-DB4FB76F1B37}: [DhcpNameServer] 10.255.255.10 10.255.255.20

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-720473701-4286339666-290851041-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-720473701-4286339666-290851041-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus13.msn.com
SearchScopes: HKU\S-1-5-21-720473701-4286339666-290851041-1002 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO: ASUS Browser Extension x64 -> {78234974-0C4B-4111-BDEB-D9A104418772} -> C:\Program Files (x86)\ASUS\ASUS Smart Gesture\install\x64\BrowserExtension64.dll [2012-07-14] (ASUSTeK Computer Inc.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-18] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20] (Hewlett-Packard Co.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO-x32: ASUS Browser Extension x86 -> {78234974-0C4B-4111-BDEB-D9A104418771} -> C:\Program Files (x86)\ASUS\ASUS Smart Gesture\install\x86\BrowserExtension.dll [2012-07-14] (ASUSTeK Computer Inc.)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-18] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20] (Hewlett-Packard Co.)

FireFox:
========
FF DefaultProfile: l0i5civt.default-1452523124673-1515193756700
FF ProfilePath: C:\Users\Alternativa\AppData\Roaming\Mozilla\Firefox\Profiles\l0i5civt.default-1452523124673-1515193756700 [2018-03-28]
FF Extension: (TLS 1.3 gradual roll-out) - C:\Users\Alternativa\AppData\Roaming\Mozilla\Firefox\Profiles\l0i5civt.default-1452523124673-1515193756700\features\{a49d678c-d9e0-4e0b-b409-4d58b897d48b}\tls13-rollout-bug1442042@mozilla.org.xpi [2018-03-28] [Legacy]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: (HP Smart Web Printing) - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2016-03-02] [Legacy] [not signed]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found
FF HKU\S-1-5-21-720473701-4286339666-290851041-1002\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_29_0_0_113.dll [2018-03-13] ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_29_0_0_113.dll [2018-03-13] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-13] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-02-12] (Adobe Systems Inc.)

