prosim o preventivku dekuji.

[Márty84]

OTM nemazalo, takze to zkuste jeste jednou, ale tentokrat v nouzovem rezimu a s timto upravenym skriptem.

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[Purity]

:services
AdobeARMservice
ijbsgx
kebzlm

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1470183385-1983330260-59864334-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1470183385-1983330260-59864334-1000UA.job

:reg
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] /64

[Davidov]

Log z OTM + Log z RSIS


All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Davidov
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 35045 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 51509176 bytes
->Flash cache emptied: 379 bytes

User: Default
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temporary Internet Files folder emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
Session Manager Temp folder emptied: 49632 bytes
Session Manager Tmp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 0 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 49,00 mb


[EMPTYFLASH]

User: All Users

User: Davidov
->Flash cache emptied: 0 bytes

User: Default

User: Default User

User: Public

Total Flash Files Cleaned = 0,00 mb

========== SERVICES/DRIVERS ==========
Service AdobeARMservice stopped successfully!
Service AdobeARMservice deleted successfully!
Service ijbsgx stopped successfully!
Service ijbsgx deleted successfully!
Service kebzlm stopped successfully!
Service kebzlm deleted successfully!
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1470183385-1983330260-59864334-1000Core.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1470183385-1983330260-59864334-1000UA.job moved successfully.
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched\ deleted successfully.

OTM by OldTimer - Version 3.1.21.0 log created on 07012012_130128

Files moved on Reboot...

Registry entries deleted on Reboot...





Logfile of random's system information tool 1.09 (written by random/random)
Run by Davidov at 2012-07-01 13:04:36
Microsoft Windows 7 Home Basic Service Pack 1
System drive C: has 9 GB (28%) free of 31 GB
Total RAM: 8189 MB (86% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:04:47, on 1.7.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16446)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
C:\Program Files\trend micro\Davidov.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.seznam.cz
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll
O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Přidat do Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ie_banner_deny.htm
O9 - Extra button: &Virtuální klávesnice - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll
O9 - Extra button: K&ontrola adres URL - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Služba Kaspersky Anti-Virus (AVP) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
O23 - Service: Defragmentation-Service (DfSdkS) - mst software GmbH, Germany - C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 2012\DfsdkS64.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PhenomMsrTweaker service (PhenomMsrTweaker) - Unknown owner - C:\Program Files\PhenomMsrTweaker\PhenomMsrTweakerService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 5990 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe" -r
"C:\Program Files\PhenomMsrTweaker\PhenomMsrTweakerService.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\userinit.exe
"C:\Windows\system32\Dwm.exe"
"taskhost.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Logitech\SetPointP\SetPoint.exe" /launchGaming
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe"
KHALMNPR.EXE /API
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Users\Davidov\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]
IEVkbdBHO Class - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\ievkbd.dll [2011-04-24 91536]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}]
FilterBHO Class - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\klwtbbho.dll [2011-04-24 292752]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-04-04 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]
IEVkbdBHO Class - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll [2011-04-24 86416]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-06-14 453104]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-06-14 157680]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}]
FilterBHO Class - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll [2011-04-24 229776]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"EvtMgr6"=C:\Program Files\Logitech\SetPointP\SetPoint.exe [2010-10-29 1680976]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GAINWARD]
c:\program files (x86)\expertool\tbpanel.exe [2011-08-02 2273608]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AVP"=C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe [2011-04-24 202296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
C:\Windows\System32\klogon.dll [2011-04-24 234896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2010-10-28 66640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"undockwithoutlogon"=1
"DisableStartupSound"=1
"DisableStatusMessages"=1
"ShutdownWithoutLogon"=1
"NoDispCPL"=0
"NoDispSettingsPage"=0
"NoDispScrSavPage"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoThumbnailCache"=1
"DisableThumbnailsOnNetworkFolders"=1
"NoDriveTypeAutoRun"=255

