Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Aspire One D255, Acer, Intel Atom, W XP
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Aspire One D255, Acer, Intel Atom, W XP
Dobrý deň, ja by som znova potrebovala poradiť tentokrát ale s iným pc. Spomalený po defragmentacii stav nezmenený a spravila som cmd, tak pošlem vám log.
Re: Aspire One D255, Acer, Intel Atom, W XP
----------------------------------------------------------------------------
CrystalDiskInfo 5.6.2 (C) 2008-2013 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows XP Home Edition SP3 [5.1 Build 2600] (x86)
Date : 2013/08/06 14:15:45
-- Controller Map ----------------------------------------------------------
+ Intel(R) NM10 Express Chipset [ATA]
- WDC WD1600BEVT-22A23T0
-- Disk List ---------------------------------------------------------------
(1) WDC WD1600BEVT-22A23T0 : 160,0 GB [0/0/0, pd1] - wd
----------------------------------------------------------------------------
(1) WDC WD1600BEVT-22A23T0
----------------------------------------------------------------------------
Model : WDC WD1600BEVT-22A23T0
Firmware : 01.01A01
Serial Number : WD-WXM1A60H4443
Disk Size : 160,0 GB (8,4/137,4/160,0/160,0)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 312581808
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : SATA/300
Power On Hours : 1716 hours
Power On Count : 1407 count
Temparature : 41 C (105 F)
Health Status : Good
Features : S.M.A.R.T., APM, AAM, 48bit LBA, NCQ
APM Level : 0060h [ON]
AAM Level : 80FEh [OFF]
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Read Error Rate
03 154 130 _21 000000000514 Spin-Up Time
04 _82 _82 __0 000000004921 Start/Stop Count
05 200 200 140 000000000000 Reallocated Sectors Count
07 100 253 __0 000000000000 Seek Error Rate
09 _98 _98 __0 0000000006B4 Power-On Hours
0A 100 100 __0 000000000000 Spin Retry Count
0B 100 100 __0 000000000000 Recalibration Retries
0C _99 _99 __0 00000000057F Power Cycle Count
BF __1 __1 __0 000000004089 G-Sense Error Rate
C0 200 200 __0 000000000027 Power-off Retract Count
C1 137 137 __0 00000002E51B Load/Unload Cycle Count
C2 102 _91 __0 000000000029 Temperature
C4 200 200 __0 000000000000 Reallocation Event Count
C5 200 200 __0 000000000000 Current Pending Sector Count
C6 100 253 __0 000000000000 Uncorrectable Sector Count
C7 200 200 __0 000000000000 UltraDMA CRC Error Count
C8 100 253 __0 000000000000 Write Error Rate
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2057 442D 5758 4D31 4136 3048 3434 3433
020: 0000 4000 0032 3031 2E30 3141 3031 5744 4320 5744
030: 3136 3030 4245 5654 2D32 3241 3233 5430 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0000 0000 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 1F06 0000 004C 004C
080: 01FE 0000 746B 7F09 6163 7469 BC09 6163 407F 001D
090: 001D 0060 FFFE 0000 80FE 0000 0000 0000 0000 0000
100: 9EB0 12A1 0000 0000 0000 0000 0000 0000 5001 4EE6
110: 0048 0191 0000 0000 0000 0000 0000 0000 0000 4018
120: 4018 0000 0000 0000 0000 0000 0000 0000 0021 0000
130: 0000 0000 0000 16E5 0000 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 7037 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 101E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 1000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 0BA5
-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 C8 C8 00 00 00 00 00 00 00 03 27
010: 00 9A 82 14 05 00 00 00 00 00 04 32 00 52 52 21
020: 49 00 00 00 00 00 05 33 00 C8 C8 00 00 00 00 00
030: 00 00 07 2E 00 64 FD 00 00 00 00 00 00 00 09 32
040: 00 62 62 B4 06 00 00 00 00 00 0A 32 00 64 64 00
050: 00 00 00 00 00 00 0B 32 00 64 64 00 00 00 00 00
060: 00 00 0C 32 00 63 63 7F 05 00 00 00 00 00 BF 32
070: 00 01 01 89 40 00 00 00 00 00 C0 32 00 C8 C8 27
080: 00 00 00 00 00 00 C1 32 00 89 89 1B E5 02 00 00
090: 00 00 C2 22 00 66 5B 29 00 00 00 00 00 00 C4 32
0A0: 00 C8 C8 00 00 00 00 00 00 00 C5 32 00 C8 C8 00
0B0: 00 00 00 00 00 00 C6 30 00 64 FD 00 00 00 00 00
0C0: 00 00 C7 32 00 C8 C8 00 00 00 00 00 00 00 C8 08
0D0: 00 64 FD 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 80 16 01 7B
170: 03 00 01 00 02 46 05 00 00 00 00 00 00 00 00 00
180: 00 00 01 02 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 27
-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 C8 C8 00 00 00 00 00 00 00 00 03 15
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 8C 00 00 00 00 00 00 00 00
030: 00 00 07 00 64 64 00 00 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 00 00 00 00 00
050: 00 00 00 00 00 00 0B 00 00 00 00 00 00 00 00 00
060: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 BF 00
070: 00 00 00 00 00 00 00 00 00 00 C0 00 00 00 00 00
080: 00 00 00 00 00 00 C1 00 00 00 00 00 00 00 00 00
090: 00 00 C2 00 00 00 00 00 00 00 00 00 00 00 C4 00
0A0: 00 00 00 00 00 00 00 00 00 00 C5 00 00 00 00 00
0B0: 00 00 00 00 00 00 C6 00 00 00 00 00 00 00 00 00
0C0: 00 00 C7 00 00 00 00 00 00 00 00 00 00 00 C8 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 A6
CrystalDiskInfo 5.6.2 (C) 2008-2013 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows XP Home Edition SP3 [5.1 Build 2600] (x86)
Date : 2013/08/06 14:15:45
-- Controller Map ----------------------------------------------------------
+ Intel(R) NM10 Express Chipset [ATA]
- WDC WD1600BEVT-22A23T0
-- Disk List ---------------------------------------------------------------
(1) WDC WD1600BEVT-22A23T0 : 160,0 GB [0/0/0, pd1] - wd
----------------------------------------------------------------------------
(1) WDC WD1600BEVT-22A23T0
----------------------------------------------------------------------------
Model : WDC WD1600BEVT-22A23T0
Firmware : 01.01A01
Serial Number : WD-WXM1A60H4443
Disk Size : 160,0 GB (8,4/137,4/160,0/160,0)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 312581808
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : SATA/300
Power On Hours : 1716 hours
Power On Count : 1407 count
Temparature : 41 C (105 F)
Health Status : Good
Features : S.M.A.R.T., APM, AAM, 48bit LBA, NCQ
APM Level : 0060h [ON]
AAM Level : 80FEh [OFF]
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Read Error Rate
03 154 130 _21 000000000514 Spin-Up Time
04 _82 _82 __0 000000004921 Start/Stop Count
05 200 200 140 000000000000 Reallocated Sectors Count
07 100 253 __0 000000000000 Seek Error Rate
09 _98 _98 __0 0000000006B4 Power-On Hours
0A 100 100 __0 000000000000 Spin Retry Count
0B 100 100 __0 000000000000 Recalibration Retries
0C _99 _99 __0 00000000057F Power Cycle Count
BF __1 __1 __0 000000004089 G-Sense Error Rate
C0 200 200 __0 000000000027 Power-off Retract Count
C1 137 137 __0 00000002E51B Load/Unload Cycle Count
C2 102 _91 __0 000000000029 Temperature
C4 200 200 __0 000000000000 Reallocation Event Count
C5 200 200 __0 000000000000 Current Pending Sector Count
C6 100 253 __0 000000000000 Uncorrectable Sector Count
C7 200 200 __0 000000000000 UltraDMA CRC Error Count
C8 100 253 __0 000000000000 Write Error Rate
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2057 442D 5758 4D31 4136 3048 3434 3433
020: 0000 4000 0032 3031 2E30 3141 3031 5744 4320 5744
030: 3136 3030 4245 5654 2D32 3241 3233 5430 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0000 0000 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 1F06 0000 004C 004C
080: 01FE 0000 746B 7F09 6163 7469 BC09 6163 407F 001D
090: 001D 0060 FFFE 0000 80FE 0000 0000 0000 0000 0000
100: 9EB0 12A1 0000 0000 0000 0000 0000 0000 5001 4EE6
110: 0048 0191 0000 0000 0000 0000 0000 0000 0000 4018
120: 4018 0000 0000 0000 0000 0000 0000 0000 0021 0000
130: 0000 0000 0000 16E5 0000 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 7037 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 101E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 1000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 0BA5
-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 C8 C8 00 00 00 00 00 00 00 03 27
010: 00 9A 82 14 05 00 00 00 00 00 04 32 00 52 52 21
020: 49 00 00 00 00 00 05 33 00 C8 C8 00 00 00 00 00
030: 00 00 07 2E 00 64 FD 00 00 00 00 00 00 00 09 32
040: 00 62 62 B4 06 00 00 00 00 00 0A 32 00 64 64 00
050: 00 00 00 00 00 00 0B 32 00 64 64 00 00 00 00 00
060: 00 00 0C 32 00 63 63 7F 05 00 00 00 00 00 BF 32
070: 00 01 01 89 40 00 00 00 00 00 C0 32 00 C8 C8 27
080: 00 00 00 00 00 00 C1 32 00 89 89 1B E5 02 00 00
090: 00 00 C2 22 00 66 5B 29 00 00 00 00 00 00 C4 32
0A0: 00 C8 C8 00 00 00 00 00 00 00 C5 32 00 C8 C8 00
0B0: 00 00 00 00 00 00 C6 30 00 64 FD 00 00 00 00 00
0C0: 00 00 C7 32 00 C8 C8 00 00 00 00 00 00 00 C8 08
0D0: 00 64 FD 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 80 16 01 7B
170: 03 00 01 00 02 46 05 00 00 00 00 00 00 00 00 00
180: 00 00 01 02 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 27
-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 C8 C8 00 00 00 00 00 00 00 00 03 15
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 8C 00 00 00 00 00 00 00 00
030: 00 00 07 00 64 64 00 00 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 00 00 00 00 00
050: 00 00 00 00 00 00 0B 00 00 00 00 00 00 00 00 00
060: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 BF 00
070: 00 00 00 00 00 00 00 00 00 00 C0 00 00 00 00 00
080: 00 00 00 00 00 00 C1 00 00 00 00 00 00 00 00 00
090: 00 00 C2 00 00 00 00 00 00 00 00 00 00 00 C4 00
0A0: 00 00 00 00 00 00 00 00 00 00 C5 00 00 00 00 00
0B0: 00 00 00 00 00 00 C6 00 00 00 00 00 00 00 00 00
0C0: 00 00 C7 00 00 00 00 00 00 00 00 00 00 00 C8 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 A6
Re: Aspire One D255, Acer, Intel Atom, W XP
Tohle fixni v HJT :
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~1\IObit\ADVANC~2\BROWER~1\ASCPLU~1.DLL
O3 - Toolbar: Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files\Delta\delta\1.8.21.5\deltaTlbr.dll
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files\EgisTec IPS\EgisUpdate.exe" -d
O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files\EgisTec IPS\PmmUpdate.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [iPatchData] C:\Program Files\Acer\Updater\iUpdate.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKCU\..\Run: [Facebook Update] "C:\Documents and Settings\uzivatel\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [Sony PC Companion] "C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe" /Background
O4 - HKCU\..\Run: [NTRedirect] C:\WINDOWS\system32\rundll32.exe "C:\Documents and Settings\uzivatel\Application Data\BabSolution\Shared\NTRedirect.dll",Run
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "c:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Acer VCM.lnk = ?