Chrome:
=======
CHR HKU\S-1-5-21-720473701-4286339666-290851041-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [277120 2012-04-13] (ASUS)
S3 EasyAntiCheat; C:\windows\SysWOW64\EasyAntiCheat.exe [409128 2017-03-01] (EasyAntiCheat Ltd)
S3 GSService; C:\windows\SysWOW64\GSService.exe [444640 2014-07-28] ()
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2018-02-19] (Hi-Rez Studios) [File not signed]
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1037824 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-05-10] ()
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165144 2012-05-11] (Intel Corporation)
S3 mracsvc; C:\windows\System32\mracsvc.exe [8010968 2018-01-18] (LLC Mail.Ru)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2011-12-08] ()
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [521064 2018-01-10] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [521064 2018-01-10] (NVIDIA Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-01-12] (NVIDIA Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [594704 2011-12-08] (Intel® Corporation)
S3 NvStreamNetworkSvc; "C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe" [X]
S2 NvStreamSvc; "C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe" [X]
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AiCharger; C:\Windows\SysWOW64\DRIVERS\AiCharger.sys [17152 2012-01-31] (ASUSTek Computer Inc.)
U5 AppMgmt; C:\windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R3 AsusVBus; C:\windows\System32\DRIVERS\AsusVBus.sys [35968 2012-07-14] (Windows (R) Win 7 DDK provider)
R3 AsusVTouch; C:\windows\System32\DRIVERS\AsusVTouch.sys [19104 2012-07-14] (ASUS)
R3 ATP; C:\windows\System32\DRIVERS\AsusTP.sys [49824 2012-07-14] (ASUS Corporation)
R3 kbfiltr; C:\windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R0 MpFilter; C:\windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
S3 mracdrv; C:\windows\System32\drivers\mracdrv.sys [7238880 2018-01-18] (LLC Mail.Ru)
R2 NisDrv; C:\windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [32104 2018-01-10] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\windows\System32\drivers\nvvad64v.sys [59240 2017-12-15] (NVIDIA Corporation)
R3 nvvhci; C:\windows\System32\DRIVERS\nvvhci.sys [59752 2018-01-10] (NVIDIA Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-03-28 18:09 - 2018-03-28 18:44 - 000000000 ____D C:\Users\Alternativa\AppData\Local\{003ACA6A-C058-424D-B955-A82DE5375C64}
2018-03-28 16:50 - 2018-03-28 16:50 - 000245821 _____ C:\Users\Alternativa\Documents\DAP_2017.XLSX
2018-03-28 15:08 - 2018-03-28 22:06 - 000000000 ____D C:\Users\Alternativa\Desktop\viry.cz
2018-03-28 14:14 - 2018-03-28 22:06 - 000000000 ____D C:\FRST
2018-03-26 11:47 - 2018-03-26 12:15 - 000000451 _____ C:\Users\Alternativa\Desktop\bardon-chyby.txt
2018-03-22 13:44 - 2018-03-22 13:44 - 000000000 ____D C:\Users\Alternativa\AppData\Roaming\The Creative Assembly
2018-03-22 12:43 - 2018-03-22 12:43 - 000000000 ____D C:\ProgramData\Wargaming.net
2018-03-17 14:10 - 2018-03-17 14:10 - 000478078 _____ C:\Users\Alternativa\Documents\RD_Ilcik_dispozice.pdf
2018-03-13 18:36 - 2018-03-13 18:36 - 000004534 _____ C:\windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-03-08 11:24 - 2018-03-08 11:24 - 000003814 _____ C:\windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-03-08 11:24 - 2018-03-08 11:24 - 000003798 _____ C:\windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-03-08 11:23 - 2018-03-08 11:23 - 000004146 _____ C:\windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-03-08 11:22 - 2018-03-08 11:22 - 000003738 _____ C:\windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-03-08 11:22 - 2018-03-08 11:22 - 000003738 _____ C:\windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-03-08 11:22 - 2018-03-08 11:22 - 000003730 _____ C:\windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-03-08 11:22 - 2018-03-08 11:22 - 000003554 _____ C:\windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-03-08 11:22 - 2018-03-08 11:22 - 000003494 _____ C:\windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-03-08 11:22 - 2018-01-10 16:05 - 000059752 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvvhci.sys
2018-03-08 11:22 - 2018-01-10 11:41 - 000001951 _____ C:\windows\NvTelemetryContainerRecovery.bat
2018-03-08 11:22 - 2017-12-15 04:03 - 000059240 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvvad64v.sys
2018-03-08 11:22 - 2017-12-13 21:25 - 000001951 _____ C:\windows\NvContainerRecovery.bat
2018-03-06 22:30 - 2018-03-06 22:30 - 000000000 ____D C:\Users\Alternativa\ansel
2018-03-05 21:18 - 2018-03-07 23:51 - 000000000 ____D C:\ProgramData\ASUS
2018-03-05 21:18 - 2018-03-05 21:18 - 000000000 ____D C:\Users\Alternativa\Documents\ASUS