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"NoResolveTrack"=0
"NoViewContextMenu"=0
"NoFileAssociate"=0
"NoRun"=0
"NoClose"=0
"StartMenuLogoff"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux6"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-07-01 13:00:59 ----A---- C:\Windows\ntbtlog.txt
2012-07-01 12:46:39 ----D---- C:\rsit
2012-07-01 12:27:47 ----D---- C:\_OTM
2012-07-01 10:30:59 ----D---- C:\Program Files\trend micro
2012-07-01 10:10:39 ----A---- C:\Windows\system32\FNTCACHE.DAT
2012-06-30 20:07:20 ----A---- C:\Windows\system32\drivers\revoflt.sys
2012-06-30 20:07:19 ----D---- C:\Program Files\VS Revo Group
2012-06-30 19:58:06 ----A---- C:\Windows\system32\DfSdkBt.exe
2012-06-30 19:58:02 ----D---- C:\Program Files (x86)\Ashampoo
2012-06-24 15:03:54 ----D---- C:\Program Files (x86)\MSECACHE
2012-06-21 11:58:13 ----A---- C:\Windows\system32\wups2.dll
2012-06-21 11:58:13 ----A---- C:\Windows\system32\wucltux.dll
2012-06-21 11:58:13 ----A---- C:\Windows\system32\wuauclt.exe
2012-06-21 11:58:12 ----A---- C:\Windows\system32\wuaueng.dll
2012-06-21 11:58:10 ----A---- C:\Windows\system32\wups.dll
2012-06-21 11:58:10 ----A---- C:\Windows\system32\wudriver.dll
2012-06-21 11:58:10 ----A---- C:\Windows\system32\wuapi.dll
2012-06-21 11:58:04 ----A---- C:\Windows\system32\wuwebv.dll
2012-06-21 11:58:04 ----A---- C:\Windows\system32\wuapp.exe
2012-06-20 14:54:03 ----D---- C:\Users\Davidov\AppData\Roaming\Wise Disk Cleaner
2012-06-19 19:41:46 ----D---- C:\Program Files (x86)\GamePark
2012-06-15 20:38:35 ----D---- C:\Users\Davidov\AppData\Roaming\Mozilla
2012-06-15 18:59:00 ----D---- C:\Program Files (x86)\Adobe
2012-06-15 18:58:51 ----D---- C:\ProgramData\Adobe
2012-06-15 18:53:09 ----D---- C:\Users\Davidov\AppData\Roaming\WinRAR
2012-06-15 18:06:38 ----D---- C:\Users\Davidov\AppData\Roaming\Macromedia
2012-06-15 18:06:38 ----D---- C:\Users\Davidov\AppData\Roaming\Adobe
2012-06-15 15:43:43 ----D---- C:\Users\Davidov\AppData\Roaming\Malwarebytes
2012-06-15 15:43:38 ----D---- C:\ProgramData\Malwarebytes
2012-06-15 15:43:36 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-06-15 15:43:36 ----A---- C:\Windows\system32\drivers\mbam.sys
2012-06-15 15:28:20 ----A---- C:\Windows\system32\drivers\SIVX64.sys
2012-06-14 15:56:20 ----D---- C:\ProgramData\Sun
2012-06-14 15:55:43 ----A---- C:\Windows\SYSWOW64\javaws.exe
2012-06-14 15:55:36 ----A---- C:\Windows\SYSWOW64\javaw.exe
2012-06-14 15:55:36 ----A---- C:\Windows\SYSWOW64\java.exe
2012-06-14 15:55:23 ----D---- C:\Program Files (x86)\Java
2012-06-14 15:51:21 ----D---- C:\Users\Davidov\AppData\Roaming\vlc
2012-06-12 19:42:20 ----A---- C:\Windows\system32\rdrmemptylst.exe
2012-06-12 19:42:20 ----A---- C:\Windows\system32\rdpwsx.dll
2012-06-12 19:42:20 ----A---- C:\Windows\system32\rdpcorekmts.dll
2012-06-12 19:41:51 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2012-06-12 19:41:51 ----A---- C:\Windows\system32\qdvd.dll
2012-06-12 19:41:29 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2012-06-12 19:41:02 ----A---- C:\Windows\system32\win32k.sys
2012-06-12 19:37:08 ----A---- C:\Windows\system32\profsvc.dll
2012-06-12 19:36:50 ----A---- C:\Windows\SYSWOW64\msi.dll
2012-06-12 19:36:50 ----A---- C:\Windows\system32\msi.dll
2012-06-12 19:36:21 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2012-06-12 19:36:21 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2012-06-12 19:36:21 ----A---- C:\Windows\system32\ntoskrnl.exe
2012-06-12 19:35:38 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2012-06-12 19:35:38 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2012-06-12 19:35:38 ----A---- C:\Windows\SYSWOW64\ieui.dll
2012-06-12 19:35:38 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2012-06-12 19:35:38 ----A---- C:\Windows\system32\mshtmled.dll
2012-06-12 19:35:38 ----A---- C:\Windows\system32\mshtml.dll
2012-06-12 19:35:38 ----A---- C:\Windows\system32\ieui.dll
2012-06-12 19:35:38 ----A---- C:\Windows\system32\ieframe.dll
2012-06-12 19:35:37 ----A---- C:\Windows\SYSWOW64\wininet.dll
2012-06-12 19:35:37 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2012-06-12 19:35:37 ----A---- C:\Windows\SYSWOW64\url.dll
2012-06-12 19:35:37 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2012-06-12 19:35:37 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2012-06-12 19:35:37 ----A---- C:\Windows\SYSWOW64\jscript.dll
2012-06-12 19:35:37 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2012-06-12 19:35:37 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2012-06-12 19:35:37 ----A---- C:\Windows\system32\wininet.dll
2012-06-12 19:35:37 ----A---- C:\Windows\system32\urlmon.dll
2012-06-12 19:35:37 ----A---- C:\Windows\system32\url.dll
2012-06-12 19:35:37 ----A---- C:\Windows\system32\jsproxy.dll
2012-06-12 19:35:37 ----A---- C:\Windows\system32\jscript9.dll
2012-06-12 19:35:37 ----A---- C:\Windows\system32\jscript.dll
2012-06-12 19:35:37 ----A---- C:\Windows\system32\ieUnatt.exe
2012-06-12 19:35:37 ----A---- C:\Windows\system32\iertutil.dll
2012-06-12 19:34:40 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2012-06-12 19:34:40 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2012-06-12 19:34:40 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2012-06-12 19:34:40 ----A---- C:\Windows\system32\cryptsvc.dll
2012-06-12 19:34:40 ----A---- C:\Windows\system32\cryptnet.dll
2012-06-12 19:34:40 ----A---- C:\Windows\system32\crypt32.dll
2012-06-10 17:17:18 ----ASH---- C:\pagefile.sys
2012-06-06 19:38:57 ----A---- C:\Windows\gdrv.sys
2012-06-02 18:41:21 ----D---- C:\Users\Davidov\AppData\Roaming\NVIDIA
2012-06-02 14:42:51 ----D---- C:\ProgramData\Activision