HJT najdeš zde :
C:\Program Files\trend micro\uzivatel.exe
Fix znamená že spustíš HJT
jako admin
v okně které se ti otevře klikneš na Do a system scan only
v dalším okně najdeš řádky které jsem ti vypsal,
vedle nich je čtvereček do kterého uděláš zatržítko,
pak klikneš na Fix checked které je vlevo dole,
program se ti zeptá zda opravdu ANO s tím samozřejmě souhlasíš a je hotovo.
Přes Start >> Spustit >> napiš - services.msc >> OK. Najdi službu :
Služba Google Update (gupdate)
Služba Google Update (gupdatem)
dvojklikem se otevře karta kde nejprve službu zastav tlačítkem Zastavit u položky Typ spouštění vyber Zakázáno a klik na OK.
Plus přes Start >> Všechny programy >> Příslušenství >> Systémové nástroje >> Naplánované úlohy a tam zruš víše jmenované.
Přes Start >> Ovládací panely >> Přidat nebo odebrat odinstaluj Advanced SystemCare
Smaž nepotřebné soubory
pomocí CCleaneru
návod :
Čistič - tady vyčistíš PC od nepotřebných souborů a vysypeš Koš
Registry - tady vyčistíš registry (před použitím doporučuji udělat jejich zálohu kterou CCleaner nabízí)
čištění registru je třeba několikrát zopakovat !
Nástroje - tady lze odinstalovat programy, upravit co se spustí po Startu systému a obnovit systém
Stáhni a ulož na plochu AdwCleaner,
ukonči všechny programy včetně prohlížeče a dvojklikem spusť,
objeví se okno kde vlevo dole klikni na Search.
Po té proběhne sken a po jeho skončení na Tebe vypadne log, který mi sem zkopíruj.
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~1\IObit\ADVANC~2\BROWER~1\ASCPLU~1.DLL
O3 - Toolbar: Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files\Delta\delta\1.8.21.5\deltaTlbr.dll
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files\EgisTec IPS\EgisUpdate.exe" -d
O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files\EgisTec IPS\PmmUpdate.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [iPatchData] C:\Program Files\Acer\Updater\iUpdate.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKCU\..\Run: [Facebook Update] "C:\Documents and Settings\uzivatel\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [Sony PC Companion] "C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe" /Background
O4 - HKCU\..\Run: [NTRedirect] C:\WINDOWS\system32\rundll32.exe "C:\Documents and Settings\uzivatel\Application Data\BabSolution\Shared\NTRedirect.dll",Run
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "c:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Acer VCM.lnk = ?
HJT najdeš zde :
C:\Program Files\trend micro\uzivatel.exe
Fix znamená že spustíš HJT
jako adminv okně které se ti otevře klikneš na Do a system scan only
v dalším okně najdeš řádky které jsem ti vypsal,
vedle nich je čtvereček do kterého uděláš zatržítko,
pak klikneš na Fix checked které je vlevo dole,
program se ti zeptá zda opravdu ANO s tím samozřejmě souhlasíš a je hotovo.
Přes Start >> Spustit >> napiš - services.msc >> OK. Najdi službu :
Služba Google Update (gupdate)
Služba Google Update (gupdatem)
dvojklikem se otevře karta kde nejprve službu zastav tlačítkem Zastavit u položky Typ spouštění vyber Zakázáno a klik na OK.
Plus přes Start >> Všechny programy >> Příslušenství >> Systémové nástroje >> Naplánované úlohy a tam zruš víše jmenované.
Přes Start >> Ovládací panely >> Přidat nebo odebrat odinstaluj Advanced SystemCare
Smaž nepotřebné soubory
pomocí CCleaneru
návod :
Čistič - tady vyčistíš PC od nepotřebných souborů a vysypeš Koš
Registry - tady vyčistíš registry (před použitím doporučuji udělat jejich zálohu kterou CCleaner nabízí)
čištění registru je třeba několikrát zopakovat !
Nástroje - tady lze odinstalovat programy, upravit co se spustí po Startu systému a obnovit systém
Stáhni a ulož na plochu AdwCleaner,
ukonči všechny programy včetně prohlížeče a dvojklikem spusť,
objeví se okno kde vlevo dole klikni na Search.
Po té proběhne sken a po jeho skončení na Tebe vypadne log, který mi sem zkopíruj.
Re: Aspire One D255, Acer, Intel Atom, W XP
Znovu spusť AdwCleaner ale tentokrát klikni na Delete,
proběhne restart PC kdy dojde ke smazání nepořádku.
Po té na Tebe opět vypadne log který mi sem zkopíruj.
P.S. zkopíruj prosím logy normálně do odpovědi
proběhne restart PC kdy dojde ke smazání nepořádku.
Po té na Tebe opět vypadne log který mi sem zkopíruj.
P.S. zkopíruj prosím logy normálně do odpovědi
Re: Aspire One D255, Acer, Intel Atom, W XP
# AdwCleaner v2.306 - Logfile created 08/08/2013 at 15:46:35
# Updated 19/07/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : uzivatel - ACER-89AD2EFE6F
# Boot Mode : Normal
# Running from : C:\Documents and Settings\uzivatel\My Documents\Preberanie\adwcleaner.exe
# Option [Delete]
***** [Services] *****
Stopped & Deleted : BrowserDefendert
***** [Files / Folders] *****
Deleted on reboot : C:\Documents and Settings\All Users\Application Data\BrowserDefender
Deleted on reboot : C:\Documents and Settings\uzivatel\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
File Deleted : C:\Documents and Settings\uzivatel\Application Data\Mozilla\Firefox\Profiles\13f1qhm7.default\bprotector_extensions.sqlite
File Deleted : C:\Documents and Settings\uzivatel\Application Data\Mozilla\Firefox\Profiles\13f1qhm7.default\bprotector_prefs.js
File Deleted : C:\Documents and Settings\uzivatel\Application Data\Mozilla\Firefox\Profiles\13f1qhm7.default\searchplugins\Babylon.xml
File Deleted : C:\Documents and Settings\uzivatel\Application Data\Mozilla\Firefox\Profiles\13f1qhm7.default\searchplugins\delta.xml
File Deleted : C:\Documents and Settings\uzivatel\Local Settings\Application Data\Google\Chrome\User Data\Default\bProtector Web Data
File Deleted : C:\Documents and Settings\uzivatel\Local Settings\Application Data\Google\Chrome\User Data\Default\bprotectorpreferences
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Babylon
Folder Deleted : C:\Documents and Settings\All Users\Application Data\boost_interprocess
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Partner
Folder Deleted : C:\Documents and Settings\uzivatel\Application Data\BabSolution
Folder Deleted : C:\Documents and Settings\uzivatel\Application Data\Babylon
Folder Deleted : C:\Documents and Settings\uzivatel\Application Data\delta
Folder Deleted : C:\Documents and Settings\uzivatel\Application Data\dvdvideosoftiehelpers
Folder Deleted : C:\Documents and Settings\uzivatel\Application Data\Mozilla\Firefox\Profiles\13f1qhm7.default\extensions\ffxtlbr@delta.com
Folder Deleted : C:\Documents and Settings\uzivatel\Application Data\OpenCandy
Folder Deleted : C:\Program Files\delta
***** [Registry] *****
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\BabSolution
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\Delta
Key Deleted : HKCU\Software\e53d68de56fee46
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26}
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaappCore
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaappCore.1
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltadskBnd
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltadskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaHlpr
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\esrv.deltaESrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.deltaESrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\Delta
Key Deleted : HKLM\SOFTWARE\e53d68de56fee46
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Delta
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Delta Chrome Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar
Key Deleted : HKLM\Software\PIP
Key Deleted : HKU\S-1-5-21-480437244-1749521121-372829268-1006\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{acaa314b-eeba-48e4-ad47-84e31c44796c}]
***** [Internet Browsers] *****
-\\ Internet Explorer v8.0.6001.18702
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://www1.delta-search.com/?babsrc=NT_ss&mntrId=EE8D88AE1D899F51&affID=121564&tt=210713_nt&tsp=4951 --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - bProtectTabs] = hxxp://www1.delta-search.com/?babsrc=NT_ss&mntrId=EE8D88AE1D899F51&affID=121564&tt=210713_nt&tsp=4951 --> hxxp://www.google.com
-\\ Mozilla Firefox v22.0 (sk)
File : C:\Documents and Settings\uzivatel\Application Data\Mozilla\Firefox\Profiles\13f1qhm7.default\prefs.js
C:\Documents and Settings\uzivatel\Application Data\Mozilla\Firefox\Profiles\13f1qhm7.default\user.js ... Deleted !
