Prosím o kontrolu

Zpráva

Iva212 · #1 Příspěvek od **Iva212** » 07 lis 2014 14:41

Prosím o kontrolu a myslím, že sú tu aj nejaké toolbary a objavila som tu aj ask a neviem sa ho zbaviť.
PC je mojej sestry a synovci tu zrejme kdečo bez dozoru a rozmyslu inštalujú a popritom sem zrejme zavliekli aj ten ask a asi aj tie toolbary nejaké.

Počítač je pomalší a stále tu, dokonca aj na tejto vašej stránke vyskakujú všemožné reklamy a po spustení mozily avast stále blokuje nejakú stránku.

fastgroupchinayor .... net alebo čo tam je písané a ako pozerám každú chvíľu to vyhadzuje najakú inú stánku .... prikladám RSIT

dakujem

Logfile of random's system information tool 1.10 (written by random/random)
Run by alfaomega at 2014-11-07 14:35:24
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 123 GB (82%) free of 150 GB
Total RAM: 2037 MB (53% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:35:47, on 7. 11. 2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft\BingBar\7.1.362.0\BBSvc.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\EPSON\MyEpson Portal\mepService.exe
C:\Program Files\PDF Architect\HelperService.exe
C:\Program Files\PDF Architect\ConversionService.exe
C:\WINDOWS\System32\snmp.exe
C:\Program Files\EPSON\MyEpson Portal\mep.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\alfaomega\Dokumenty\Preberanie\RSIT.exe
C:\Program Files\trend micro\alfaomega.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.search.ask.com/?o=APN10647A& ... 50-381&t=4
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Linkey - {4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47} - C:\PROGRA~1\Linkey\IEEXTE~1\iedll.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\7.1.362.0\BingExt.dll
O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\7.1.362.0\BingExt.dll" (file missing)
O3 - Toolbar: (no name) - {95bef0b1-9d3a-41f3-bb8b-8275aaa48c66} - (no file)
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [EPSON L800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIG5P.EXE /FU "C:\WINDOWS\TEMP\E_S3BA.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [Zoner Photo Studio Service 16] "C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXEC:\Program Files\Zoner\Photo Studio 16\Program32\ZPSService.exe"
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-18 Startup: Orezávač obrazovky a spúšťač programu OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (User 'SYSTEM')
O4 - .DEFAULT Startup: Orezávač obrazovky a spúšťač programu OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (User 'Default user')
O4 - Startup: Orezávač obrazovky a spúšťač programu OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: MyEpson Portal Service - SEIKO EPSON CORPORATION - C:\Program Files\EPSON\MyEpson Portal\mepService.exe
O23 - Service: PDF Architect Helper Service - pdfforge GmbH - C:\Program Files\PDF Architect\HelperService.exe
O23 - Service: PDF Architect Service - pdfforge GmbH - C:\Program Files\PDF Architect\ConversionService.exe

--
End of file - 7607 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\avast! Emergency Update.job - C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-343818398-1659004503-839522115-1004Core.job - C:\Documents and Settings\alfaomega\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-343818398-1659004503-839522115-1004UA.job - C:\Documents and Settings\alfaomega\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job - C:\WINDOWS\system32\xp_eos.exe
C:\WINDOWS\tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job - C:\WINDOWS\system32\xp_eos.exe -c

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\alfaomega\Data aplikací\Mozilla\Firefox\Profiles\1pws94c3.default

prefs.js - "browser.search.useDBForOrder" - "false"
prefs.js - "browser.startup.homepage" - "https://www.google.sk/"
prefs.js - "keyword.URL" - "http://dts.search.ask.com/sr?src=ffb&gc ... PN10647&q="

"FFPDFArchitectConverter@pdfarchitect.com"=C:\Program Files\PDF Architect\FFPDFArchitectExt
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.152 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll

C:\Program Files\Mozilla Firefox\plugins\
NPOFF12.DLL
npPDFXCviewNPPlugin.dll

C:\Documents and Settings\alfaomega\Data aplikací\Mozilla\Firefox\Profiles\1pws94c3.default\extensions\
cxczlj@hslxgrbp.co.uk
zu5uyio@ukeao-yieo.com
{95bef0b1-9d3a-41f3-bb8b-8275aaa48c66}
{db615d8a-b766-4397-9ef1-0eeaf684d8da}

C:\Documents and Settings\alfaomega\Data aplikací\Mozilla\Firefox\Profiles\1pws94c3.default\searchplugins\
Ask.xml
default-search.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}]
Linkey - C:\PROGRA~1\Linkey\IEEXTE~1\iedll.dll [2014-04-15 182800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-08-01 457712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}]
Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2011-01-26 319488]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files\Microsoft\BingBar\7.1.362.0\BingExt.dll [2012-02-13 1307928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2011-01-26 319488]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files\Microsoft\BingBar\7.1.362.0\BingExt.dll [2012-02-13 1307928]
{95bef0b1-9d3a-41f3-bb8b-8275aaa48c66}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2008-12-18 150040]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2008-12-18 178712]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2008-12-18 150040]
"CanonSolutionMenuEx"=C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE [2010-04-02 1185112]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-08-01 4085896]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2013-10-04 20145368]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"EPSON L800 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIG5P.EXE [2010-12-07 208384]
"Zoner Photo Studio Service 16"=C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE [2013-12-13 831488]
"Zoner Photo Studio Autoupdate"=C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE [2013-12-13 831488]

C:\Documents and Settings\alfaomega\Nabídka Start\Programy\Po spuštění
Orezávač obrazovky a spúšťač programu OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2008-12-12 217088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Empire Interactive\FlatOut2\flatout2.exe"="C:\Program Files\Empire Interactive\FlatOut2\flatout2.exe:*:Enabled:FlatOut2"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Movies Toolbar\Datamngr\SRTOOL~1\IE\dtUser.exe"="C:\Program Files\Movies Toolbar\Datamngr\SRTOOL~1\IE\dtUser.exe:*:Enabled:Movies Toolbar (Dist. by Bandoo Media, Inc.) DTX Broker"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Empire Interactive\FlatOut2\flatout2.exe"="C:\Program Files\Empire Interactive\FlatOut2\flatout2.exe:*:Enabled:FlatOut2"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe]
"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======List of files/folders created in the last 1 month======

