Prosim o kontrolu log

[vlk1120]

Prosim o kontrolu log

Vim,ze mam slaby hardisk,,ale vse slape zatim dobre,,jen posledni dobou mi naskakuji v prohlizeci nove okna-reklamy...Projel jsem to antivirem a nic nenasel.Zmenil jsem i prohlizec Mozilu za Chrome,,ale deje se to stale.
V Mozile jsem mel nejaky doplnek HD-plus,,ktery nesel odinstalovat.

Zde je log.


Logfile of random's system information tool 1.09 (written by random/random)
Run by VK at 2014-03-12 16:12:46
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 2 GB (24%) free of 7 GB
Total RAM: 1271 MB (65% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:12:58, on 12.3.2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Microsoft Security Client\msseces.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\VK\Plocha\RSIT.exe
C:\Program Files\trend micro\VK.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://localhost:0/proxy.pac
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: CrossriderApp0050778 - {11111111-1111-1111-1111-110511071178} - C:\Program Files\Plus-HD-7.6\Plus-HD-7.6-bho.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [mshaswfSrv] C:\WINDOWS\inf\mshaswf.vbe
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

--
End of file - 3721 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
C:\WINDOWS\tasks\Plus-HD-7.6-codedownloader.job
C:\WINDOWS\tasks\Plus-HD-7.6-enabler.job
C:\WINDOWS\tasks\Plus-HD-7.6-firefoxinstaller.job
C:\WINDOWS\tasks\Plus-HD-7.6-updater.job
C:\WINDOWS\tasks\Plus-HD-7.6-validator.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511071178}]
Plus-HD-7.6 - C:\Program Files\Plus-HD-7.6\Plus-HD-7.6-bho.dll [2014-02-25 633704]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2005-06-21 155648]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2005-06-21 126976]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2006-08-03 577536]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2013-10-23 948440]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"mshaswfSrv"=C:\WINDOWS\inf\mshaswf.vbe [2013-08-27 1558]
"seznam-listicka-distribuce"=C:\Program Files\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxsrvc.dll [2005-06-21 348160]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"midi"=wdmaud.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\System32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer"=wdmaud.drv

======List of files/folders created in the last 1 month======

2014-03-12 16:12:47 ----D---- C:\Program Files\trend micro
2014-03-12 16:12:46 ----D---- C:\rsit
2014-03-05 15:19:57 ----A---- C:\WINDOWS\system32\MSVCR71.DLL
2014-03-05 15:19:57 ----A---- C:\WINDOWS\system32\ATL71.DLL
2014-03-05 15:19:56 ----A---- C:\WINDOWS\system32\MSVCP71.DLL
2014-03-05 15:19:56 ----A---- C:\WINDOWS\system32\MFC71U.DLL
2014-03-05 15:19:55 ----A---- C:\WINDOWS\system32\MFC71.DLL
2014-02-25 15:22:42 ----D---- C:\Program Files\Plus-HD-7.6
2014-02-25 15:20:49 ----D---- C:\Program Files\TapinRadio
2014-02-22 23:52:19 ----D---- C:\Documents and Settings\VK\Data aplikací\BSplayer
2014-02-15 09:16:01 ----D---- C:\Program Files\Mozilla Firefox
2014-02-15 08:41:42 ----D---- C:\Program Files\Seznam.cz
2014-02-15 08:39:28 ----D---- C:\Documents and Settings\VK\Data aplikací\Seznam.cz

======List of files/folders modified in the last 1 month======

2014-03-12 16:12:51 ----D---- C:\WINDOWS\Prefetch
2014-03-12 16:12:47 ----RD---- C:\Program Files
2014-03-12 15:37:12 ----SHD---- C:\WINDOWS\Installer
2014-03-12 15:37:06 ----D---- C:\WINDOWS\Temp
2014-03-12 15:26:42 ----D---- C:\Program Files\Google
2014-03-12 15:25:22 ----SD---- C:\WINDOWS\Tasks
2014-03-12 15:22:34 ----D---- C:\WINDOWS\system32\CatRoot2
2014-03-12 14:54:14 ----D---- C:\WINDOWS
2014-03-11 22:48:30 ----N---- C:\WINDOWS\SchedLgU.Txt
2014-03-11 15:18:34 ----D---- C:\WINDOWS\system32
2014-02-28 15:05:48 ----D---- C:\WINDOWS\SoftwareDistribution
2014-02-22 20:45:13 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 MpFilter;Microsoft Malware Protection Driver; C:\WINDOWS\system32\DRIVERS\MpFilter.sys [2013-09-27 214696]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2006-08-18 4017536]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-06-21 807998]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-14 17024]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-14 101120]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-04-14 272896]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-14 18944]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-14 59136]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-10-23 22208]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-03-12 116648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-22 257928]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-03-12 116648]