Deleted : user_pref("browser.newtab.url", "hxxp://www1.delta-search.com/?babsrc=NT_ss&mntrId=EE8D88AE1D899F51&[...]
Deleted : user_pref("browser.search.order.1", "Delta Search");
Deleted : user_pref("browser.search.selectedEngine", "Delta Search");
Deleted : user_pref("browser.startup.homepage", "hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=EE8D88AE1D8[...]
Deleted : user_pref("extensions.delta.admin", false);
Deleted : user_pref("extensions.delta.aflt", "babsst");
Deleted : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Deleted : user_pref("extensions.delta.autoRvrt", "false");
Deleted : user_pref("extensions.delta.dfltLng", "en");
Deleted : user_pref("extensions.delta.excTlbr", false);
Deleted : user_pref("extensions.delta.ffxUnstlRst", true);
Deleted : user_pref("extensions.delta.id", "ee8dac2700000000000088ae1d899f51");
Deleted : user_pref("extensions.delta.instlDay", "15908");
Deleted : user_pref("extensions.delta.instlRef", "sst");
Deleted : user_pref("extensions.delta.newTab", false);
Deleted : user_pref("extensions.delta.prdct", "delta");
Deleted : user_pref("extensions.delta.prtnrId", "delta");
Deleted : user_pref("extensions.delta.rvrt", "false");
Deleted : user_pref("extensions.delta.smplGrp", "none");
Deleted : user_pref("extensions.delta.tlbrId", "base");
Deleted : user_pref("extensions.delta.tlbrSrchUrl", "");
Deleted : user_pref("extensions.delta.vrsn", "1.8.21.5");
Deleted : user_pref("extensions.delta.vrsni", "1.8.21.5");
Deleted : user_pref("extensions.delta.vrsnTs", "1.8.21.512:29:06");
Deleted : user_pref("extensions.delta_i.babExt", "");
Deleted : user_pref("extensions.delta_i.babTrack", "affID=121564&tt=210713_nt&tsp=4951");
Deleted : user_pref("extensions.delta_i.srcExt", "ss");
-\\ Google Chrome v28.0.1500.95
File : C:\Documents and Settings\uzivatel\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences
Deleted [l.2139] : homepage = "hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=EE8D88AE1D899F51&affID=121564&tt=[...]
Deleted [l.2431] : urls_to_restore_on_startup = [ "hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=EE8D88AE1[...]
*************************
AdwCleaner[R1].txt - [10552 octets] - [07/08/2013 00:46:33]
AdwCleaner[S1].txt - [10692 octets] - [08/08/2013 15:46:35]
########## EOF - C:\AdwCleaner[S1].txt - [10753 octets] ##########
# Updated 19/07/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : uzivatel - ACER-89AD2EFE6F
# Boot Mode : Normal
# Running from : C:\Documents and Settings\uzivatel\My Documents\Preberanie\adwcleaner.exe
# Option [Delete]
***** [Services] *****
Stopped & Deleted : BrowserDefendert
***** [Files / Folders] *****
Deleted on reboot : C:\Documents and Settings\All Users\Application Data\BrowserDefender
Deleted on reboot : C:\Documents and Settings\uzivatel\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
File Deleted : C:\Documents and Settings\uzivatel\Application Data\Mozilla\Firefox\Profiles\13f1qhm7.default\bprotector_extensions.sqlite
File Deleted : C:\Documents and Settings\uzivatel\Application Data\Mozilla\Firefox\Profiles\13f1qhm7.default\bprotector_prefs.js
File Deleted : C:\Documents and Settings\uzivatel\Application Data\Mozilla\Firefox\Profiles\13f1qhm7.default\searchplugins\Babylon.xml
File Deleted : C:\Documents and Settings\uzivatel\Application Data\Mozilla\Firefox\Profiles\13f1qhm7.default\searchplugins\delta.xml
File Deleted : C:\Documents and Settings\uzivatel\Local Settings\Application Data\Google\Chrome\User Data\Default\bProtector Web Data
File Deleted : C:\Documents and Settings\uzivatel\Local Settings\Application Data\Google\Chrome\User Data\Default\bprotectorpreferences
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Babylon
Folder Deleted : C:\Documents and Settings\All Users\Application Data\boost_interprocess
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Partner
Folder Deleted : C:\Documents and Settings\uzivatel\Application Data\BabSolution
Folder Deleted : C:\Documents and Settings\uzivatel\Application Data\Babylon
Folder Deleted : C:\Documents and Settings\uzivatel\Application Data\delta
Folder Deleted : C:\Documents and Settings\uzivatel\Application Data\dvdvideosoftiehelpers
Folder Deleted : C:\Documents and Settings\uzivatel\Application Data\Mozilla\Firefox\Profiles\13f1qhm7.default\extensions\ffxtlbr@delta.com
Folder Deleted : C:\Documents and Settings\uzivatel\Application Data\OpenCandy
Folder Deleted : C:\Program Files\delta
***** [Registry] *****
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\BabSolution
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\Delta
Key Deleted : HKCU\Software\e53d68de56fee46
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26}
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaappCore
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaappCore.1
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltadskBnd
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltadskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaHlpr
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\esrv.deltaESrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.deltaESrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\Delta
Key Deleted : HKLM\SOFTWARE\e53d68de56fee46
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Delta
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Delta Chrome Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar
Key Deleted : HKLM\Software\PIP
Key Deleted : HKU\S-1-5-21-480437244-1749521121-372829268-1006\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{acaa314b-eeba-48e4-ad47-84e31c44796c}]
***** [Internet Browsers] *****
-\\ Internet Explorer v8.0.6001.18702
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://www1.delta-search.com/?babsrc=NT_ss&mntrId=EE8D88AE1D899F51&affID=121564&tt=210713_nt&tsp=4951 --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - bProtectTabs] = hxxp://www1.delta-search.com/?babsrc=NT_ss&mntrId=EE8D88AE1D899F51&affID=121564&tt=210713_nt&tsp=4951 --> hxxp://www.google.com
-\\ Mozilla Firefox v22.0 (sk)
File : C:\Documents and Settings\uzivatel\Application Data\Mozilla\Firefox\Profiles\13f1qhm7.default\prefs.js
C:\Documents and Settings\uzivatel\Application Data\Mozilla\Firefox\Profiles\13f1qhm7.default\user.js ... Deleted !
Deleted : user_pref("browser.newtab.url", "hxxp://www1.delta-search.com/?babsrc=NT_ss&mntrId=EE8D88AE1D899F51&[...]
Deleted : user_pref("browser.search.order.1", "Delta Search");
Deleted : user_pref("browser.search.selectedEngine", "Delta Search");
Deleted : user_pref("browser.startup.homepage", "hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=EE8D88AE1D8[...]
Deleted : user_pref("extensions.delta.admin", false);
Deleted : user_pref("extensions.delta.aflt", "babsst");
Deleted : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Deleted : user_pref("extensions.delta.autoRvrt", "false");
Deleted : user_pref("extensions.delta.dfltLng", "en");
Deleted : user_pref("extensions.delta.excTlbr", false);
Deleted : user_pref("extensions.delta.ffxUnstlRst", true);
Deleted : user_pref("extensions.delta.id", "ee8dac2700000000000088ae1d899f51");
Deleted : user_pref("extensions.delta.instlDay", "15908");
Deleted : user_pref("extensions.delta.instlRef", "sst");
Deleted : user_pref("extensions.delta.newTab", false);
Deleted : user_pref("extensions.delta.prdct", "delta");
Deleted : user_pref("extensions.delta.prtnrId", "delta");
Deleted : user_pref("extensions.delta.rvrt", "false");
Deleted : user_pref("extensions.delta.smplGrp", "none");
Deleted : user_pref("extensions.delta.tlbrId", "base");
Deleted : user_pref("extensions.delta.tlbrSrchUrl", "");
Deleted : user_pref("extensions.delta.vrsn", "1.8.21.5");
Deleted : user_pref("extensions.delta.vrsni", "1.8.21.5");
Deleted : user_pref("extensions.delta.vrsnTs", "1.8.21.512:29:06");
Deleted : user_pref("extensions.delta_i.babExt", "");
Deleted : user_pref("extensions.delta_i.babTrack", "affID=121564&tt=210713_nt&tsp=4951");
Deleted : user_pref("extensions.delta_i.srcExt", "ss");
-\\ Google Chrome v28.0.1500.95
File : C:\Documents and Settings\uzivatel\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences
Deleted [l.2139] : homepage = "hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=EE8D88AE1D899F51&affID=121564&tt=[...]