2014-11-07 14:35:24 ----D---- C:\rsit
2014-11-07 14:35:24 ----D---- C:\Program Files\trend micro
2014-11-02 14:37:05 ----D---- C:\spoolerlogs
2014-10-14 18:21:07 ----D---- C:\Program Files\Mozilla Firefox
2014-10-11 12:23:44 ----D---- C:\Documents and Settings\alfaomega\Data aplikací\EZDownloader
2014-10-11 08:42:46 ----A---- C:\WINDOWS\system32\hidserv.dll
2014-10-11 08:42:42 ----A---- C:\WINDOWS\system32\drivers\kbdhid.sys
2014-10-11 07:43:43 ----A---- C:\WINDOWS\vncutil.exe
2014-10-11 07:43:43 ----A---- C:\WINDOWS\SOUNDMAN.EXE
2014-10-11 07:43:43 ----A---- C:\WINDOWS\RtlUpd.exe
2014-10-11 07:43:43 ----A---- C:\WINDOWS\RTLCPL.EXE
2014-10-11 07:43:42 ----A---- C:\WINDOWS\system32\RtkCoLDRXP.dll
2014-10-11 07:43:42 ----A---- C:\WINDOWS\system32\RtkCoInstIIXP.dll
2014-10-11 07:43:42 ----A---- C:\WINDOWS\system32\drivers\RtkHDAud.sys
2014-10-11 07:43:42 ----A---- C:\WINDOWS\RtkAudioService.exe
2014-10-11 07:43:40 ----A---- C:\WINDOWS\system32\drivers\RTAIODAT.DAT
2014-10-11 07:43:40 ----A---- C:\WINDOWS\system32\drivers\Monfilt.sys
2014-10-11 07:43:40 ----A---- C:\WINDOWS\RTHDCPL.EXE
2014-10-11 07:43:40 ----A---- C:\WINDOWS\MicCal.exe
2014-10-11 07:43:38 ----A---- C:\WINDOWS\system32\drivers\Ambfilt.sys
2014-10-11 07:43:38 ----A---- C:\WINDOWS\ALCWZRD.EXE
2014-10-11 07:43:38 ----A---- C:\WINDOWS\ALCMTR.EXE
2014-10-11 07:43:33 ----A---- C:\WINDOWS\RtlExUpd.dll

======List of files/folders modified in the last 1 month======

2014-11-07 14:35:31 ----D---- C:\WINDOWS\Prefetch
2014-11-07 14:35:24 ----D---- C:\Program Files
2014-11-07 14:29:04 ----D---- C:\WINDOWS\Debug
2014-11-07 14:29:04 ----D---- C:\WINDOWS
2014-11-07 14:28:10 ----D---- C:\WINDOWS\system32\CatRoot2
2014-11-07 14:28:07 ----D---- C:\WINDOWS\Temp
2014-11-07 14:28:05 ----D---- C:\WINDOWS\system32\ias
2014-11-07 14:26:50 ----N---- C:\WINDOWS\SchedLgU.Txt
2014-11-07 14:26:26 ----D---- C:\WINDOWS\system32
2014-11-02 13:53:57 ----D---- C:\Documents and Settings\All Users\Data aplikací\CanonIJPLM
2014-10-26 08:46:15 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2014-10-16 06:05:06 ----D---- C:\WINDOWS\system32\MRT
2014-10-16 06:00:52 ----A---- C:\WINDOWS\system32\MRT.exe
2014-10-16 05:51:05 ----D---- C:\Program Files\Mozilla Maintenance Service
2014-10-11 12:24:07 ----SD---- C:\Documents and Settings\alfaomega\Data aplikací\Microsoft
2014-10-11 12:23:44 ----D---- C:\Program Files\EZDownloader
2014-10-11 08:42:53 ----RSHDC---- C:\WINDOWS\system32\dllcache
2014-10-11 08:42:43 ----D---- C:\WINDOWS\system32\drivers
2014-10-11 08:42:29 ----HD---- C:\WINDOWS\inf
2014-10-11 07:43:57 ----D---- C:\WINDOWS\system32\RTCOM
2014-10-11 07:43:38 ----HD---- C:\Program Files\InstallShield Installation Information
2014-10-11 07:43:38 ----D---- C:\Program Files\Realtek

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2014-08-01 49944]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2014-08-01 192352]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2014-08-01 55112]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2014-08-01 779536]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2014-08-01 414520]
R1 aswTdi;aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [2014-08-01 57800]
R1 F06DEFF2-5B9C-490D-910F-35D3A9119622;F06DEFF2-5B9C-490D-910F-35D3A9119622; \??\C:\Program Files\Movies Toolbar\Datamngr\setmgrc2.cfg []
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2014-08-01 24184]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2014-08-01 67824]
R2 irda;Protokol IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192]
R2 NwlnkIpx;Transportní protokol kompatibilní s NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-13 88320]
R2 NwlnkNb;Služba NWLink pro rozhraní NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2006-03-02 63232]
R2 NwlnkSpx;Protokol NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2006-03-02 55936]
R3 admjoy;Aureal Game Port Enumerator; C:\WINDOWS\system32\DRIVERS\admjoy.sys [2008-04-13 10880]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2008-12-12 6048768]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2013-12-10 5630168]
R3 irsir;Microsoft Serial Infrared Driver; C:\WINDOWS\system32\DRIVERS\irsir.sys [2001-08-17 18688]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-03-02 12160]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2009-06-05 142336]
R3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S2 ASInsHelp;ASInsHelp; \??\C:\WINDOWS\system32\drivers\AsInsHelp32.sys []
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2009-11-18 1691480]
S3 AndNetDiag;LGE AndroidNet USB Serial Port; C:\WINDOWS\system32\DRIVERS\lgandnetdiag.sys [2012-07-03 23040]
S3 ANDNetModem;LGE AndroidNet USB Modem; C:\WINDOWS\system32\DRIVERS\lgandnetmodem.sys [2012-07-03 27776]
S3 cpuz134;cpuz134; \??\C:\Program Files\CPUID\PC Wizard 2010\pcwiz_x32.sys []
S3 cpuz136;cpuz136; \??\C:\Program Files\CPUID\PC Wizard 2013\pcwiz_x32.sys []
S3 massfilter_hs;HS HandSet Mass Storage Filter Driver; \??\C:\WINDOWS\system32\drivers\massfilter_hs.sys []
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2009-11-18 1395800]
S3 nm;Ovladač programu Sledování sítě; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-13 40320]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S3 zghsser;ZTE General Handset Serial Port; C:\WINDOWS\system32\DRIVERS\zghsser.sys [2012-10-31 116232]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-08-01 50344]
R2 BBSvc;BingBar Service; C:\Program Files\Microsoft\BingBar\7.1.362.0\BBSvc.exe [2012-02-13 193816]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2010-04-05 116104]
R2 Irmon;Sledování infračerveného přenosu; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 MyEpson Portal Service;MyEpson Portal Service; C:\Program Files\EPSON\MyEpson Portal\mepService.exe [2012-07-26 703616]
R2 PDF Architect Helper Service;PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [2014-01-23 1335344]
R2 PDF Architect Service;PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [2014-01-23 856112]
R2 SNMP;SNMP; C:\WINDOWS\System32\snmp.exe [2008-04-14 32768]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-10 267440]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 BBUpdate;BBUpdate; C:\Program Files\Microsoft\BingBar\7.1.362.0\SeaPort.exe [2012-02-13 240408]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 LPDSVC;Tiskový server TCP/IP; C:\WINDOWS\system32\tcpsvcs.exe [2006-03-02 19456]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-10-14 114288]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SNMPTRAP;Zachytávání pro službu SNMP; C:\WINDOWS\System32\snmptrap.exe [2008-04-14 8704]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

#2 Příspěvek od **cernohous13** » 07 lis 2014 16:58

Zdravím,

Stáhni Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
Ulož jej na plochu a spusť - zobrazí se licenční podminky -> start libovolnou klávesou.
Bude vytvořena záloha a proběhne skenování.
Vyskočí log (nebo je uložen zde c:\JRT jako JRT.txt) - zkopíruj jej sem