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-03-28 22:05 - 2016-11-16 17:16 - 000000000 ____D C:\Users\Alternativa\AppData\LocalLow\Mozilla
2018-03-28 20:00 - 2016-10-07 18:12 - 000000000 ____D C:\Program Files (x86)\Steam
2018-03-28 19:36 - 2009-07-14 06:45 - 000018512 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-03-28 19:36 - 2009-07-14 06:45 - 000018512 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-03-28 19:29 - 2015-06-27 14:31 - 000000000 ____D C:\ProgramData\NVIDIA
2018-03-28 19:29 - 2009-07-14 04:34 - 000000545 _____ C:\windows\win.ini
2018-03-28 19:28 - 2016-10-07 21:31 - 000000000 ____D C:\Program Files (x86)\Hi-Rez Studios
2018-03-28 19:28 - 2015-03-06 22:28 - 000000380 _____ C:\Users\Alternativa\AppData\Roaming\sp_data.sys
2018-03-28 19:28 - 2009-07-14 07:08 - 000000006 ____H C:\windows\Tasks\SA.DAT
2018-03-28 19:26 - 2017-09-03 16:50 - 000000000 ____D C:\AdwCleaner
2018-03-28 14:56 - 2017-10-13 20:05 - 000000000 ____D C:\Users\Alternativa\AppData\Local\CrashDumps
2018-03-28 09:51 - 2011-02-19 07:36 - 000668792 _____ C:\windows\system32\perfh005.dat
2018-03-28 09:51 - 2011-02-19 07:36 - 000141420 _____ C:\windows\system32\perfc005.dat
2018-03-28 09:51 - 2009-07-14 07:13 - 001583226 _____ C:\windows\system32\PerfStringBackup.INI
2018-03-28 09:51 - 2009-07-14 05:20 - 000000000 ____D C:\windows\inf
2018-03-26 23:18 - 2016-11-16 16:58 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-03-26 23:18 - 2015-01-14 15:58 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-03-25 22:01 - 2015-06-06 19:38 - 000000000 ____D C:\Users\Alternativa\AppData\Local\NVIDIA
2018-03-25 21:59 - 2015-03-06 22:28 - 000000000 ____D C:\Users\Alternativa
2018-03-25 21:14 - 2016-12-10 17:05 - 000007597 _____ C:\Users\Alternativa\AppData\Local\resmon.resmoncfg
2018-03-25 20:58 - 2016-05-28 12:02 - 000000000 ____D C:\windows\SysWOW64\NV
2018-03-25 20:58 - 2016-05-28 12:02 - 000000000 ____D C:\windows\system32\NV
2018-03-25 20:58 - 2015-01-07 20:57 - 000000000 ___HD C:\windows\system32\WLANProfiles
2018-03-25 20:58 - 2015-01-07 13:02 - 000000000 ____D C:\Users\PC
2018-03-25 20:57 - 2015-06-06 19:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2018-03-25 20:57 - 2015-01-07 21:01 - 000000000 ____D C:\ProgramData\P4G
2018-03-25 20:57 - 2015-01-07 20:49 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-03-25 20:57 - 2015-01-07 20:49 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-03-25 20:57 - 2009-07-14 05:20 - 000000000 ____D C:\windows\Help
2018-03-25 20:57 - 2009-07-14 05:20 - 000000000 ____D C:\windows\AppCompat
2018-03-25 20:55 - 2009-07-14 05:20 - 000000000 ____D C:\windows\registration
2018-03-25 20:53 - 2015-01-07 20:49 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-03-23 12:32 - 2016-11-19 19:08 - 000000000 ____D C:\Users\Alternativa\Documents\Elder Scrolls Online
2018-03-23 10:58 - 2016-03-02 16:50 - 000000000 ____D C:\Users\Alternativa\Documents\Moje naskenované obrázky
2018-03-22 13:44 - 2017-08-01 20:48 - 000000000 ____D C:\Users\Alternativa\AppData\Roaming\EasyAntiCheat