Deleted [l.2431] : urls_to_restore_on_startup = [ "hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=EE8D88AE1[...]
*************************
AdwCleaner[R1].txt - [10552 octets] - [07/08/2013 00:46:33]
AdwCleaner[S1].txt - [10692 octets] - [08/08/2013 15:46:35]
########## EOF - C:\AdwCleaner[S1].txt - [10753 octets] ##########
Re: Aspire One D255, Acer, Intel Atom, W XP
Stáhni a ulož na plochu ComboFix,
spusť aplikaci jako Administrátor a povol instalaci Konzole pro zotavení - Recovery Console.
Poté se zobrazí okno s licenčními podmínkami které potvrdíš kliknutím na ANO,
pak ještě jednou klik na ANO a už to jede.
Celá akce trvá okolo 10 minut ale může i déle, během skenu se nepokoušej spouštět nic jiného.
Při skenovaní může být PC i restartováno nelekat se.
Upozornění: po dobu skenu vypni rezidentní štít Antiviru a AntiSpy programu,
protože Combofix se pokouší napadené soubory smazat a tyto programy mu můžou bránit.
Po dokončení skenu nebo následném restartu aplikace vytvoří log, uložený na C:/Combofix.txt
(při opakovaném použití jsou logy číslovány Combofix2.txt atd.), jeho obsah zkopíruj sem.
V případě nejasností je ZDE obrázkový návod.
spusť aplikaci jako Administrátor a povol instalaci Konzole pro zotavení - Recovery Console.
Poté se zobrazí okno s licenčními podmínkami které potvrdíš kliknutím na ANO,
pak ještě jednou klik na ANO a už to jede.
Celá akce trvá okolo 10 minut ale může i déle, během skenu se nepokoušej spouštět nic jiného.
Při skenovaní může být PC i restartováno nelekat se.
Upozornění: po dobu skenu vypni rezidentní štít Antiviru a AntiSpy programu,
protože Combofix se pokouší napadené soubory smazat a tyto programy mu můžou bránit.
Po dokončení skenu nebo následném restartu aplikace vytvoří log, uložený na C:/Combofix.txt
(při opakovaném použití jsou logy číslovány Combofix2.txt atd.), jeho obsah zkopíruj sem.
V případě nejasností je ZDE obrázkový návod.
Re: Aspire One D255, Acer, Intel Atom, W XP
ComboFix 13-08-07.01 - uzivatel 09.08.2013 21:59:19.2.2 - x86
Systém Microsoft Windows XP Home Edition 5.1.2600.3.1250.421.1033.18.1013.595 [GMT 2:00]
Running from: c:\documents and settings\uzivatel\My Documents\Preberanie\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
.
((((((((((((((((((((((((( Files Created from 2013-07-09 to 2013-08-09 )))))))))))))))))))))))))))))))
.
.
2013-08-09 11:25 . 2013-07-02 06:54 7143960 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{C481332E-93A5-4457-88D9-6A1115B95CD4}\mpengine.dll
2013-08-06 22:39 . 2013-08-06 22:39 -------- d-----w- c:\program files\CCleaner
2013-08-06 12:13 . 2013-08-06 12:13 -------- d-----w- c:\program files\CrystalDiskInfo
2013-08-06 11:47 . 2013-08-06 22:27 -------- d-----w- c:\program files\trend micro
2013-08-06 11:47 . 2013-08-06 11:48 -------- d-----w- C:\rsit
2013-08-05 19:43 . 2008-04-14 03:42 116224 -c--a-w- c:\windows\system32\dllcache\xrxwiadr.dll
2013-08-05 19:43 . 2001-08-17 20:36 23040 -c--a-w- c:\windows\system32\dllcache\xrxwbtmp.dll
2013-08-05 19:43 . 2008-04-14 03:42 18944 -c--a-w- c:\windows\system32\dllcache\xrxscnui.dll
2013-08-05 19:43 . 2001-08-17 20:37 27648 -c--a-w- c:\windows\system32\dllcache\xrxftplt.exe
2013-08-05 19:43 . 2001-08-17 20:37 4608 -c--a-w- c:\windows\system32\dllcache\xrxflnch.exe
2013-08-05 19:43 . 2001-08-17 20:37 99865 -c--a-w- c:\windows\system32\dllcache\xlog.exe
2013-08-05 19:43 . 2001-08-17 10:11 16970 -c--a-w- c:\windows\system32\dllcache\xem336n5.sys
2013-08-05 19:43 . 2008-04-13 20:04 19455 -c--a-w- c:\windows\system32\dllcache\wvchntxx.sys
2013-08-05 19:42 . 2008-04-13 20:04 12063 -c--a-w- c:\windows\system32\dllcache\wsiintxx.sys
2013-08-05 19:42 . 2008-04-14 03:42 8192 -c--a-w- c:\windows\system32\dllcache\wshirda.dll
2013-08-05 19:42 . 2008-04-13 20:05 154624 -c--a-w- c:\windows\system32\dllcache\wlluc48.sys
2013-08-05 19:42 . 2001-08-17 10:12 34890 -c--a-w- c:\windows\system32\dllcache\wlandrv2.sys
2013-08-05 19:41 . 2001-08-17 11:28 771581 -c--a-w- c:\windows\system32\dllcache\winacisa.sys
2013-08-05 19:41 . 2001-08-17 20:36 53760 -c--a-w- c:\windows\system32\dllcache\wiamsmud.dll
2013-08-05 19:41 . 2001-08-17 20:36 87040 -c--a-w- c:\windows\system32\dllcache\wiafbdrv.dll
2013-08-05 19:41 . 2001-08-17 11:28 701386 -c--a-w- c:\windows\system32\dllcache\wdhaalba.sys
2013-08-05 19:41 . 2008-04-13 22:15 31744 -c--a-w- c:\windows\system32\dllcache\wceusbsh.sys
2013-08-05 19:41 . 2008-04-13 20:04 23615 -c--a-w- c:\windows\system32\dllcache\wch7xxnt.sys
2013-08-05 19:41 . 2001-08-17 10:10 35871 -c--a-w- c:\windows\system32\dllcache\wbfirdma.sys
2013-08-05 19:41 . 2008-04-13 20:04 25471 -c--a-w- c:\windows\system32\dllcache\watv10nt.sys
2013-08-05 19:41 . 2008-04-13 20:04 22271 -c--a-w- c:\windows\system32\dllcache\watv06nt.sys
2013-08-05 19:41 . 2008-04-13 20:04 33599 -c--a-w- c:\windows\system32\dllcache\watv04nt.sys
2013-08-05 19:41 . 2008-04-13 20:04 19551 -c--a-w- c:\windows\system32\dllcache\watv02nt.sys
2013-08-05 19:41 . 2008-04-13 20:04 29311 -c--a-w- c:\windows\system32\dllcache\watv01nt.sys
2013-08-05 19:39 . 2001-08-17 11:49 24576 -c--a-w- c:\windows\system32\dllcache\viairda.sys
2013-08-05 19:39 . 2008-04-14 12:00 11325 -c--a-w- c:\windows\system32\dllcache\vchnt5.dll
2013-08-05 19:39 . 2001-08-17 11:28 687999 -c--a-w- c:\windows\system32\dllcache\usrwdxjs.sys
2013-08-05 19:39 . 2001-08-17 11:28 765884 -c--a-w- c:\windows\system32\dllcache\usrti.sys
2013-08-05 19:39 . 2001-08-17 11:28 113762 -c--a-w- c:\windows\system32\dllcache\usrpda.sys
2013-08-05 19:39 . 2001-08-17 11:28 7556 -c--a-w- c:\windows\system32\dllcache\usroslba.sys
2013-08-05 19:39 . 2001-08-17 11:28 224802 -c--a-w- c:\windows\system32\dllcache\usr1807a.sys
2013-08-05 19:39 . 2001-08-17 11:28 794399 -c--a-w- c:\windows\system32\dllcache\usr1806v.sys
2013-08-05 19:39 . 2001-08-17 11:28 793598 -c--a-w- c:\windows\system32\dllcache\usr1806.sys
2013-08-05 19:37 . 2001-08-17 20:36 50176 -c--a-w- c:\windows\system32\dllcache\umaxp60.dll
2013-08-05 19:37 . 2001-08-17 20:36 47616 -c--a-w- c:\windows\system32\dllcache\umaxcam.dll
2013-08-05 19:37 . 2001-08-17 20:36 211968 -c--a-w- c:\windows\system32\dllcache\um54scan.dll
2013-08-05 19:37 . 2001-08-17 20:36 216064 -c--a-w- c:\windows\system32\dllcache\um34scan.dll
2013-08-05 19:37 . 2008-04-13 22:06 44672 -c--a-w- c:\windows\system32\dllcache\uagp35.sys
2013-08-05 19:37 . 2001-08-17 11:48 11520 -c--a-w- c:\windows\system32\dllcache\twotrack.sys
2013-08-05 19:37 . 2001-08-17 10:51 166784 -c--a-w- c:\windows\system32\dllcache\tridxpm.sys
2013-08-05 19:37 . 2001-08-17 20:36 525568 -c--a-w- c:\windows\system32\dllcache\tridxp.dll
2013-08-05 19:36 . 2001-08-17 10:51 159232 -c--a-w- c:\windows\system32\dllcache\tridkbm.sys
2013-08-05 19:36 . 2001-08-17 12:56 440576 -c--a-w- c:\windows\system32\dllcache\tridkb.dll
2013-08-05 19:36 . 2001-08-17 10:51 222336 -c--a-w- c:\windows\system32\dllcache\trid3dm.sys
2013-08-05 19:36 . 2001-08-17 12:56 315520 -c--a-w- c:\windows\system32\dllcache\trid3d.dll
2013-08-05 19:36 . 2001-08-17 10:12 34375 -c--a-w- c:\windows\system32\dllcache\tpro4.sys