Stáhni AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
https://toolslib.net/downloads/finish/1/
http://www.bleepingcomputer.com/download/adwcleaner/
Ulož nejlépe na plochu -> ukonči všechny programy -> spusť AdwCleaner -> klikni na Scan po dokončení na Clean
bude provedena oprava, restartuje se - (případně restartuj) a vypadne log C:\AdwCleaner\AdwCleaner[S?].txt , jeho obsah vložíš sem

pravděpodobně budeš nucena vypnout na tu chvíli antivir - je to čisté, prověřeno

vyosek píše: Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu
Po spuštění do okna vlozte skript nize
Kód: Vybrat vše
srinfo;
autoclean;
emptyclsid;
iedefaults;
process;
hijackthis;
emptyalltemp;
resethosts;
Nasledne kliknete na Run Script

PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem
Log bude zde C:\zoek-results.log

Iva212 · #3 Příspěvek od **Iva212** » 07 lis 2014 20:15

JRT

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.6 (11.05.2014:1)
OS: Microsoft Windows XP x86
Ran by alfaomega on pi 07. 11. 2014 at 20:04:32,84
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

Failed to stop: [Service] f06deff2-5b9c-490d-910f-35d3a9119622

~~~ Registry Values

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-343818398-1659004503-839522115-1004\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL

~~~ Registry Keys

Successfully deleted: [Registry Key] "hkey_current_user\software\apn pip"
Successfully deleted: [Registry Key] "hkey_current_user\software\pip"
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2405}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2503}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2405}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2503}

~~~ Files

