Eset - hlášení viru, nedaří se odstranit

[Márty84]

Vypnete antivir, at nebrani programu v praci.
Znovu spustte OTL jako spravce
Do spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands)

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[Purity]
[CreateRestorePoint]

:services
AdobeARMservice

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1844084910-3084760495-1923889478-1002Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1844084910-3084760495-1923889478-1002UA1cf4e89402a9648.job

:otl
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{5E10AFC8-B401-4F5E-8B8E-9571A3AD4451}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALNJS
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{5E10AFC8-B401-4F5E-8B8E-9571A3AD4451}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALNJS
IE - HKU\S-1-5-21-1844084910-3084760495-1923889478-1002\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[4 C:\WINDOWS\Inf\Intel Storage Counters\*.tmp files -> C:\WINDOWS\Inf\Intel Storage Counters\*.tmp -> ]
[2 C:\WINDOWS\Inf\Intel Storage Counters\0000\*.tmp files -> C:\WINDOWS\Inf\Intel Storage Counters\0000\*.tmp -> ]
[2 C:\WINDOWS\Inf\Intel Storage Counters\0005\*.tmp files -> C:\WINDOWS\Inf\Intel Storage Counters\0005\*.tmp -> ]
[2 C:\WINDOWS\Inf\Intel Storage Counters\0009\*.tmp files -> C:\WINDOWS\Inf\Intel Storage Counters\0009\*.tmp -> ]
[1 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
@Alternate Data Stream - 199 bytes -> C:\Users\Standard\SkyDrive.old:ms-properties
@Alternate Data Stream - 183 bytes -> C:\Users\Standard\SkyDrive:ms-properties

:reg
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sony PC Companion"=-
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"=-
"SunJavaUpdateSched"=-

Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.

[p858]

Dle instrukcí, vše ok.


All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 57472 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default.migrated

User: Public

User: Standard
->Temp folder emptied: 25313050 bytes
->Temporary Internet Files folder emptied: 5374993 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 43436314 bytes
->Flash cache emptied: 58067 bytes

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1216 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 71,00 mb


[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Default.migrated

User: Public

User: Standard
->Flash cache emptied: 0 bytes

User: UpdatusUser

Total Flash Files Cleaned = 0,00 mb

Restore point Set: OTL Restore Point
========== SERVICES/DRIVERS ==========
Service AdobeARMservice stopped successfully!
Service AdobeARMservice deleted successfully!
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1844084910-3084760495-1923889478-1002Core.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1844084910-3084760495-1923889478-1002UA1cf4e89402a9648.job moved successfully.
========== OTL ==========
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{5E10AFC8-B401-4F5E-8B8E-9571A3AD4451}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5E10AFC8-B401-4F5E-8B8E-9571A3AD4451}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{5E10AFC8-B401-4F5E-8B8E-9571A3AD4451}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5E10AFC8-B401-4F5E-8B8E-9571A3AD4451}\ not found.
Registry key HKEY_USERS\S-1-5-21-1844084910-3084760495-1923889478-1002\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAP3D8E.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAP706B.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAP8C68.tmp folder deleted successfully.
C:\WINDOWS\Inf\Intel Storage Counters\tmp153E.tmp deleted successfully.
C:\WINDOWS\Inf\Intel Storage Counters\tmp153F.tmp deleted successfully.
C:\WINDOWS\Inf\Intel Storage Counters\tmp39EE.tmp deleted successfully.
C:\WINDOWS\Inf\Intel Storage Counters\tmp39FF.tmp deleted successfully.
C:\WINDOWS\Inf\Intel Storage Counters\0000\tmp153E.tmp deleted successfully.
C:\WINDOWS\Inf\Intel Storage Counters\0000\tmp39EE.tmp deleted successfully.
C:\WINDOWS\Inf\Intel Storage Counters\0005\tmp153E.tmp deleted successfully.
C:\WINDOWS\Inf\Intel Storage Counters\0005\tmp39EE.tmp deleted successfully.
C:\WINDOWS\Inf\Intel Storage Counters\0009\tmp153E.tmp deleted successfully.
C:\WINDOWS\Inf\Intel Storage Counters\0009\tmp39EE.tmp deleted successfully.
C:\WINDOWS\Installer\MSI4B7A.tmp deleted successfully.
Unable to delete ADS C:\Users\Standard\SkyDrive.old:ms-properties .
Unable to delete ADS C:\Users\Standard\SkyDrive:ms-properties .
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Sony PC Companion deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\GrooveMonitor deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.

OTL by OldTimer - Version 3.2.69.0 log created on 04092014_105850

Files\Folders moved on Reboot...
C:\Users\Standard\AppData\Local\Microsoft\Windows\INetCache\counters.dat moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

[Márty84]

Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

T-Cleaner http://tharifas.sweb.cz/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry mohou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

Stahnete OTC http://oldtimer.geekstogo.com/OTC.exe , ulozte a spustte.
Kliknete na napis CleanUp a pote OK - Po uklidu dojde k restartu pc.

Stahnete TFC http://oldtimer.geekstogo.com/TFC.exe , ulozte a spustte
Kliknete na START a pote OK - Po uklidu dojde k restartu pc.
Po pouziti muzete programek smazat

Stahnete Ccleaner http://www.piriform.com/ccleaner/download/slim a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!

Defragmentujte disk(y)
Stahnete program Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
Pri instalaci opet pozor na toolbar
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.




Pak napiste, jak je na tom pc.

[p858]

T-Cleaner - OK
OTC - OK
TFC - OK
Ccleaner - OK
Defregmentace - běží

super, chtěl bych poděkovat.. skvělá práce, jinak notebook zdá se být OK

myslím, že můžeme

Fajn den a díky..

[Márty84]

Nemate zac!

Mejte se a treba zase nekdy