2013-08-05 19:36 . 2001-08-17 20:35 42496 -c--a-w- c:\windows\system32\dllcache\tp4res.dll
2013-08-05 19:36 . 2008-04-14 03:42 82944 -c--a-w- c:\windows\system32\dllcache\tp4mon.exe
2013-08-05 19:36 . 2001-08-17 20:36 31744 -c--a-w- c:\windows\system32\dllcache\tp4.dll
2013-08-05 19:36 . 2001-08-17 12:02 230912 -c--a-w- c:\windows\system32\dllcache\tosdvd03.sys
2013-08-05 19:36 . 2001-08-17 12:01 241664 -c--a-w- c:\windows\system32\dllcache\tosdvd02.sys
2013-08-05 19:35 . 2001-08-17 10:10 28232 -c--a-w- c:\windows\system32\dllcache\tos4mo.sys
2013-08-05 19:35 . 2001-08-17 10:14 123995 -c--a-w- c:\windows\system32\dllcache\tjisdn.sys
2013-08-05 19:35 . 2001-08-17 10:51 138528 -c--a-w- c:\windows\system32\dllcache\tgiulnt5.sys
2013-08-05 19:35 . 2001-08-17 12:56 81408 -c--a-w- c:\windows\system32\dllcache\tgiul50.dll
2013-08-05 19:35 . 2008-04-14 12:00 149376 -c--a-w- c:\windows\system32\dllcache\tffsport.sys
2013-08-05 19:35 . 2001-08-17 10:13 17129 -c--a-w- c:\windows\system32\dllcache\tdkcd31.sys
2013-08-05 19:35 . 2001-08-17 10:13 37961 -c--a-w- c:\windows\system32\dllcache\tdk100b.sys
2013-08-05 19:35 . 2001-08-17 11:49 30464 -c--a-w- c:\windows\system32\dllcache\tbatm155.sys
2013-08-05 19:35 . 2001-08-17 11:52 7040 -c--a-w- c:\windows\system32\dllcache\tandqic.sys
2013-08-05 19:34 . 2001-08-17 10:50 36640 -c--a-w- c:\windows\system32\dllcache\t2r4mini.sys
2013-08-05 19:34 . 2001-08-17 12:56 172768 -c--a-w- c:\windows\system32\dllcache\t2r4disp.dll
2013-08-05 19:34 . 2001-08-17 20:36 94293 -c--a-w- c:\windows\system32\dllcache\sxports.dll
2013-08-05 19:34 . 2001-08-17 11:50 103936 -c--a-w- c:\windows\system32\dllcache\sx.sys
2013-08-05 19:34 . 2001-08-17 12:02 3968 -c--a-w- c:\windows\system32\dllcache\swusbflt.sys
2013-08-05 19:34 . 2001-08-17 20:36 10240 -c--a-w- c:\windows\system32\dllcache\swpidflt.dll
2013-08-05 19:34 . 2001-08-17 20:36 10240 -c--a-w- c:\windows\system32\dllcache\swpdflt2.dll
2013-08-05 19:34 . 2001-08-17 20:36 53760 -c--a-w- c:\windows\system32\dllcache\sw_wheel.dll
2013-08-05 19:34 . 2001-08-17 20:36 41472 -c--a-w- c:\windows\system32\dllcache\sw_effct.dll
2013-08-05 19:33 . 2001-08-17 20:36 155648 -c--a-w- c:\windows\system32\dllcache\stlnprop.dll
2013-08-05 19:33 . 2001-08-17 20:36 53248 -c--a-w- c:\windows\system32\dllcache\stlncoin.dll
2013-08-05 19:33 . 2001-08-17 10:18 285760 -c--a-w- c:\windows\system32\dllcache\stlnata.sys
2013-08-05 19:33 . 2001-08-17 11:51 16896 -c--a-w- c:\windows\system32\dllcache\stcusb.sys
2013-08-05 19:33 . 2001-08-17 10:11 48736 -c--a-w- c:\windows\system32\dllcache\srwlnd5.sys
2013-08-05 19:33 . 2001-08-17 20:36 99328 -c--a-w- c:\windows\system32\dllcache\srusd.dll
2013-08-05 19:33 . 2001-08-17 20:36 24660 -c--a-w- c:\windows\system32\dllcache\spxupchk.dll
2013-08-05 19:32 . 2001-08-17 11:51 61824 -c--a-w- c:\windows\system32\dllcache\speed.sys
2013-08-05 19:32 . 2001-08-17 20:36 106584 -c--a-w- c:\windows\system32\dllcache\spdports.dll
2013-08-05 19:32 . 2001-08-17 11:56 7552 -c--a-w- c:\windows\system32\dllcache\sonypvu1.sys
2013-08-05 19:32 . 2001-08-17 10:51 37040 -c--a-w- c:\windows\system32\dllcache\sonypi.sys
2013-08-05 19:32 . 2001-08-17 20:36 114688 -c--a-w- c:\windows\system32\dllcache\sonypi.dll
2013-08-05 19:32 . 2001-08-17 10:51 20752 -c--a-w- c:\windows\system32\dllcache\sonync.sys
2013-08-05 19:32 . 2001-08-17 11:53 9600 -c--a-w- c:\windows\system32\dllcache\sonymc.sys
2013-08-05 19:32 . 2008-04-13 22:10 7552 -c--a-w- c:\windows\system32\dllcache\sonyait.sys
2013-08-05 19:32 . 2001-08-17 11:53 7040 -c--a-w- c:\windows\system32\dllcache\snyaitmc.sys
2013-08-05 19:30 . 2008-04-14 12:00 73796 -c--a-w- c:\windows\system32\dllcache\slserv.exe
2013-08-05 19:29 . 2001-08-17 10:50 101760 -c--a-w- c:\windows\system32\dllcache\sis300ip.sys
2013-08-05 19:29 . 2008-04-14 12:00 3901 -c--a-w- c:\windows\system32\dllcache\siint5.dll
2013-08-05 19:29 . 2001-07-21 12:29 161568 -c--a-w- c:\windows\system32\dllcache\sgsmusb.sys
2013-08-05 19:29 . 2001-07-21 12:29 18400 -c--a-w- c:\windows\system32\dllcache\sgsmld.sys
2013-08-05 19:29 . 2001-08-17 10:51 98080 -c--a-w- c:\windows\system32\dllcache\sgiulnt5.sys
2013-08-05 19:29 . 2001-08-17 20:36 386560 -c--a-w- c:\windows\system32\dllcache\sgiul50.dll
2013-08-05 19:29 . 2001-08-17 10:19 36480 -c--a-w- c:\windows\system32\dllcache\sfmanm.sys
2013-08-05 19:29 . 2001-08-17 11:53 6784 -c--a-w- c:\windows\system32\dllcache\serscan.sys
2013-08-05 19:29 . 2001-08-17 11:48 17664 -c--a-w- c:\windows\system32\dllcache\sermouse.sys
2013-08-05 19:28 . 2001-08-17 11:53 6912 -c--a-w- c:\windows\system32\dllcache\seaddsmc.sys
2013-08-05 19:28 . 2008-04-13 22:15 11520 -c--a-w- c:\windows\system32\dllcache\scsiscan.sys
2013-08-05 19:28 . 2001-08-17 11:52 11648 -c--a-w- c:\windows\system32\dllcache\scsiprnt.sys
2013-08-05 19:28 . 2001-08-17 11:51 17280 -c--a-w- c:\windows\system32\dllcache\scr111.sys
2013-08-05 19:28 . 2001-08-17 11:51 16640 -c--a-w- c:\windows\system32\dllcache\scmstcs.sys
2013-08-05 19:28 . 2001-08-17 11:51 23936 -c--a-w- c:\windows\system32\dllcache\sccmusbm.sys
2013-08-05 19:28 . 2001-08-17 11:51 23936 -c--a-w- c:\windows\system32\dllcache\sccmn50m.sys
2013-08-05 19:28 . 2008-04-14 12:00 43904 -c--a-w- c:\windows\system32\dllcache\sbp2port.sys
2013-08-05 19:28 . 2001-08-17 20:36 495616 -c--a-w- c:\windows\system32\dllcache\sblfx.dll
2013-08-05 19:28 . 2001-08-17 10:50 75392 -c--a-w- c:\windows\system32\dllcache\s3savmxm.sys
2013-08-05 19:28 . 2001-08-17 12:56 245632 -c--a-w- c:\windows\system32\dllcache\s3savmx.dll
2013-08-05 19:28 . 2001-08-17 10:50 77824 -c--a-w- c:\windows\system32\dllcache\s3sav4m.sys
2013-08-05 19:26 . 2008-04-14 03:42 27648 -c--a-w- c:\windows\system32\dllcache\rw430ext.dll
2013-08-05 19:26 . 2008-04-13 20:05 20992 -c--a-w- c:\windows\system32\dllcache\rtl8139.sys
2013-08-05 19:26 . 2001-08-17 10:12 19017 -c--a-w- c:\windows\system32\dllcache\rtl8029.sys
2013-08-05 19:26 . 2001-08-17 10:19 30720 -c--a-w- c:\windows\system32\dllcache\rthwcls.sys
2013-08-05 19:26 . 2001-08-17 20:36 9216 -c--a-w- c:\windows\system32\dllcache\rsmgrstr.dll
2013-08-05 19:26 . 2001-08-17 10:19 3840 -c--a-w- c:\windows\system32\dllcache\rpfun.sys
2013-08-05 19:26 . 2008-04-13 22:10 79104 -c--a-w- c:\windows\system32\dllcache\rocket.sys
2013-08-05 19:26 . 2008-04-14 12:00 30592 -c--a-w- c:\windows\system32\dllcache\rndismpx.sys
2013-08-05 19:26 . 2001-08-17 10:12 37563 -c--a-w- c:\windows\system32\dllcache\rlnet5.sys
2013-08-05 19:26 . 2008-04-14 12:00 59136 -c--a-w- c:\windows\system32\dllcache\rfcomm.sys
2013-08-05 19:26 . 2001-08-17 20:36 86097 -c--a-w- c:\windows\system32\dllcache\reslog32.dll
2013-08-05 19:26 . 2008-04-14 12:00 13776 -c--a-w- c:\windows\system32\dllcache\recagent.sys
2013-08-05 19:25 . 2001-08-17 11:51 19584 -c--a-w- c:\windows\system32\dllcache\rasirda.sys
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-07-02 06:54 . 2012-12-05 12:42 7143960 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-06-12 15:32 . 2012-11-28 13:44 692104 -c--a-w- c:\windows\system32\FlashPlayerApp.exe