~~~ Folders

Successfully deleted: [Folder] "C:\Documents and Settings\alfaomega\Data aplikacˇ\opencandy"
Successfully deleted: [Folder] "C:\Documents and Settings\alfaomega\Data aplikacˇ\pdfforge"
Successfully deleted: [Folder] "C:\Documents and Settings\alfaomega\Data aplikacˇ\searchresultstb"
Successfully deleted: [Folder] "C:\Documents and Settings\alfaomega\Data aplikacˇ\systweak"
Successfully deleted: [Folder] "C:\Program Files\movies toolbar"
Successfully deleted: [Folder] "C:\Program Files\plurpush"

~~~ FireFox

Successfully deleted: [File] C:\Documents and Settings\alfaomega\Data aplikacˇ\mozilla\firefox\profiles\1pws94c3.default\searchplugins\ask.xml
Successfully deleted: [File] C:\Documents and Settings\alfaomega\Data aplikacˇ\mozilla\firefox\profiles\1pws94c3.default\searchplugins\default-search.xml
Successfully deleted the following from C:\Documents and Settings\alfaomega\Data aplikacˇ\mozilla\firefox\profiles\1pws94c3.default\prefs.js

user_pref("browser.search.defaultenginename", "Ask.com");
user_pref("browser.search.order.1", "Ask.com");
user_pref("browser.search.selectedEngine", "Ask.com");
user_pref("extensions.46BCZPe.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-
user_pref("extensions.P5w_cc0MJs.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\"
user_pref("extensions.P5w_cc0MJs.url", "hxxp://getjpi77.info/sync2/?q=hfZ9ofV9CShEAen0rTYErchTB6lKDzt4olqvtNtVh7n0rjnEqTw6rjUHpjr6tMFHhd9Fqda6rHwEqHnFrjCMDMlGojUMAe4UojC6rja8p
user_pref("keyword.URL", "hxxp://dts.search.ask.com/sr?src=ffb&gct=ds&appid=0&systemid=405&v=a13350-381&apn_dtid=BND405&apn_ptnrs=AG8&apn_uid=3035352517954345&o=APN10647&q=");

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on pi 07. 11. 2014 at 20:09:49,28
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Iva212 · #4 Příspěvek od **Iva212** » 07 lis 2014 20:21

ADW

nech sa páči

# AdwCleaner v3.311 - Report created 07/11/2014 at 20:18:10
# Updated 30/09/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : alfaomega - IVO
# Running from : C:\Documents and Settings\alfaomega\Plocha\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : F06DEFF2-5B9C-490D-910F-35D3A9119622

***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\Adblocker
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\DataMngr
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\systemk
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\ssave on
Folder Deleted : C:\Documents and Settings\All Users\Nabídka Start\Programy\EZDownloader
Folder Deleted : C:\Program Files\Adblocker
Folder Deleted : C:\Program Files\EZDownloader
Folder Deleted : C:\Program Files\Linkey
Folder Deleted : C:\Program Files\Settings Manager
Folder Deleted : C:\Program Files\ssave on
Folder Deleted : C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Chromatic Browser
Folder Deleted : C:\Documents and Settings\Administrator\Local Settings\Data aplikací\torch
Folder Deleted : C:\Documents and Settings\alfaomega\Local Settings\Data aplikací\Chromatic Browser
Folder Deleted : C:\Documents and Settings\alfaomega\Local Settings\Data aplikací\torch
Folder Deleted : C:\Documents and Settings\alfaomega\Data aplikací\0H1F2WtF1L1G1R
Folder Deleted : C:\Documents and Settings\alfaomega\Data aplikací\EZDownloader
Folder Deleted : C:\Documents and Settings\alfaomega\Data aplikací\FirefoxToolbar
Folder Deleted : C:\Documents and Settings\alfaomega\Data aplikací\WebExtend
Folder Deleted : C:\Documents and Settings\Guest\Local Settings\Data aplikací\Chromatic Browser
Folder Deleted : C:\Documents and Settings\Guest\Local Settings\Data aplikací\torch
Folder Deleted : C:\Documents and Settings\HelpAssistant\Local Settings\Data aplikací\Chromatic Browser
Folder Deleted : C:\Documents and Settings\HelpAssistant\Local Settings\Data aplikací\torch
Folder Deleted : C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Data aplikací\Chromatic Browser
Folder Deleted : C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Data aplikací\torch
[!] Folder Deleted : C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lemlkbbiegaemaahmjpcmigkkchbeglm
[!] Folder Deleted : C:\Documents and Settings\alfaomega\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lemlkbbiegaemaahmjpcmigkkchbeglm
[!] Folder Deleted : C:\Documents and Settings\Guest\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lemlkbbiegaemaahmjpcmigkkchbeglm
[!] Folder Deleted : C:\Documents and Settings\HelpAssistant\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lemlkbbiegaemaahmjpcmigkkchbeglm
[!] Folder Deleted : C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lemlkbbiegaemaahmjpcmigkkchbeglm
[!] Folder Deleted : C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\npmonechgpijbjnbimkdcamnidgdhidi
[!] Folder Deleted : C:\Documents and Settings\alfaomega\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\npmonechgpijbjnbimkdcamnidgdhidi
[!] Folder Deleted : C:\Documents and Settings\Guest\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\npmonechgpijbjnbimkdcamnidgdhidi
[!] Folder Deleted : C:\Documents and Settings\HelpAssistant\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\npmonechgpijbjnbimkdcamnidgdhidi
[!] Folder Deleted : C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\npmonechgpijbjnbimkdcamnidgdhidi
[!] Folder Deleted : C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lemlkbbiegaemaahmjpcmigkkchbeglm
[!] Folder Deleted : C:\Documents and Settings\alfaomega\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lemlkbbiegaemaahmjpcmigkkchbeglm
[!] Folder Deleted : C:\Documents and Settings\Guest\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lemlkbbiegaemaahmjpcmigkkchbeglm
[!] Folder Deleted : C:\Documents and Settings\HelpAssistant\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lemlkbbiegaemaahmjpcmigkkchbeglm
[!] Folder Deleted : C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lemlkbbiegaemaahmjpcmigkkchbeglm
[!] Folder Deleted : C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\npmonechgpijbjnbimkdcamnidgdhidi
[!] Folder Deleted : C:\Documents and Settings\alfaomega\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\npmonechgpijbjnbimkdcamnidgdhidi
[!] Folder Deleted : C:\Documents and Settings\Guest\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\npmonechgpijbjnbimkdcamnidgdhidi
[!] Folder Deleted : C:\Documents and Settings\HelpAssistant\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\npmonechgpijbjnbimkdcamnidgdhidi
[!] Folder Deleted : C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\npmonechgpijbjnbimkdcamnidgdhidi
[!] Folder Deleted : C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lemlkbbiegaemaahmjpcmigkkchbeglm
[!] Folder Deleted : C:\Documents and Settings\alfaomega\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lemlkbbiegaemaahmjpcmigkkchbeglm
[!] Folder Deleted : C:\Documents and Settings\Guest\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lemlkbbiegaemaahmjpcmigkkchbeglm
[!] Folder Deleted : C:\Documents and Settings\HelpAssistant\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lemlkbbiegaemaahmjpcmigkkchbeglm
[!] Folder Deleted : C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lemlkbbiegaemaahmjpcmigkkchbeglm
[!] Folder Deleted : C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\npmonechgpijbjnbimkdcamnidgdhidi
[!] Folder Deleted : C:\Documents and Settings\alfaomega\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\npmonechgpijbjnbimkdcamnidgdhidi
[!] Folder Deleted : C:\Documents and Settings\Guest\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\npmonechgpijbjnbimkdcamnidgdhidi