-----------------EOF-----------------

[cernohous13]

Vítám tě u nás

začneme tímto:
Stáhni Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
Ulož jej na plochu a spusť - zobrazí se licenční podminky -> start libovolnou klávesou.
Bude vytvořena záloha a proběhne skenování.
Vyskočí log (nebo je uložen zde c:\JRT jako JRT.txt) - zkopíruj jej sem

Stáhni AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Ulož nejlépe na plochu -> ukonči všechny programy -> spusť AdwCleaner -> klikni na Scan po dokončení na Clean
bude provedena oprava, restartuje se - (případně restartuj) a vypadne log C:\AdwCleaner\AdwCleaner[S?].txt , jeho obsah vložíš sem

[vlk1120]

Zde je log z JRT


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Microsoft Windows XP x86
Ran by VK on st 12.03.2014 at 17:20:24,42
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\crossrider
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installcore
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installedbrowserextensions
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0050778.BHO
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0050778.BHO.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0050778.Sandbox
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0050778.Sandbox.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{11111111-1111-1111-1111-110511071178}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{22222222-2222-2222-2222-220522072278}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{55555555-5555-5555-5555-550555075578}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66666666-6666-6666-6666-660566076678}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{44444444-4444-4444-4444-440544074478}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0050778.BHO
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0050778.BHO.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0050778.Sandbox
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0050778.Sandbox.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{55555555-5555-5555-5555-550555075578}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{66666666-6666-6666-6666-660566076678}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\TypeLib\{44444444-4444-4444-4444-440544074478}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110511071178}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110511071178}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511071178}



~~~ Files

Successfully deleted: [File] C:\WINDOWS\Tasks\Plus-HD-7.6-codedownloader.job
Successfully deleted: [File] C:\WINDOWS\Tasks\Plus-HD-7.6-enabler.job
Successfully deleted: [File] C:\WINDOWS\Tasks\Plus-HD-7.6-firefoxinstaller.job
Successfully deleted: [File] C:\WINDOWS\Tasks\Plus-HD-7.6-updater.job
Successfully deleted: [File] C:\WINDOWS\Tasks\Plus-HD-7.6-validator.job



~~~ Folders





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on st 12.03.2014 at 17:35:30,28
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~







Zde je druhy log



# AdwCleaner v3.021 - Report created 12/03/2014 at 17:44:47
# Updated 10/03/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : VK - VLK-PMUUSNLMX3A
# Running from : C:\Documents and Settings\VK\Plocha\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files\SimilarSites
Folder Deleted : C:\Program Files\Plus-HD-7.6
Folder Deleted : C:\Documents and Settings\VK\Local Settings\Data aplikací\FilesFrog Update Checker
Folder Deleted : C:\Documents and Settings\VK\Data aplikací\SimilarSites
File Deleted : C:\Program Files\Mozilla Firefox\.autoreg

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a29a50b7-9687-4473-9a51-e6987fa15fc7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{b12ceca4-637c-4638-b748-c13b229c2191}
Key Deleted : HKCU\Software\Plus-HD-7.6
Key Deleted : HKLM\Software\Plus-HD-7.6

***** [ Browsers ] *****

-\\ Internet Explorer v6.0.2900.5512


-\\ Google Chrome v33.0.1750.149

[ File : C:\Documents and Settings\VK\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [1775 octets] - [12/03/2014 17:41:17]
AdwCleaner[S0].txt - [1383 octets] - [12/03/2014 17:44:47]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1443 octets] ##########

[cernohous13]

Zatím dobré a teď si střihneme MBAM

Stáhni a nainstaluj MBAM zde http://www.malwarebytes.org/products/malwarebytes_free/
Spustit -> na 3.záložce "Aktualizace" -> Kontrola aktualizací (možná bude provedeno automaticky)
následně na 1.záložce "Kontrolor" -> Úplná kontrola -> Prohledat
po dokončení scanu vyskočí okno Notepad s výsledkem - obsah zkopíruj do své odpovědi
zatím nic nemazat - počkej na posouzení

[vlk1120]

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2014.03.12.10

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 6.0.2900.5512
VK :: VLK-PMUUSNLMX3A [administrátor]

Ochrana: Povolena

12.3.2014 19:15:48
MBAM-log-2014-03-12 (20-21-06).txt

Typ: Kompletní kontrola (C:\|D:\|E:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 212164
Uplynulý čas: 57 minut, 55 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|mshaswfSrv (Trojan.Agent.VBSGen) -> Data: C:\WINDOWS\inf\mshaswf.vbe -> Nebyla provedena žádná instrukce.