2013-06-12 15:32 . 2012-11-28 13:44 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-06-05 17:50 . 2013-06-05 17:50 25200 -c--a-w- c:\windows\system32\drivers\ggsemc.sys
2013-06-05 17:50 . 2013-06-05 17:50 1461992 -c--a-w- c:\windows\system32\WdfCoInstaller01009.dll
2013-06-05 17:50 . 2013-06-05 17:50 12400 -c--a-w- c:\windows\system32\drivers\ggflt.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2010-05-26 17:40 120176 ----a-w- c:\program files\EgisTec MyWinLocker\x86\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Java\\jre7\\bin\\java.exe"=
"c:\\Program Files\\Mozilla Firefox\\plugin-container.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Documents and Settings\\uzivatel\\Local Settings\\Application Data\\Facebook\\Video\\Skype\\FacebookVideoCalling.exe"=
"c:\\Program Files\\Sony Ericsson\\Update Engine\\Sony Ericsson Update Engine.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
R1 MpKslf44af8cb;MpKslf44af8cb;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{C481332E-93A5-4457-88D9-6A1115B95CD4}\MpKslf44af8cb.sys [9.8.2013 16:51 29904]
R1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\drivers\mwlPSDFilter.sys [9.8.2010 8:21 17840]
R1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\drivers\mwlPSDNserv.sys [9.8.2010 8:21 15280]
R1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\drivers\mwlPSDVDisk.sys [9.8.2010 8:21 58800]
R2 DsiWMIService;Dritek WMI Service;c:\program files\Launch Manager\dsiwmis.exe [9.8.2010 15:45 321104]
R2 RS_Service;Raw Socket Service;c:\program files\Acer\Acer VCM\RS_Service.exe [9.8.2010 8:29 260640]
R3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\drivers\ETD.sys [21.5.2012 13:53 103424]
R3 L1c;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\drivers\l1c51x86.sys [9.8.2010 15:45 61552]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [3.6.2013 16:21 162408]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [9.8.2010 7:46 1691480]
S3 EUCR;EUCR;c:\windows\system32\drivers\EUCR6SK.sys [9.8.2010 7:48 82384]
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [5.6.2013 19:50 12400]
S3 MWLService;MyWinLocker Service;c:\program files\EgisTec MyWinLocker\x86\MWLService.exe [26.5.2010 19:41 305520]
S4 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [5.6.2013 22:40 116648]
S4 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [5.6.2013 22:40 116648]
S4 Sony PC Companion;Sony PC Companion;c:\program files\Sony\Sony PC Companion\PCCService.exe [5.6.2013 19:30 155824]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - MPKSLF44AF8CB
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-07-31 17:56 1173456 ----a-w- c:\program files\Google\Chrome\Application\28.0.1500.95\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-08-09 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-11-28 15:32]
.
2013-08-06 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-480437244-1749521121-372829268-1006Core.job
- c:\documents and settings\uzivatel\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe [2013-06-04 20:36]
.
2013-08-09 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-480437244-1749521121-372829268-1006UA.job
- c:\documents and settings\uzivatel\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe [2013-06-04 20:36]
.
2013-08-08 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2011-04-27 14:39]
.
.
------- Supplementary Scan -------
.
TCP: DhcpNameServer = 168.95.1.1
FF - ProfilePath - c:\documents and settings\uzivatel\Application Data\Mozilla\Firefox\Profiles\13f1qhm7.default\
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-08-09 22:05
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
Completion time: 2013-08-09 22:07:52
ComboFix-quarantined-files.txt 2013-08-09 20:07
ComboFix2.txt 2013-08-09 15:13
.
Pre-Run: 64 614 273 024 bytes free
Post-Run: 13 adresárov, 64 608 808 960 voľných bajtov
.
- - End Of File - - 2D66B1F49B9A291541C18584543CE159
A36C5E4F47E84449FF07ED3517B43A31
Systém Microsoft Windows XP Home Edition 5.1.2600.3.1250.421.1033.18.1013.595 [GMT 2:00]
Running from: c:\documents and settings\uzivatel\My Documents\Preberanie\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
.
((((((((((((((((((((((((( Files Created from 2013-07-09 to 2013-08-09 )))))))))))))))))))))))))))))))
.
.
2013-08-09 11:25 . 2013-07-02 06:54 7143960 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{C481332E-93A5-4457-88D9-6A1115B95CD4}\mpengine.dll
2013-08-06 22:39 . 2013-08-06 22:39 -------- d-----w- c:\program files\CCleaner
2013-08-06 12:13 . 2013-08-06 12:13 -------- d-----w- c:\program files\CrystalDiskInfo
2013-08-06 11:47 . 2013-08-06 22:27 -------- d-----w- c:\program files\trend micro
2013-08-06 11:47 . 2013-08-06 11:48 -------- d-----w- C:\rsit
2013-08-05 19:43 . 2008-04-14 03:42 116224 -c--a-w- c:\windows\system32\dllcache\xrxwiadr.dll
2013-08-05 19:43 . 2001-08-17 20:36 23040 -c--a-w- c:\windows\system32\dllcache\xrxwbtmp.dll
2013-08-05 19:43 . 2008-04-14 03:42 18944 -c--a-w- c:\windows\system32\dllcache\xrxscnui.dll
2013-08-05 19:43 . 2001-08-17 20:37 27648 -c--a-w- c:\windows\system32\dllcache\xrxftplt.exe
2013-08-05 19:43 . 2001-08-17 20:37 4608 -c--a-w- c:\windows\system32\dllcache\xrxflnch.exe
2013-08-05 19:43 . 2001-08-17 20:37 99865 -c--a-w- c:\windows\system32\dllcache\xlog.exe
2013-08-05 19:43 . 2001-08-17 10:11 16970 -c--a-w- c:\windows\system32\dllcache\xem336n5.sys
2013-08-05 19:43 . 2008-04-13 20:04 19455 -c--a-w- c:\windows\system32\dllcache\wvchntxx.sys
2013-08-05 19:42 . 2008-04-13 20:04 12063 -c--a-w- c:\windows\system32\dllcache\wsiintxx.sys
2013-08-05 19:42 . 2008-04-14 03:42 8192 -c--a-w- c:\windows\system32\dllcache\wshirda.dll
2013-08-05 19:42 . 2008-04-13 20:05 154624 -c--a-w- c:\windows\system32\dllcache\wlluc48.sys
2013-08-05 19:42 . 2001-08-17 10:12 34890 -c--a-w- c:\windows\system32\dllcache\wlandrv2.sys
2013-08-05 19:41 . 2001-08-17 11:28 771581 -c--a-w- c:\windows\system32\dllcache\winacisa.sys
2013-08-05 19:41 . 2001-08-17 20:36 53760 -c--a-w- c:\windows\system32\dllcache\wiamsmud.dll
2013-08-05 19:41 . 2001-08-17 20:36 87040 -c--a-w- c:\windows\system32\dllcache\wiafbdrv.dll
2013-08-05 19:41 . 2001-08-17 11:28 701386 -c--a-w- c:\windows\system32\dllcache\wdhaalba.sys
2013-08-05 19:41 . 2008-04-13 22:15 31744 -c--a-w- c:\windows\system32\dllcache\wceusbsh.sys
2013-08-05 19:41 . 2008-04-13 20:04 23615 -c--a-w- c:\windows\system32\dllcache\wch7xxnt.sys
2013-08-05 19:41 . 2001-08-17 10:10 35871 -c--a-w- c:\windows\system32\dllcache\wbfirdma.sys
2013-08-05 19:41 . 2008-04-13 20:04 25471 -c--a-w- c:\windows\system32\dllcache\watv10nt.sys
2013-08-05 19:41 . 2008-04-13 20:04 22271 -c--a-w- c:\windows\system32\dllcache\watv06nt.sys
2013-08-05 19:41 . 2008-04-13 20:04 33599 -c--a-w- c:\windows\system32\dllcache\watv04nt.sys
2013-08-05 19:41 . 2008-04-13 20:04 19551 -c--a-w- c:\windows\system32\dllcache\watv02nt.sys
2013-08-05 19:41 . 2008-04-13 20:04 29311 -c--a-w- c:\windows\system32\dllcache\watv01nt.sys
2013-08-05 19:39 . 2001-08-17 11:49 24576 -c--a-w- c:\windows\system32\dllcache\viairda.sys