[!] Folder Deleted : C:\Documents and Settings\HelpAssistant\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\npmonechgpijbjnbimkdcamnidgdhidi
[!] Folder Deleted : C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\npmonechgpijbjnbimkdcamnidgdhidi
[!] Folder Deleted : C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lemlkbbiegaemaahmjpcmigkkchbeglm
[!] Folder Deleted : C:\Documents and Settings\alfaomega\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lemlkbbiegaemaahmjpcmigkkchbeglm
[!] Folder Deleted : C:\Documents and Settings\Guest\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lemlkbbiegaemaahmjpcmigkkchbeglm
[!] Folder Deleted : C:\Documents and Settings\HelpAssistant\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lemlkbbiegaemaahmjpcmigkkchbeglm
[!] Folder Deleted : C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lemlkbbiegaemaahmjpcmigkkchbeglm
[!] Folder Deleted : C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\npmonechgpijbjnbimkdcamnidgdhidi
[!] Folder Deleted : C:\Documents and Settings\alfaomega\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\npmonechgpijbjnbimkdcamnidgdhidi
[!] Folder Deleted : C:\Documents and Settings\Guest\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\npmonechgpijbjnbimkdcamnidgdhidi
[!] Folder Deleted : C:\Documents and Settings\HelpAssistant\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\npmonechgpijbjnbimkdcamnidgdhidi
[!] Folder Deleted : C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\npmonechgpijbjnbimkdcamnidgdhidi
[!] Folder Deleted : C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lemlkbbiegaemaahmjpcmigkkchbeglm
[!] Folder Deleted : C:\Documents and Settings\alfaomega\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lemlkbbiegaemaahmjpcmigkkchbeglm
[!] Folder Deleted : C:\Documents and Settings\Guest\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lemlkbbiegaemaahmjpcmigkkchbeglm
[!] Folder Deleted : C:\Documents and Settings\HelpAssistant\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lemlkbbiegaemaahmjpcmigkkchbeglm
[!] Folder Deleted : C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lemlkbbiegaemaahmjpcmigkkchbeglm
[!] Folder Deleted : C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\npmonechgpijbjnbimkdcamnidgdhidi
[!] Folder Deleted : C:\Documents and Settings\alfaomega\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\npmonechgpijbjnbimkdcamnidgdhidi
[!] Folder Deleted : C:\Documents and Settings\Guest\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\npmonechgpijbjnbimkdcamnidgdhidi
[!] Folder Deleted : C:\Documents and Settings\HelpAssistant\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\npmonechgpijbjnbimkdcamnidgdhidi
[!] Folder Deleted : C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\npmonechgpijbjnbimkdcamnidgdhidi
File Deleted : C:\Documents and Settings\All Users\Plocha\EZDownloader.lnk
File Deleted : C:\WINDOWS\system32\roboot.exe
File Deleted : C:\Program Files\Mozilla Firefox\browser\searchplugins\Ask.xml
File Deleted : C:\Program Files\Mozilla Firefox\browser\searchplugins\default-search.xml

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bpegkgagfojjbcpkihigfmkojdmmimdf
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ehgldbbpchgpcfagfpfjgoomddhccfgh
Key Deleted : HKLM\SOFTWARE\Classes\Linkey.Linkey
Key Deleted : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard
Key Deleted : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard.1
Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x64]
Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x86]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6A7CD9EC-D8BD-4340-BCD0-77C09A282921}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{726E90BE-DC22-4965-B215-E0784DC26F47}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{54739D49-AC03-4C57-9264-C5195596B3A1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\Movies Toolbar\Datamngr\SRTOOL~1\IE\dtUser.exe]
Key Deleted : HKCU\Software\APN DTX
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\PlurPush
Key Deleted : HKCU\Software\RegisteredApplicationsEx
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\SystemK
Key Deleted : HKCU\Software\systweak
Key Deleted : HKLM\SOFTWARE\Linkey
Key Deleted : HKLM\SOFTWARE\PIP
Key Deleted : HKLM\SOFTWARE\PlurPush
Key Deleted : HKLM\SOFTWARE\SystemK
Key Deleted : HKLM\SOFTWARE\systweak
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\vDownloader Packages
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0F44DC3A-6E62-4961-A14B-95323C512F9B}_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PlurPush
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Settings Manager
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Linkey
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\vDownloader Packages
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{0F44DC3A-6E62-4961-A14B-95323C512F9B}_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\PlurPush
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Settings Manager
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

-\\ Mozilla Firefox v33.0.3 (x86 sk)

[ File : C:\Documents and Settings\alfaomega\Data aplikací\Mozilla\Firefox\Profiles\1pws94c3.default\prefs.js ]

-\\ Google Chrome v

[ File : C:\Documents and Settings\alfaomega\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]

Deleted [Search Provider] : hxxp://www.default-search.net/search?sid=503&a ... earchTerms}
Deleted [Search Provider] : hxxp://dts.search.ask.com/sr?src=crb&gct=ds&appid=0&systemid=405&v=a13350-381&apn_uid=3035352517954345&apn_dtid=BND405&o=APN10647&apn_ptnrs=AG8&q={searchTerms}
Deleted [Startup_urls] : hxxp://www.search.ask.com/?o=APN10647A&gct=hp& ... 50-381&t=4
Deleted [Startup_urls] : hxxp://www.default-search.net?sid=503&aid=100& ... 81&src=hmp
Deleted [Homepage] : hxxp://www.search.ask.com/?o=APN10647A&gct=hp& ... 50-381&t=4
Deleted [Extension] : lemlkbbiegaemaahmjpcmigkkchbeglm
Deleted [Extension] : npmonechgpijbjnbimkdcamnidgdhidi

*************************

AdwCleaner[R0].txt - [16769 octets] - [07/11/2014 20:16:42]
AdwCleaner[S0].txt - [16882 octets] - [07/11/2014 20:18:10]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [16943 octets] ##########

Iva212 · #5 Příspěvek od **Iva212** » 07 lis 2014 20:43

ZOEK

nech sa páči

Zoek.exe v5.0.0.0 Updated 06-November-2014
Tool run by alfaomega on pi 07. 11. 2014 at 20:24:12,21.
Microsoft Windows XP Home Edition 5.1.2600 Service Pack 3 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Documents and Settings\alfaomega\Plocha\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

7. 11. 2014 20:24:50 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-343818398-1659004503-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
HKEY_USERS\S-1-5-21-343818398-1659004503-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
HKEY_USERS\S-1-5-21-343818398-1659004503-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95BEF0B1-9D3A-41F3-BB8B-8275AAA48C66} deleted successfully
HKEY_USERS\S-1-5-21-343818398-1659004503-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95BEF0B1-9D3A-41F3-BB8B-8275AAA48C66} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{95BEF0B1-9D3A-41F3-BB8B-8275AAA48C66} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-343818398-1659004503-839522115-1004\Software\Microsoft\Internet Explorer\Approved Extensions\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47} deleted successfully