2018-03-22 12:46 - 2015-06-06 19:21 - 000000000 ____D C:\ProgramData\boost_interprocess
2018-03-22 12:45 - 2015-11-16 18:20 - 000000000 ____D C:\Games
2018-03-21 12:05 - 2017-12-09 23:19 - 000044984 _____ C:\Users\Alternativa\Desktop\epd.xlsx
2018-03-20 16:12 - 2016-11-26 12:22 - 000000000 ____D C:\Users\PC\AppData\LocalLow\Mozilla
2018-03-19 17:40 - 2015-01-07 13:02 - 000000380 _____ C:\Users\PC\AppData\Roaming\sp_data.sys
2018-03-16 15:29 - 2009-07-14 05:20 - 000000000 ____D C:\windows\system32\NDF
2018-03-15 22:20 - 2016-04-12 22:55 - 000000000 ____D C:\Users\Alternativa\Desktop\Favi
2018-03-13 19:28 - 2015-03-07 11:34 - 000004087 _____ C:\Users\Alternativa\Desktop\citaty.txt
2018-03-13 18:36 - 2013-02-23 09:37 - 000804352 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2018-03-13 18:36 - 2013-02-23 09:37 - 000144896 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-03-13 18:36 - 2013-02-23 09:37 - 000004312 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2018-03-13 18:36 - 2013-02-23 09:37 - 000000000 ____D C:\windows\SysWOW64\Macromed
2018-03-13 18:36 - 2013-02-23 09:37 - 000000000 ____D C:\windows\system32\Macromed
2018-03-10 06:30 - 2015-06-11 10:00 - 000000000 ____D C:\Users\PC\AppData\Local\NVIDIA Corporation
2018-03-08 19:22 - 2013-02-23 09:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2018-03-08 19:22 - 2013-02-23 09:45 - 000000000 ____D C:\Program Files (x86)\ASUS
2018-03-08 18:16 - 2015-01-07 21:01 - 000002075 _____ C:\windows\system32\ServiceFilter.ini
2018-03-08 00:04 - 2015-01-14 18:13 - 000000000 ____D C:\Program Files\Elantech
2018-03-08 00:02 - 2016-11-19 18:30 - 000000000 ____D C:\windows\jre
2018-03-08 00:01 - 2016-11-19 18:30 - 000000000 ____D C:\Users\Alternativa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Elder Scrolls Online
2018-03-08 00:01 - 2015-05-09 22:28 - 000000000 ____D C:\Users\Alternativa\AppData\Local\Activision
2018-03-08 00:00 - 2015-01-07 20:45 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2018-03-08 00:00 - 2015-01-07 12:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite
2018-03-08 00:00 - 2015-01-07 12:15 - 000000000 ____D C:\Program Files (x86)\CyberLink
2018-03-08 00:00 - 2009-07-14 07:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2018-03-07 23:51 - 2015-03-06 22:28 - 000000000 ____D C:\Users\Alternativa\AppData\Local\ASUS
2018-03-07 23:50 - 2016-05-28 12:02 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2018-03-07 23:19 - 2015-01-07 12:15 - 000000000 ____D C:\ProgramData\Temp
2018-03-07 22:17 - 2015-06-06 19:38 - 000000000 ____D C:\Users\Alternativa\AppData\Local\NVIDIA Corporation
2018-03-07 11:30 - 2017-09-20 21:07 - 000000000 ____D C:\Users\Alternativa\AppData\Roaming\MPC-HC
2018-03-06 22:47 - 2017-09-03 12:14 - 000000000 ____D C:\Users\Alternativa\AppData\Local\Google
2018-03-06 22:45 - 2017-09-03 12:14 - 000000000 ____D C:\Program Files (x86)\Google
2018-03-06 18:51 - 2015-12-20 19:01 - 000000000 ____D C:\Users\Alternativa\AppData\Roaming\NVIDIA
2018-02-27 09:43 - 2015-06-23 09:43 - 000004476 _____ C:\windows\System32\Tasks\Adobe Acrobat Update Task