2013-08-05 19:39 . 2008-04-14 12:00 11325 -c--a-w- c:\windows\system32\dllcache\vchnt5.dll
2013-08-05 19:39 . 2001-08-17 11:28 687999 -c--a-w- c:\windows\system32\dllcache\usrwdxjs.sys
2013-08-05 19:39 . 2001-08-17 11:28 765884 -c--a-w- c:\windows\system32\dllcache\usrti.sys
2013-08-05 19:39 . 2001-08-17 11:28 113762 -c--a-w- c:\windows\system32\dllcache\usrpda.sys
2013-08-05 19:39 . 2001-08-17 11:28 7556 -c--a-w- c:\windows\system32\dllcache\usroslba.sys
2013-08-05 19:39 . 2001-08-17 11:28 224802 -c--a-w- c:\windows\system32\dllcache\usr1807a.sys
2013-08-05 19:39 . 2001-08-17 11:28 794399 -c--a-w- c:\windows\system32\dllcache\usr1806v.sys
2013-08-05 19:39 . 2001-08-17 11:28 793598 -c--a-w- c:\windows\system32\dllcache\usr1806.sys
2013-08-05 19:37 . 2001-08-17 20:36 50176 -c--a-w- c:\windows\system32\dllcache\umaxp60.dll
2013-08-05 19:37 . 2001-08-17 20:36 47616 -c--a-w- c:\windows\system32\dllcache\umaxcam.dll
2013-08-05 19:37 . 2001-08-17 20:36 211968 -c--a-w- c:\windows\system32\dllcache\um54scan.dll
2013-08-05 19:37 . 2001-08-17 20:36 216064 -c--a-w- c:\windows\system32\dllcache\um34scan.dll
2013-08-05 19:37 . 2008-04-13 22:06 44672 -c--a-w- c:\windows\system32\dllcache\uagp35.sys
2013-08-05 19:37 . 2001-08-17 11:48 11520 -c--a-w- c:\windows\system32\dllcache\twotrack.sys
2013-08-05 19:37 . 2001-08-17 10:51 166784 -c--a-w- c:\windows\system32\dllcache\tridxpm.sys
2013-08-05 19:37 . 2001-08-17 20:36 525568 -c--a-w- c:\windows\system32\dllcache\tridxp.dll
2013-08-05 19:36 . 2001-08-17 10:51 159232 -c--a-w- c:\windows\system32\dllcache\tridkbm.sys
2013-08-05 19:36 . 2001-08-17 12:56 440576 -c--a-w- c:\windows\system32\dllcache\tridkb.dll
2013-08-05 19:36 . 2001-08-17 10:51 222336 -c--a-w- c:\windows\system32\dllcache\trid3dm.sys
2013-08-05 19:36 . 2001-08-17 12:56 315520 -c--a-w- c:\windows\system32\dllcache\trid3d.dll
2013-08-05 19:36 . 2001-08-17 10:12 34375 -c--a-w- c:\windows\system32\dllcache\tpro4.sys
2013-08-05 19:36 . 2001-08-17 20:35 42496 -c--a-w- c:\windows\system32\dllcache\tp4res.dll
2013-08-05 19:36 . 2008-04-14 03:42 82944 -c--a-w- c:\windows\system32\dllcache\tp4mon.exe
2013-08-05 19:36 . 2001-08-17 20:36 31744 -c--a-w- c:\windows\system32\dllcache\tp4.dll
2013-08-05 19:36 . 2001-08-17 12:02 230912 -c--a-w- c:\windows\system32\dllcache\tosdvd03.sys
2013-08-05 19:36 . 2001-08-17 12:01 241664 -c--a-w- c:\windows\system32\dllcache\tosdvd02.sys
2013-08-05 19:35 . 2001-08-17 10:10 28232 -c--a-w- c:\windows\system32\dllcache\tos4mo.sys
2013-08-05 19:35 . 2001-08-17 10:14 123995 -c--a-w- c:\windows\system32\dllcache\tjisdn.sys
2013-08-05 19:35 . 2001-08-17 10:51 138528 -c--a-w- c:\windows\system32\dllcache\tgiulnt5.sys
2013-08-05 19:35 . 2001-08-17 12:56 81408 -c--a-w- c:\windows\system32\dllcache\tgiul50.dll
2013-08-05 19:35 . 2008-04-14 12:00 149376 -c--a-w- c:\windows\system32\dllcache\tffsport.sys
2013-08-05 19:35 . 2001-08-17 10:13 17129 -c--a-w- c:\windows\system32\dllcache\tdkcd31.sys
2013-08-05 19:35 . 2001-08-17 10:13 37961 -c--a-w- c:\windows\system32\dllcache\tdk100b.sys
2013-08-05 19:35 . 2001-08-17 11:49 30464 -c--a-w- c:\windows\system32\dllcache\tbatm155.sys
2013-08-05 19:35 . 2001-08-17 11:52 7040 -c--a-w- c:\windows\system32\dllcache\tandqic.sys
2013-08-05 19:34 . 2001-08-17 10:50 36640 -c--a-w- c:\windows\system32\dllcache\t2r4mini.sys
2013-08-05 19:34 . 2001-08-17 12:56 172768 -c--a-w- c:\windows\system32\dllcache\t2r4disp.dll
2013-08-05 19:34 . 2001-08-17 20:36 94293 -c--a-w- c:\windows\system32\dllcache\sxports.dll
2013-08-05 19:34 . 2001-08-17 11:50 103936 -c--a-w- c:\windows\system32\dllcache\sx.sys
2013-08-05 19:34 . 2001-08-17 12:02 3968 -c--a-w- c:\windows\system32\dllcache\swusbflt.sys
2013-08-05 19:34 . 2001-08-17 20:36 10240 -c--a-w- c:\windows\system32\dllcache\swpidflt.dll
2013-08-05 19:34 . 2001-08-17 20:36 10240 -c--a-w- c:\windows\system32\dllcache\swpdflt2.dll
2013-08-05 19:34 . 2001-08-17 20:36 53760 -c--a-w- c:\windows\system32\dllcache\sw_wheel.dll
2013-08-05 19:34 . 2001-08-17 20:36 41472 -c--a-w- c:\windows\system32\dllcache\sw_effct.dll
2013-08-05 19:33 . 2001-08-17 20:36 155648 -c--a-w- c:\windows\system32\dllcache\stlnprop.dll
2013-08-05 19:33 . 2001-08-17 20:36 53248 -c--a-w- c:\windows\system32\dllcache\stlncoin.dll
2013-08-05 19:33 . 2001-08-17 10:18 285760 -c--a-w- c:\windows\system32\dllcache\stlnata.sys
2013-08-05 19:33 . 2001-08-17 11:51 16896 -c--a-w- c:\windows\system32\dllcache\stcusb.sys
2013-08-05 19:33 . 2001-08-17 10:11 48736 -c--a-w- c:\windows\system32\dllcache\srwlnd5.sys
2013-08-05 19:33 . 2001-08-17 20:36 99328 -c--a-w- c:\windows\system32\dllcache\srusd.dll
2013-08-05 19:33 . 2001-08-17 20:36 24660 -c--a-w- c:\windows\system32\dllcache\spxupchk.dll
2013-08-05 19:32 . 2001-08-17 11:51 61824 -c--a-w- c:\windows\system32\dllcache\speed.sys
2013-08-05 19:32 . 2001-08-17 20:36 106584 -c--a-w- c:\windows\system32\dllcache\spdports.dll
2013-08-05 19:32 . 2001-08-17 11:56 7552 -c--a-w- c:\windows\system32\dllcache\sonypvu1.sys
2013-08-05 19:32 . 2001-08-17 10:51 37040 -c--a-w- c:\windows\system32\dllcache\sonypi.sys
2013-08-05 19:32 . 2001-08-17 20:36 114688 -c--a-w- c:\windows\system32\dllcache\sonypi.dll
2013-08-05 19:32 . 2001-08-17 10:51 20752 -c--a-w- c:\windows\system32\dllcache\sonync.sys
2013-08-05 19:32 . 2001-08-17 11:53 9600 -c--a-w- c:\windows\system32\dllcache\sonymc.sys
2013-08-05 19:32 . 2008-04-13 22:10 7552 -c--a-w- c:\windows\system32\dllcache\sonyait.sys
2013-08-05 19:32 . 2001-08-17 11:53 7040 -c--a-w- c:\windows\system32\dllcache\snyaitmc.sys
2013-08-05 19:30 . 2008-04-14 12:00 73796 -c--a-w- c:\windows\system32\dllcache\slserv.exe
2013-08-05 19:29 . 2001-08-17 10:50 101760 -c--a-w- c:\windows\system32\dllcache\sis300ip.sys
2013-08-05 19:29 . 2008-04-14 12:00 3901 -c--a-w- c:\windows\system32\dllcache\siint5.dll
2013-08-05 19:29 . 2001-07-21 12:29 161568 -c--a-w- c:\windows\system32\dllcache\sgsmusb.sys
2013-08-05 19:29 . 2001-07-21 12:29 18400 -c--a-w- c:\windows\system32\dllcache\sgsmld.sys
2013-08-05 19:29 . 2001-08-17 10:51 98080 -c--a-w- c:\windows\system32\dllcache\sgiulnt5.sys
2013-08-05 19:29 . 2001-08-17 20:36 386560 -c--a-w- c:\windows\system32\dllcache\sgiul50.dll
2013-08-05 19:29 . 2001-08-17 10:19 36480 -c--a-w- c:\windows\system32\dllcache\sfmanm.sys
2013-08-05 19:29 . 2001-08-17 11:53 6784 -c--a-w- c:\windows\system32\dllcache\serscan.sys
2013-08-05 19:29 . 2001-08-17 11:48 17664 -c--a-w- c:\windows\system32\dllcache\sermouse.sys
2013-08-05 19:28 . 2001-08-17 11:53 6912 -c--a-w- c:\windows\system32\dllcache\seaddsmc.sys
2013-08-05 19:28 . 2008-04-13 22:15 11520 -c--a-w- c:\windows\system32\dllcache\scsiscan.sys
2013-08-05 19:28 . 2001-08-17 11:52 11648 -c--a-w- c:\windows\system32\dllcache\scsiprnt.sys
2013-08-05 19:28 . 2001-08-17 11:51 17280 -c--a-w- c:\windows\system32\dllcache\scr111.sys
2013-08-05 19:28 . 2001-08-17 11:51 16640 -c--a-w- c:\windows\system32\dllcache\scmstcs.sys
2013-08-05 19:28 . 2001-08-17 11:51 23936 -c--a-w- c:\windows\system32\dllcache\sccmusbm.sys
2013-08-05 19:28 . 2001-08-17 11:51 23936 -c--a-w- c:\windows\system32\dllcache\sccmn50m.sys