HKEY_USERS\S-1-5-21-343818398-1659004503-839522115-1004\Software\Microsoft\Internet Explorer\Approved Extensions\{54739D49-AC03-4C57-9264-C5195596B3A1} deleted successfully
HKEY_USERS\S-1-5-21-343818398-1659004503-839522115-1004\Software\Microsoft\Internet Explorer\Approved Extensions\{95BEF0B1-9D3A-41F3-BB8B-8275AAA48C66} deleted successfully
HKEY_USERS\S-1-5-21-343818398-1659004503-839522115-1004\Software\Microsoft\Internet Explorer\Approved Extensions\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{95BEF0B1-9D3A-41F3-BB8B-8275AAA48C66} deleted successfully

==== Running Processes ======================

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\Microsoft\BingBar\7.1.362.0\BBSvc.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\EPSON\MyEpson Portal\mepService.exe
C:\Program Files\PDF Architect\HelperService.exe
C:\Program Files\PDF Architect\ConversionService.exe
C:\WINDOWS\System32\snmp.exe
C:\Program Files\EPSON\MyEpson Portal\mep.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\alfaomega\Plocha\zoek.exe
C:\Program Files\Microsoft\BingBar\7.1.362.0\SeaPort.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc

==== Deleting Services ======================

==== Deleting Files \ Folders ======================

C:\Documents and Settings\alfaomega\.android deleted
C:\Program Files\ComPlus Applications deleted
C:\Program Files\Empire Interactive deleted
C:\Program Files\Common Files\DVDVideoSoft\bin deleted
C:\Program Files\Savevid deleted
C:\FlvtoYoutubeDownloader.exe deleted
C:\DOCUME~1\ALLUSE~1\DATAAP~1\InstallMate deleted
C:\Documents and Settings\alfaomega\Plocha\Live PC Help.lnk deleted
"C:\DOCUME~1\ALLUSE~1\DATAAP~1\4d56548d1c9051c8\{4820778D-AB0D-6D18-C316-52A6A0E1D507}.20140617214012" deleted
"C:\DOCUME~1\ALLUSE~1\DATAAP~1\4d56548d1c9051c8\{993EA8F6-6E55-7E4E-39DE-5796E3226DB9}.20140617213847" deleted
"C:\DOCUME~1\ALLUSE~1\DATAAP~1\4d56548d1c9051c8\{993EA8F6-6E55-7E4E-39DE-5796E3226DB9}.20140617213937" deleted
"C:\DOCUME~1\ALLUSE~1\DATAAP~1\4d56548d1c9051c8" deleted

======== System Restore Points ========

RP110: 10. 8. 2014 15:01:51 - Kontrolní bod systému
RP111: 12. 8. 2014 14:54:48 - Kontrolní bod systému
RP112: 13. 8. 2014 11:52:04 - Software Distribution Service 3.0
RP113: 14. 8. 2014 18:41:54 - Kontrolní bod systému
RP114: 16. 8. 2014 13:52:34 - Kontrolní bod systému
RP115: 17. 8. 2014 14:30:40 - Kontrolní bod systému
RP116: 19. 8. 2014 12:41:59 - Kontrolní bod systému
RP117: 20. 8. 2014 13:16:54 - Kontrolní bod systému
RP118: 21. 8. 2014 15:45:19 - Kontrolní bod systému
RP119: 22. 8. 2014 18:04:39 - Kontrolní bod systému
RP120: 24. 8. 2014 20:12:41 - Kontrolní bod systému
RP121: 25. 8. 2014 20:26:38 - Kontrolní bod systému
RP122: 27. 8. 2014 17:50:32 - Kontrolní bod systému
RP123: 31. 8. 2014 13:23:44 - Kontrolní bod systému
RP124: 1. 9. 2014 17:22:44 - Kontrolní bod systému
RP125: 3. 9. 2014 12:18:03 - Kontrolní bod systému
RP126: 4. 9. 2014 12:57:27 - Kontrolní bod systému
RP127: 6. 9. 2014 20:03:08 - Kontrolní bod systému
RP128: 8. 9. 2014 19:31:52 - Kontrolní bod systému
RP129: 10. 9. 2014 11:11:29 - Software Distribution Service 3.0
RP130: 11. 9. 2014 18:18:00 - Kontrolní bod systému
RP131: 12. 9. 2014 18:34:42 - Kontrolní bod systému
RP132: 13. 9. 2014 18:51:53 - Kontrolní bod systému
RP133: 14. 9. 2014 16:19:44 - Odstraněno Realtek High Definition Audio Driver
RP134: 15. 9. 2014 16:21:00 - Kontrolní bod systému
RP135: 17. 9. 2014 20:19:31 - Kontrolní bod systému
RP136: 21. 9. 2014 14:19:11 - Kontrolní bod systému
RP137: 24. 9. 2014 11:07:48 - Kontrolní bod systému
RP138: 25. 9. 2014 19:29:41 - Kontrolní bod systému
RP139: 27. 9. 2014 8:29:19 - Kontrolní bod systému
RP140: 28. 9. 2014 20:19:37 - Kontrolní bod systému
RP141: 30. 9. 2014 12:55:41 - Kontrolní bod systému
RP142: 1. 10. 2014 13:49:55 - Kontrolní bod systému
RP143: 4. 10. 2014 9:47:29 - Kontrolní bod systému
RP144: 4. 10. 2014 14:44:11 - Installed Windows Media Player 11
RP145: 4. 10. 2014 14:45:13 - Software Distribution Service 3.0
RP146: 4. 10. 2014 15:00:07 - Software Distribution Service 3.0
RP147: 5. 10. 2014 11:49:17 - Software Distribution Service 3.0
RP148: 7. 10. 2014 13:24:07 - Kontrolní bod systému
RP149: 8. 10. 2014 15:34:16 - Kontrolní bod systému
RP150: 9. 10. 2014 17:59:52 - Kontrolní bod systému
RP151: 11. 10. 2014 8:43:38 - Instalováno Realtek High Definition Audio Driver
RP152: 14. 10. 2014 15:49:34 - Kontrolní bod systému
RP153: 16. 10. 2014 7:00:45 - Software Distribution Service 3.0
RP154: 17. 10. 2014 21:18:39 - Kontrolní bod systému
RP155: 19. 10. 2014 0:04:45 - Kontrolní bod systému
RP156: 20. 10. 2014 13:24:13 - Kontrolní bod systému
RP157: 21. 10. 2014 13:43:57 - Kontrolní bod systému
RP158: 24. 10. 2014 8:37:36 - Kontrolní bod systému
RP159: 25. 10. 2014 12:38:56 - Kontrolní bod systému
RP160: 27. 10. 2014 16:05:11 - Kontrolní bod systému
RP161: 31. 10. 2014 12:28:26 - Kontrolní bod systému
RP162: 3. 11. 2014 17:54:32 - Kontrolní bod systému
RP163: 7. 11. 2014 14:05:37 - Kontrolní bod systému
RP164: 7. 11. 2014 20:24:50 - zoek.exe restore point

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{20a82645-c095-46ed-80e3-08825760534b}"="C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension" [19. 06. 2014 13:44]

==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[01. 08. 2014 10:17]

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\FFPDFArchitectConverter@pdfarchitect.com deleted successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Policies\Google deleted successfully

==== HijackThis Entries ======================

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\7.1.362.0\BingExt.dll
O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [EPSON L800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIG5P.EXE /FU "C:\WINDOWS\TEMP\E_S3BA.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [Zoner Photo Studio Service 16] "C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXEC:\Program Files\Zoner\Photo Studio 16\Program32\ZPSService.exe"
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-18 Startup: Orezávač obrazovky a spúšťač programu OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (User 'SYSTEM')
O4 - .DEFAULT Startup: Orezávač obrazovky a spúšťač programu OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (User 'Default user')
O4 - Startup: Orezávač obrazovky a spúšťač programu OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: MyEpson Portal Service - SEIKO EPSON CORPORATION - C:\Program Files\EPSON\MyEpson Portal\mepService.exe
O23 - Service: PDF Architect Helper Service - pdfforge GmbH - C:\Program Files\PDF Architect\HelperService.exe
O23 - Service: PDF Architect Service - pdfforge GmbH - C:\Program Files\PDF Architect\ConversionService.exe

==== Empty IE Cache ======================

C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\alfaomega\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=39 folders=11 3071827514 bytes)

==== Empty Temp Folders ======================

C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\DOCUME~1\ALFAOM~1\LOCALS~1\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\RECYCLER successfully emptied

==== Deleting Files / Folders ======================

"C:\Documents and Settings\alfaomega\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not found

==== EOF on pi 07. 11. 2014 at 20:41:48,25 ======================

#6 Příspěvek od **cernohous13** » 08 lis 2014 05:30

Stáhni a nainstaluj MBAM zde http://www.bleepingcomputer.com/downloa ... re/dl/241/ verzi 1.75
Při instalaci ti jako první nabídne instalaci nové verze - dáš Storno - bude aktualizována jen databáze