======List of files/folders modified in the last 1 month======

2012-07-01 13:04:43 ----D---- C:\temp
2012-07-01 13:04:32 ----D---- C:\ProgramData\Kaspersky Lab
2012-07-01 13:01:35 ----D---- C:\Windows\Tasks
2012-07-01 13:00:59 ----D---- C:\Windows
2012-07-01 12:49:58 ----D---- C:\Users\Davidov\AppData\Roaming\HLSW
2012-07-01 12:46:42 ----D---- C:\Windows\system32\config
2012-07-01 12:39:42 ----D---- C:\Windows\System32
2012-07-01 12:39:42 ----D---- C:\Windows\inf
2012-07-01 12:39:42 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-07-01 12:10:56 ----D---- C:\Windows\SysWOW64
2012-07-01 12:10:52 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2012-07-01 11:16:29 ----D---- C:\Users\Davidov\AppData\Roaming\TS3Client
2012-07-01 10:30:59 ----RD---- C:\Program Files
2012-07-01 10:10:42 ----D---- C:\Windows\debug
2012-07-01 10:10:10 ----D---- C:\Windows\SoftwareDistribution
2012-07-01 10:09:48 ----D---- C:\Windows\system32\LogFiles
2012-07-01 10:09:25 ----D---- C:\Users\Davidov\AppData\Roaming\DAEMON Tools Lite
2012-07-01 10:09:18 ----D---- C:\Windows\system32\catroot2
2012-07-01 10:07:44 ----D---- C:\Windows\system32\drivers
2012-07-01 08:40:57 ----D---- C:\Windows\system32\Tasks
2012-06-30 20:56:21 ----SD---- C:\Users\Davidov\AppData\Roaming\Microsoft
2012-06-30 20:56:21 ----SD---- C:\ProgramData\Microsoft
2012-06-30 20:20:18 ----HD---- C:\ProgramData
2012-06-30 20:19:05 ----RD---- C:\Program Files (x86)
2012-06-24 15:08:46 ----SHD---- C:\Windows\Installer
2012-06-23 10:00:39 ----D---- C:\Program Files\TeamSpeak 3 Client
2012-06-23 09:18:58 ----D---- C:\Program Files\SUPERAntiSpyware
2012-06-22 21:09:41 ----D---- C:\Windows\rescache
2012-06-21 16:58:16 ----D---- C:\Windows\winsxs
2012-06-21 16:58:12 ----D---- C:\Windows\system32\cs-CZ
2012-06-21 11:58:15 ----D---- C:\Windows\system32\catroot
2012-06-20 14:55:39 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
2012-06-20 14:42:04 ----D---- C:\Windows\SYSWOW64\Macromed
2012-06-20 14:41:34 ----D---- C:\Windows\Temp
2012-06-20 14:41:33 ----RSD---- C:\Windows\assembly
2012-06-15 20:16:53 ----D---- C:\Windows\Logs
2012-06-15 20:04:24 ----D---- C:\Windows\Panther
2012-06-15 18:59:00 ----D---- C:\Program Files (x86)\Common Files
2012-06-14 15:08:06 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2012-06-14 14:54:56 ----D---- C:\Windows\pss
2012-06-14 14:52:46 ----D---- C:\Windows\SYSWOW64\LogFiles
2012-06-14 14:15:35 ----D---- C:\Windows\Microsoft.NET
2012-06-14 09:47:22 ----D---- C:\Program Files (x86)\FreeTime
2012-06-14 09:26:30 ----A---- C:\Windows\system32\npdeployJava1.dll
2012-06-14 09:26:30 ----A---- C:\Windows\system32\deployJava1.dll
2012-06-14 09:09:59 ----A---- C:\Windows\system32\MRT.exe
2012-06-12 23:19:46 ----D---- C:\Windows\SYSWOW64\migration
2012-06-12 23:19:46 ----D---- C:\Windows\SYSWOW64\cs-CZ
2012-06-12 23:19:46 ----D---- C:\Windows\system32\migration
2012-06-12 23:19:46 ----D---- C:\Program Files\Internet Explorer
2012-06-12 23:19:46 ----D---- C:\Program Files (x86)\Internet Explorer
2012-06-11 14:04:28 ----D---- C:\Windows\SYSWOW64\config
2012-06-04 20:28:46 ----D---- C:\Windows\system32\NDF