2013-08-05 19:28 . 2008-04-14 12:00 43904 -c--a-w- c:\windows\system32\dllcache\sbp2port.sys
2013-08-05 19:28 . 2001-08-17 20:36 495616 -c--a-w- c:\windows\system32\dllcache\sblfx.dll
2013-08-05 19:28 . 2001-08-17 10:50 75392 -c--a-w- c:\windows\system32\dllcache\s3savmxm.sys
2013-08-05 19:28 . 2001-08-17 12:56 245632 -c--a-w- c:\windows\system32\dllcache\s3savmx.dll
2013-08-05 19:28 . 2001-08-17 10:50 77824 -c--a-w- c:\windows\system32\dllcache\s3sav4m.sys
2013-08-05 19:26 . 2008-04-14 03:42 27648 -c--a-w- c:\windows\system32\dllcache\rw430ext.dll
2013-08-05 19:26 . 2008-04-13 20:05 20992 -c--a-w- c:\windows\system32\dllcache\rtl8139.sys
2013-08-05 19:26 . 2001-08-17 10:12 19017 -c--a-w- c:\windows\system32\dllcache\rtl8029.sys
2013-08-05 19:26 . 2001-08-17 10:19 30720 -c--a-w- c:\windows\system32\dllcache\rthwcls.sys
2013-08-05 19:26 . 2001-08-17 20:36 9216 -c--a-w- c:\windows\system32\dllcache\rsmgrstr.dll
2013-08-05 19:26 . 2001-08-17 10:19 3840 -c--a-w- c:\windows\system32\dllcache\rpfun.sys
2013-08-05 19:26 . 2008-04-13 22:10 79104 -c--a-w- c:\windows\system32\dllcache\rocket.sys
2013-08-05 19:26 . 2008-04-14 12:00 30592 -c--a-w- c:\windows\system32\dllcache\rndismpx.sys
2013-08-05 19:26 . 2001-08-17 10:12 37563 -c--a-w- c:\windows\system32\dllcache\rlnet5.sys
2013-08-05 19:26 . 2008-04-14 12:00 59136 -c--a-w- c:\windows\system32\dllcache\rfcomm.sys
2013-08-05 19:26 . 2001-08-17 20:36 86097 -c--a-w- c:\windows\system32\dllcache\reslog32.dll
2013-08-05 19:26 . 2008-04-14 12:00 13776 -c--a-w- c:\windows\system32\dllcache\recagent.sys
2013-08-05 19:25 . 2001-08-17 11:51 19584 -c--a-w- c:\windows\system32\dllcache\rasirda.sys
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-07-02 06:54 . 2012-12-05 12:42 7143960 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-06-12 15:32 . 2012-11-28 13:44 692104 -c--a-w- c:\windows\system32\FlashPlayerApp.exe
2013-06-12 15:32 . 2012-11-28 13:44 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-06-05 17:50 . 2013-06-05 17:50 25200 -c--a-w- c:\windows\system32\drivers\ggsemc.sys
2013-06-05 17:50 . 2013-06-05 17:50 1461992 -c--a-w- c:\windows\system32\WdfCoInstaller01009.dll
2013-06-05 17:50 . 2013-06-05 17:50 12400 -c--a-w- c:\windows\system32\drivers\ggflt.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2010-05-26 17:40 120176 ----a-w- c:\program files\EgisTec MyWinLocker\x86\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Java\\jre7\\bin\\java.exe"=
"c:\\Program Files\\Mozilla Firefox\\plugin-container.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Documents and Settings\\uzivatel\\Local Settings\\Application Data\\Facebook\\Video\\Skype\\FacebookVideoCalling.exe"=
"c:\\Program Files\\Sony Ericsson\\Update Engine\\Sony Ericsson Update Engine.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
R1 MpKslf44af8cb;MpKslf44af8cb;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{C481332E-93A5-4457-88D9-6A1115B95CD4}\MpKslf44af8cb.sys [9.8.2013 16:51 29904]
R1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\drivers\mwlPSDFilter.sys [9.8.2010 8:21 17840]
R1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\drivers\mwlPSDNserv.sys [9.8.2010 8:21 15280]
R1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\drivers\mwlPSDVDisk.sys [9.8.2010 8:21 58800]
R2 DsiWMIService;Dritek WMI Service;c:\program files\Launch Manager\dsiwmis.exe [9.8.2010 15:45 321104]
R2 RS_Service;Raw Socket Service;c:\program files\Acer\Acer VCM\RS_Service.exe [9.8.2010 8:29 260640]
R3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\drivers\ETD.sys [21.5.2012 13:53 103424]
R3 L1c;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\drivers\l1c51x86.sys [9.8.2010 15:45 61552]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [3.6.2013 16:21 162408]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [9.8.2010 7:46 1691480]
S3 EUCR;EUCR;c:\windows\system32\drivers\EUCR6SK.sys [9.8.2010 7:48 82384]
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [5.6.2013 19:50 12400]
S3 MWLService;MyWinLocker Service;c:\program files\EgisTec MyWinLocker\x86\MWLService.exe [26.5.2010 19:41 305520]
S4 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [5.6.2013 22:40 116648]
S4 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [5.6.2013 22:40 116648]
S4 Sony PC Companion;Sony PC Companion;c:\program files\Sony\Sony PC Companion\PCCService.exe [5.6.2013 19:30 155824]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - MPKSLF44AF8CB
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-07-31 17:56 1173456 ----a-w- c:\program files\Google\Chrome\Application\28.0.1500.95\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-08-09 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-11-28 15:32]
.
2013-08-06 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-480437244-1749521121-372829268-1006Core.job
- c:\documents and settings\uzivatel\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe [2013-06-04 20:36]
.
2013-08-09 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-480437244-1749521121-372829268-1006UA.job
- c:\documents and settings\uzivatel\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe [2013-06-04 20:36]
.
2013-08-08 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2011-04-27 14:39]
.
.
------- Supplementary Scan -------
.
TCP: DhcpNameServer = 168.95.1.1
FF - ProfilePath - c:\documents and settings\uzivatel\Application Data\Mozilla\Firefox\Profiles\13f1qhm7.default\
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-08-09 22:05
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
Completion time: 2013-08-09 22:07:52
ComboFix-quarantined-files.txt 2013-08-09 20:07
ComboFix2.txt 2013-08-09 15:13
.
Pre-Run: 64 614 273 024 bytes free
Post-Run: 13 adresárov, 64 608 808 960 voľných bajtov
.
- - End Of File - - 2D66B1F49B9A291541C18584543CE159
A36C5E4F47E84449FF07ED3517B43A31
Re: Aspire One D255, Acer, Intel Atom, W XP
Pokud jsi tak ještě neučinil, přesuň Combofix na Plochu
otevři si Poznámkový blok
do něj zkopíruj skript z následujícího okna:
ulož Tebou vytvořený TXT soubor jako CFScript.txt na plochu,
po uložení uchop vytvořený skript levým myšítkem a přesuň ho nad ikonu Combofixu, kde ho upustíš:
Po aplikaci na Tebe vypadne další log, zkopíruj ho sem
Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou,
v tom případě znovu restartuj a přitom mačkej F8 poté zvol Poslední známou funkční konfiguraci
otevři si Poznámkový blok
do něj zkopíruj skript z následujícího okna:
Kód: Vybrat vše
File::
c:\documents and settings\uzivatel\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-480437244-1749521121-372829268-1006Core.job
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-480437244-1749521121-372829268-1006UA.job
po uložení uchop vytvořený skript levým myšítkem a přesuň ho nad ikonu Combofixu, kde ho upustíš:
Po aplikaci na Tebe vypadne další log, zkopíruj ho sem
Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou,
v tom případě znovu restartuj a přitom mačkej F8 poté zvol Poslední známou funkční konfiguraci
Přispějete na provoz fóra?