Po instalaci Spustit -> na 1.záložce "Kontrolor" -> Úplná kontrola -> Prohledat
po dokončení scanu vyskočí okno Notepad s výsledkem - obsah zkopíruj do své odpovědi
zatím nic nemazat - počkej na posouzení a program nezavírej

Iva212 · #7 Příspěvek od **Iva212** » 08 lis 2014 15:13

Malwarebytes Anti-Malware (Skúšobná verzia) 1.75.0.1300
www.malwarebytes.org

Verzia databázy: v2014.11.08.02

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
alfaomega :: IVO [administrátor]

Ochrana: Zapnuté

8. 11. 2014 14:26:25
MBAM-log-2014-11-08 (15-13-02).txt

Typ kontroly: Úplná kontrola (C:\|D:\|)
Možnosti kontroly zapnuté: Pamäť | Po spustení | Registre | Systémové súbory | Heuristika/Extra | Heuristika/Shuriken | PUP | PUM
Možnosti kontroly vypnuté: P2P
Objektov kontrolovaných: 391867
Uplynutý čas: 43 min, 41 sek

Detegované služby pamäte: 0
(Škodlivé položky neboli zistené)

Detegované moduly pamäte: 0
(Škodlivé položky neboli zistené)

Detegované registračné kľúče: 3
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{82249076-D5C8-431D-982B-023779779587} (PUP.Optional.PlurPush.A) -> Žiadna úloha nevykonaná.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{82249076-D5C8-431D-982B-023779779587} (PUP.Optional.PlurPush.A) -> Žiadna úloha nevykonaná.
HKCU\Software\savevidmoviestoolbarha (PUP.Optional.MoviesToolBar.A) -> Žiadna úloha nevykonaná.

Detegované registračné hodnoty: 0
(Škodlivé položky neboli zistené)

Detegované položky registračných dát: 0
(Škodlivé položky neboli zistené)

Detegované priečinky: 1
C:\Documents and Settings\alfaomega\Data aplikací\savevidmoviestoolbarha (PUP.Optional.MoviesToolBar.A) -> Žiadna úloha nevykonaná.

Detegované súbory: 107
C:\AdwCleaner\Quarantine\C\Documents and Settings\alfaomega\Data aplikací\FirefoxToolbar\Movies Toolbar\Datamngr\components\DatamngrHlpFF14.dll.vir (PUP.Optional.Bandoo.A) -> Žiadna úloha nevykonaná.
C:\AdwCleaner\Quarantine\C\Documents and Settings\alfaomega\Data aplikací\FirefoxToolbar\Movies Toolbar\Datamngr\components\DatamngrHlpFF10.dll.vir (PUP.Optional.Bandoo.A) -> Žiadna úloha nevykonaná.
C:\AdwCleaner\Quarantine\C\Documents and Settings\alfaomega\Data aplikací\FirefoxToolbar\Movies Toolbar\Datamngr\components\DatamngrHlpFF11.dll.vir (PUP.Optional.Bandoo.A) -> Žiadna úloha nevykonaná.
C:\AdwCleaner\Quarantine\C\Documents and Settings\alfaomega\Data aplikací\FirefoxToolbar\Movies Toolbar\Datamngr\components\DatamngrHlpFF12.dll.vir (PUP.Optional.Bandoo.A) -> Žiadna úloha nevykonaná.
C:\AdwCleaner\Quarantine\C\Documents and Settings\alfaomega\Data aplikací\FirefoxToolbar\Movies Toolbar\Datamngr\components\DatamngrHlpFF13.dll.vir (PUP.Optional.Bandoo.A) -> Žiadna úloha nevykonaná.
C:\AdwCleaner\Quarantine\C\Documents and Settings\alfaomega\Data aplikací\FirefoxToolbar\Movies Toolbar\Datamngr\components\DatamngrHlpFF15.dll.vir (PUP.Optional.Bandoo.A) -> Žiadna úloha nevykonaná.
C:\AdwCleaner\Quarantine\C\Documents and Settings\alfaomega\Data aplikací\FirefoxToolbar\Movies Toolbar\Datamngr\components\DatamngrHlpFF16.dll.vir (PUP.Optional.Bandoo.A) -> Žiadna úloha nevykonaná.
C:\AdwCleaner\Quarantine\C\Documents and Settings\alfaomega\Data aplikací\FirefoxToolbar\Movies Toolbar\Datamngr\components\DatamngrHlpFF17.dll.vir (PUP.Optional.Bandoo.A) -> Žiadna úloha nevykonaná.
C:\AdwCleaner\Quarantine\C\Documents and Settings\alfaomega\Data aplikací\FirefoxToolbar\Movies Toolbar\Datamngr\components\DatamngrHlpFF18.dll.vir (PUP.Optional.Bandoo.A) -> Žiadna úloha nevykonaná.
C:\AdwCleaner\Quarantine\C\Documents and Settings\alfaomega\Data aplikací\FirefoxToolbar\Movies Toolbar\Datamngr\components\DatamngrHlpFF19.dll.vir (PUP.Optional.Bandoo.A) -> Žiadna úloha nevykonaná.
C:\AdwCleaner\Quarantine\C\Documents and Settings\alfaomega\Data aplikací\FirefoxToolbar\Movies Toolbar\Datamngr\components\DatamngrHlpFF2.dll.vir (PUP.Optional.Bandoo.A) -> Žiadna úloha nevykonaná.
C:\AdwCleaner\Quarantine\C\Documents and Settings\alfaomega\Data aplikací\FirefoxToolbar\Movies Toolbar\Datamngr\components\DatamngrHlpFF20.dll.vir (PUP.Optional.Bandoo.A) -> Žiadna úloha nevykonaná.
C:\AdwCleaner\Quarantine\C\Documents and Settings\alfaomega\Data aplikací\FirefoxToolbar\Movies Toolbar\Datamngr\components\DatamngrHlpFF21.dll.vir (PUP.Optional.Bandoo.A) -> Žiadna úloha nevykonaná.
C:\AdwCleaner\Quarantine\C\Documents and Settings\alfaomega\Data aplikací\FirefoxToolbar\Movies Toolbar\Datamngr\components\DatamngrHlpFF22.dll.vir (PUP.Optional.Bandoo.A) -> Žiadna úloha nevykonaná.
C:\AdwCleaner\Quarantine\C\Documents and Settings\alfaomega\Data aplikací\FirefoxToolbar\Movies Toolbar\Datamngr\components\DatamngrHlpFF23.dll.vir (PUP.Optional.Bandoo.A) -> Žiadna úloha nevykonaná.
C:\AdwCleaner\Quarantine\C\Documents and Settings\alfaomega\Data aplikací\FirefoxToolbar\Movies Toolbar\Datamngr\components\DatamngrHlpFF24.dll.vir (PUP.Optional.Bandoo.A) -> Žiadna úloha nevykonaná.
C:\AdwCleaner\Quarantine\C\Documents and Settings\alfaomega\Data aplikací\FirefoxToolbar\Movies Toolbar\Datamngr\components\DatamngrHlpFF25.dll.vir (PUP.Optional.Bandoo.A) -> Žiadna úloha nevykonaná.
C:\AdwCleaner\Quarantine\C\Documents and Settings\alfaomega\Data aplikací\FirefoxToolbar\Movies Toolbar\Datamngr\components\DatamngrHlpFF26.dll.vir (PUP.Optional.Bandoo.A) -> Žiadna úloha nevykonaná.
C:\AdwCleaner\Quarantine\C\Documents and Settings\alfaomega\Data aplikací\FirefoxToolbar\Movies Toolbar\Datamngr\components\DatamngrHlpFF27.dll.vir (PUP.Optional.Bandoo.A) -> Žiadna úloha nevykonaná.
C:\AdwCleaner\Quarantine\C\Documents and Settings\alfaomega\Data aplikací\FirefoxToolbar\Movies Toolbar\Datamngr\components\DatamngrHlpFF28.dll.vir (PUP.Optional.Bandoo.A) -> Žiadna úloha nevykonaná.
C:\AdwCleaner\Quarantine\C\Documents and Settings\alfaomega\Data aplikací\FirefoxToolbar\Movies Toolbar\Datamngr\components\DatamngrHlpFF29.dll.vir (PUP.Optional.Bandoo.A) -> Žiadna úloha nevykonaná.
C:\AdwCleaner\Quarantine\C\Documents and Settings\alfaomega\Data aplikací\FirefoxToolbar\Movies Toolbar\Datamngr\components\DatamngrHlpFF30.dll.vir (PUP.Optional.Bandoo.A) -> Žiadna úloha nevykonaná.
C:\AdwCleaner\Quarantine\C\Documents and Settings\alfaomega\Data aplikací\FirefoxToolbar\Movies Toolbar\Datamngr\components\DatamngrHlpFF4.dll.vir (PUP.Optional.Bandoo.A) -> Žiadna úloha nevykonaná.
C:\AdwCleaner\Quarantine\C\Documents and Settings\alfaomega\Data aplikací\FirefoxToolbar\Movies Toolbar\Datamngr\components\DatamngrHlpFF5.dll.vir (PUP.Optional.Bandoo.A) -> Žiadna úloha nevykonaná.
C:\AdwCleaner\Quarantine\C\Documents and Settings\alfaomega\Data aplikací\FirefoxToolbar\Movies Toolbar\Datamngr\components\DatamngrHlpFF6.dll.vir (PUP.Optional.Bandoo.A) -> Žiadna úloha nevykonaná.
C:\AdwCleaner\Quarantine\C\Documents and Settings\alfaomega\Data aplikací\FirefoxToolbar\Movies Toolbar\Datamngr\components\DatamngrHlpFF7.dll.vir (PUP.Optional.Bandoo.A) -> Žiadna úloha nevykonaná.
C:\AdwCleaner\Quarantine\C\Documents and Settings\alfaomega\Data aplikací\FirefoxToolbar\Movies Toolbar\Datamngr\components\DatamngrHlpFF8.dll.vir (PUP.Optional.Bandoo.A) -> Žiadna úloha nevykonaná.
C:\AdwCleaner\Quarantine\C\Documents and Settings\alfaomega\Data aplikací\FirefoxToolbar\Movies Toolbar\Datamngr\components\DatamngrHlpFF9.dll.vir (PUP.Optional.Bandoo.A) -> Žiadna úloha nevykonaná.
C:\AdwCleaner\Quarantine\C\Program Files\Linkey\Helper.dll.vir (PUP.Optional.AztecMedia.A) -> Žiadna úloha nevykonaná.
C:\AdwCleaner\Quarantine\C\Program Files\Linkey\LinkeyDeals.exe.vir (PUP.Optional.Linkey.A) -> Žiadna úloha nevykonaná.