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 20
C:\AdwCleaner\Quarantine\C\Program Files\Plus-HD-7.6\Plus-HD-7.6-bg.exe.vir (PUP.Optional.PlusHD.A) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\Program Files\Plus-HD-7.6\Plus-HD-7.6-bho.dll.vir (PUP.Optional.PlusHD.A) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\Program Files\Plus-HD-7.6\Plus-HD-7.6-codedownloader.exe.vir (PUP.Optional.PlusHD.A) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\Program Files\Plus-HD-7.6\Plus-HD-7.6-enabler.exe.vir (PUP.Optional.PlusHD.A) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\Program Files\Plus-HD-7.6\Plus-HD-7.6-firefoxinstaller.exe.vir (PUP.Optional.PlusHD.A) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\Program Files\Plus-HD-7.6\Plus-HD-7.6-updater.exe.vir (PUP.Optional.PlusHD.A) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\Program Files\Plus-HD-7.6\Plus-HD-7.6-validator.exe.vir (PUP.Optional.PlusHD.A) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\Program Files\Plus-HD-7.6\utils.exe.vir (PUP.Optional.CrossRider) -> Nebyla provedena žádná instrukce.
C:\System Volume Information\_restore{CD901182-CDC2-4553-95A6-4A8E15EC1CEF}\RP92\A0015140.exe (PUP.Optional.PlusHD.A) -> Nebyla provedena žádná instrukce.
C:\System Volume Information\_restore{CD901182-CDC2-4553-95A6-4A8E15EC1CEF}\RP92\A0015141.dll (PUP.Optional.PlusHD.A) -> Nebyla provedena žádná instrukce.
C:\System Volume Information\_restore{CD901182-CDC2-4553-95A6-4A8E15EC1CEF}\RP92\A0015142.exe (PUP.Optional.PlusHD.A) -> Nebyla provedena žádná instrukce.
C:\System Volume Information\_restore{CD901182-CDC2-4553-95A6-4A8E15EC1CEF}\RP92\A0015143.exe (PUP.Optional.PlusHD.A) -> Nebyla provedena žádná instrukce.
C:\System Volume Information\_restore{CD901182-CDC2-4553-95A6-4A8E15EC1CEF}\RP92\A0015144.exe (PUP.Optional.PlusHD.A) -> Nebyla provedena žádná instrukce.
C:\System Volume Information\_restore{CD901182-CDC2-4553-95A6-4A8E15EC1CEF}\RP92\A0015145.exe (PUP.Optional.PlusHD.A) -> Nebyla provedena žádná instrukce.
C:\System Volume Information\_restore{CD901182-CDC2-4553-95A6-4A8E15EC1CEF}\RP92\A0015146.exe (PUP.Optional.PlusHD.A) -> Nebyla provedena žádná instrukce.
C:\System Volume Information\_restore{CD901182-CDC2-4553-95A6-4A8E15EC1CEF}\RP92\A0015149.exe (PUP.Optional.CrossRider) -> Nebyla provedena žádná instrukce.
C:\WINDOWS\inf\msoeqxq\msoeqxq.exe (BitcoinMiner) -> Nebyla provedena žádná instrukce.
D:\Setupy\bsplayer265.1074.exe (PUP.Optional.Conduit) -> Nebyla provedena žádná instrukce.
D:\Setupy\GotClip_Setup.exe (PUP.Adbundler) -> Nebyla provedena žádná instrukce.
C:\WINDOWS\inf\mshaswf.vbe (Trojan.Agent.VBSGen) -> Nebyla provedena žádná instrukce.

(konec)

[cernohous13]

Nechej v MBAM vše "Odstranit..."

napiš jak se na to tváří PC

[vlk1120]

Po restartu pri najizdeni Windows se to jakoby na par vterin seklo,,ale najelo to,,jsem se lek,,ze se neco deje,,ale o.k.

Jinak to vypada dobre,,kdyz jsem na netu,,tak zatim zadna reklama nenaskocila,,sice to nedelalo stale,,jen nekdy,,ale vypada to dobre.

Jeste jsem se chtel zminit,ze mam vypnute aktualizace Windows,,,mam je nechat stale vypnute?

[cernohous13]

Při restartu mohl ještě MBAM mazat - odinstaluj ho

Automatické aktualizace můžeš nastavit na "Oznamovat..."
a v IE jít na http://update.microsoft.com/microsoftup ... aspx?ln=cs
jestli to máš vypnuté dlouho, tak to chvíli potrvá

systém by měl být aktualizovaný - otázka bezpečnosti

[vlk1120]

Tak vypada to v pohode,,jede bez potizi a v prohlizeci uz reklamy nejsou.

Aktualizace jsem zapnul.

[cernohous13]

Vidíš jak jsi šikovný

[vlk1120]

Moc dekuji za rady.

Nashle

[cernohous13]

Nemáš zač - rádo se stalo a jsme tady i příště