==================== Files in the root of some directories =======

2009-07-29 07:21 - 2009-07-28 20:31 - 000000223 _____ () C:\ProgramData\setwallpaper.cmd
2017-03-19 02:28 - 2017-09-03 08:50 - 000000097 _____ () C:\Users\Alternativa\AppData\Roaming\LauncherSettings_live.cfg
2015-03-06 22:28 - 2018-03-28 19:28 - 000000380 _____ () C:\Users\Alternativa\AppData\Roaming\sp_data.sys
2017-03-19 02:43 - 2017-08-06 08:35 - 000000042 _____ () C:\Users\Alternativa\AppData\Roaming\TheHunterSettings_steam_live.cfg
2016-12-10 17:05 - 2018-03-25 21:14 - 000007597 _____ () C:\Users\Alternativa\AppData\Local\resmon.resmoncfg

Some files in TEMP:
====================
2004-11-18 23:25 - 2004-11-18 23:25 - 000684032 _____ (Electronic Arts Inc.) C:\Users\Alternativa\AppData\Local\Temp\AutoRun.exe
2018-01-20 16:45 - 2004-11-14 17:08 - 000929792 _____ (Electronic Arts Inc.) C:\Users\Alternativa\AppData\Local\Temp\AutoRunGUI.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\SysWOW64\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-03-20 12:45

==================== End of FRST.txt ============================

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found
U5 AppMgmt; C:\windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
C:\Users\Alternativa\AppData\Local\Temp
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File

EmptyTemp:
End

Uložte do C:\Users\Alternativa\Desktop\viry.cz jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[il.mateji]

Fix result of Farbar Recovery Scan Tool (x64) Version: 14.03.2018
Ran by Alternativa (29-03-2018 14:56:20) Run:2
Running from C:\Users\Alternativa\Desktop\viry.cz
Loaded Profiles: Alternativa (Available Profiles: PC & Alternativa)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found
U5 AppMgmt; C:\windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
C:\Users\Alternativa\AppData\Local\Temp
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => not found
"HKLM\Software\Wow6432Node\Mozilla\Thunderbird\Extensions\\msktbird@mcafee.com" => not found
AppMgmt => service not found.

"C:\Users\Alternativa\AppData\Local\Temp" folder move:

Could not move "C:\Users\Alternativa\AppData\Local\Temp" => Scheduled to move on reboot.

"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive1" => removed successfully
HKLM\Software\Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => not found
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive2" => removed successfully
HKLM\Software\Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => not found
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive3" => removed successfully
HKLM\Software\Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => not found

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 25138155 B
Java, Flash, Steam htmlcache => 700071471 B
Windows/system/drivers => 6892862 B
Edge => 0 B
Chrome => 0 B
Firefox => 386485736 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 83565 B
systemprofile32 => 66228 B
LocalService => 0 B
NetworkService => 3727552 B
UpdatusUser => 0 B
PC => 6855052 B
Alternativa => 711691402 B

RecycleBin => 0 B
EmptyTemp: => 1.7 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 29-03-2018 15:01:36)

C:\Users\Alternativa\AppData\Local\Temp => moved successfully

==== End of Fixlog 15:01:37 ====

[Rudy]

Smazáno, log je již OK. Knihovnu RPCRT4.dll si stáhněte odtud: http://www.dlldownloader.com/rpcrt4-dll/ , uložte a nakopírujte do windows\system32.

[il.mateji]

Stiahnuté to síce mám, ale po hodine boja s povolením správce (používam účet administratora) mi to nakopírovať (nahradiť) rpcrt4.dll v zložke widows/system32 nedovolilo. A môžem kliknúť na "Opakovat" viackrát, bez úspechu.
Nejaký nápad, kde môže byť háčik?

Edit: (postup akým som postupoval v screenu v prílohe)

[Conder]

Pardon za vstup

Vyskusaj spustit kontrolu integrity systemovych suborov:

• Otvor Start, napis "cmd" (bez uvodzoviek), klikni pravym tlacitkom mysi na vysledok "cmd" a klikni na Spustit ako spravca
• Po dokonceni skopiruj a spusti druhy prikaz:

  Kód: Vybrat vše

  sfc /scannow

• Po dokonceni obidvoch prikazov skopiruj a spusti tento prikaz:

  Kód: Vybrat vše

  findstr /c:"[SR]" %windir%\logs\cbs\cbs.log >> "%userprofile%\desktop\sfcdetails.txt"

• Na ploche sa vytvori subor sfcdetails.txt, posli ho ako prilohu k dalsiemu prispevku
• Restartuj PC

[il.mateji]

hotovo, bude to v tom logu, ale údajne to nenašlo žiadne narušenie integrity.

[Conder]

Spusti prikazovy riadok ako spravca a skopiruj a spusti tento prikaz:

• Kód: Vybrat vše

  C:\Windows\System32\regsvr32.exe C:\Windows\System32\rpcrt4.dll

Nastala nejaka zmena?