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 KL1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2011-03-04 460888]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-04-27 283200]
R1 kl2;kl2; C:\Windows\system32\DRIVERS\kl2.sys [2011-03-04 11864]
R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2012-04-03 615728]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter; C:\Windows\system32\DRIVERS\klim6.sys [2011-03-10 29488]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\Windows\system32\DRIVERS\klmouflt.sys [2009-11-02 22544]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2010-08-24 63568]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2010-08-24 57936]
R3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\Windows\System32\Drivers\LUsbFilt.Sys [2010-08-24 41040]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-03-01 187392]
R3 skfiltv;skfiltv; C:\Windows\system32\drivers\skfiltv.sys [2008-08-14 24064]
R3 WinRing0_1_2_0;WinRing0_1_2_0; \??\C:\Program Files\PhenomMsrTweaker\WinRing0x64.sys [2010-06-03 14544]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2012-06-06 25640]
S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2009-12-30 31800]
S3 TBPanel;TBPanel; C:\Windows\system32\drivers\TBPanel.sys []
S3 tizekdrv;tizekdrv; \??\C:\Users\Davidov\AppData\Roaming\TZAC\tizek64.sys [2012-04-03 241848]
S3 tizeqdrv;tizeqdrv; \??\C:\Users\Davidov\AppData\Roaming\TZAC2\tizeq64.sys [2012-05-20 153784]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AVP;Služba Kaspersky Anti-Virus; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe [2011-04-24 202296]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2012-05-15 889664]
R2 PhenomMsrTweaker;PhenomMsrTweaker service; C:\Program Files\PhenomMsrTweaker\PhenomMsrTweakerService.exe [2010-06-03 188416]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2012-05-16 76888]
S3 DfSdkS;Defragmentation-Service; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 2012\DfsdkS64.exe [2009-08-24 544768]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-04-03 1255736]
S4 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2011-08-12 140672]
S4 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2012-04-03 79360]
S4 CTAudSvcService;Creative Audio Service; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [2010-01-27 286720]
S4 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S4 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2010-10-28 357456]

-----------------EOF-----------------

[Márty84]

Smazano, log uz vypada cisty.


Vsechny tyto programy - vcetne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)
Stahnete OTC http://oldtimer.geekstogo.com/OTC.exe , ulozte a spustte.
Kliknete na napis CleanUp a pote OK - Po uklidu dojde k restartu pc.

Stahnete TFC http://oldtimer.geekstogo.com/TFC.exe , ulozte a spustte
Kliknete na START a pote OK - Po uklidu dojde k restartu pc.
Po pouziti muzete programek smazat

Stahnete Ccleaner http://www.stahuj.centrum.cz/utility_a_ ... /ccleaner/ a spustte.
Pri instalaci pozor na toolbar, jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!

Defragmentujte disk
Stahnete napriklad program Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
Pri instalaci opet pozor na toolbar
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci


No a pokud nebude nejaky problem, bude to vse.

[Davidov]

Diky a hodne spokojenych logu (a penez ty jsou taky dobry :-DDD)

[Márty84]

Nemate zac

Diky za prani Nevim, jestli budou ty logy spokojene, ale navstevnici snad ano A penize? Na co?

At se dari, mejte se