C:\AdwCleaner\Quarantine\C\Program Files\Linkey\Uninstall.exe.vir (PUP.Optional.Linkey.A) -> Žiadna úloha nevykonaná.
C:\AdwCleaner\Quarantine\C\Program Files\Linkey\IEExtension\iedll.dll.vir (PUP.Optional.Linkey.A) -> Žiadna úloha nevykonaná.
C:\AdwCleaner\Quarantine\C\Program Files\Linkey\IEExtension\iedll64.dll.vir (PUP.Optional.Linkey.A) -> Žiadna úloha nevykonaná.
C:\AdwCleaner\Quarantine\C\Program Files\Settings Manager\systemk\Helper.dll.vir (PUP.Optional.AztecMedia.A) -> Žiadna úloha nevykonaná.
C:\AdwCleaner\Quarantine\C\Program Files\Settings Manager\systemk\Internet Explorer Settings.exe.vir (PUP.Optional.AztecMedia.A) -> Žiadna úloha nevykonaná.
C:\AdwCleaner\Quarantine\C\Program Files\Settings Manager\systemk\syskldr.dll.vir (PUP.Optional.AztecMedia.A) -> Žiadna úloha nevykonaná.
C:\AdwCleaner\Quarantine\C\Program Files\Settings Manager\systemk\syskldr_u.dll.vir (PUP.Optional.AztecMedia.A) -> Žiadna úloha nevykonaná.
C:\AdwCleaner\Quarantine\C\Program Files\Settings Manager\systemk\systemk.dll.vir (PUP.Optional.SystemK.A) -> Žiadna úloha nevykonaná.
C:\AdwCleaner\Quarantine\C\Program Files\Settings Manager\systemk\systemkbho.dll.vir (PUP.Optional.SystemK.A) -> Žiadna úloha nevykonaná.
C:\AdwCleaner\Quarantine\C\Program Files\Settings Manager\systemk\systemkmgrc1.cfg.vir (PUP.Optional.SystemK.A) -> Žiadna úloha nevykonaná.
C:\AdwCleaner\Quarantine\C\Program Files\Settings Manager\systemk\SystemkService.exe.vir (PUP.Optional.SystemK.A) -> Žiadna úloha nevykonaná.
C:\AdwCleaner\Quarantine\C\Program Files\Settings Manager\systemk\systemku.exe.vir (PUP.Optional.SystemK.A) -> Žiadna úloha nevykonaná.
C:\AdwCleaner\Quarantine\C\Program Files\Settings Manager\systemk\tbicon.exe.vir (PUP.Optional.Linkey.A) -> Žiadna úloha nevykonaná.
C:\AdwCleaner\Quarantine\C\Program Files\Settings Manager\systemk\Uninstall.exe.vir (PUP.Optional.Linkey.A) -> Žiadna úloha nevykonaná.
C:\Documents and Settings\alfaomega\Dokumenty\Preberanie\SoftonicDownloader_for_grand-theft-auto-san-andreas.exe (PUP.Optional.Softonic) -> Žiadna úloha nevykonaná.
C:\Documents and Settings\alfaomega\Dokumenty\Preberanie\SoftonicDownloader_for_unity-web-player.exe (PUP.Optional.Softonic) -> Žiadna úloha nevykonaná.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055608.dll (PUP.Optional.SystemK.A) -> Žiadna úloha nevykonaná.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055626.dll (PUP.Optional.Bandoo.A) -> Žiadna úloha nevykonaná.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055644.dll (PUP.Optional.Bandoo.A) -> Žiadna úloha nevykonaná.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055559.exe (PUP.Optional.Linkey.A) -> Žiadna úloha nevykonaná.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055561.dll (PUP.Optional.Bandoo.A) -> Žiadna úloha nevykonaná.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055562.exe (PUP.Optional.Bandoo.A) -> Žiadna úloha nevykonaná.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055563.exe (PUP.Optional.Bandoo.A) -> Žiadna úloha nevykonaná.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055564.dll (PUP.Optional.Bandoo.A) -> Žiadna úloha nevykonaná.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055567.dll (PUP.Optional.Bandoo.A) -> Žiadna úloha nevykonaná.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055570.cfg (PUP.Optional.Bandoo.A) -> Žiadna úloha nevykonaná.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055578.exe (PUP.Optional.Sambreel.A) -> Žiadna úloha nevykonaná.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055580.exe (PUP.Optional.PlurPush.A) -> Žiadna úloha nevykonaná.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055595.dll (PUP.Optional.AztecMedia.A) -> Žiadna úloha nevykonaná.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055596.exe (PUP.Optional.Linkey.A) -> Žiadna úloha nevykonaná.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055599.exe (PUP.Optional.Linkey.A) -> Žiadna úloha nevykonaná.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055600.dll (PUP.Optional.Linkey.A) -> Žiadna úloha nevykonaná.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055601.dll (PUP.Optional.Linkey.A) -> Žiadna úloha nevykonaná.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055603.dll (PUP.Optional.AztecMedia.A) -> Žiadna úloha nevykonaná.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055604.exe (PUP.Optional.AztecMedia.A) -> Žiadna úloha nevykonaná.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055605.dll (PUP.Optional.AztecMedia.A) -> Žiadna úloha nevykonaná.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055606.dll (PUP.Optional.AztecMedia.A) -> Žiadna úloha nevykonaná.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055607.dll (PUP.Optional.SystemK.A) -> Žiadna úloha nevykonaná.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055610.cfg (PUP.Optional.SystemK.A) -> Žiadna úloha nevykonaná.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055611.exe (PUP.Optional.SystemK.A) -> Žiadna úloha nevykonaná.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055612.exe (PUP.Optional.SystemK.A) -> Žiadna úloha nevykonaná.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055613.exe (PUP.Optional.Linkey.A) -> Žiadna úloha nevykonaná.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055614.exe (PUP.Optional.Linkey.A) -> Žiadna úloha nevykonaná.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055617.dll (PUP.Optional.Bandoo.A) -> Žiadna úloha nevykonaná.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055618.dll (PUP.Optional.Bandoo.A) -> Žiadna úloha nevykonaná.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055619.dll (PUP.Optional.Bandoo.A) -> Žiadna úloha nevykonaná.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055620.dll (PUP.Optional.Bandoo.A) -> Žiadna úloha nevykonaná.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055621.dll (PUP.Optional.Bandoo.A) -> Žiadna úloha nevykonaná.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055622.dll (PUP.Optional.Bandoo.A) -> Žiadna úloha nevykonaná.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055623.dll (PUP.Optional.Bandoo.A) -> Žiadna úloha nevykonaná.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055624.dll (PUP.Optional.Bandoo.A) -> Žiadna úloha nevykonaná.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055625.dll (PUP.Optional.Bandoo.A) -> Žiadna úloha nevykonaná.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055627.dll (PUP.Optional.Bandoo.A) -> Žiadna úloha nevykonaná.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055628.dll (PUP.Optional.Bandoo.A) -> Žiadna úloha nevykonaná.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055629.dll (PUP.Optional.Bandoo.A) -> Žiadna úloha nevykonaná.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055630.dll (PUP.Optional.Bandoo.A) -> Žiadna úloha nevykonaná.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055631.dll (PUP.Optional.Bandoo.A) -> Žiadna úloha nevykonaná.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055632.dll (PUP.Optional.Bandoo.A) -> Žiadna úloha nevykonaná.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055633.dll (PUP.Optional.Bandoo.A) -> Žiadna úloha nevykonaná.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055634.dll (PUP.Optional.Bandoo.A) -> Žiadna úloha nevykonaná.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055635.dll (PUP.Optional.Bandoo.A) -> Žiadna úloha nevykonaná.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055636.dll (PUP.Optional.Bandoo.A) -> Žiadna úloha nevykonaná.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055637.dll (PUP.Optional.Bandoo.A) -> Žiadna úloha nevykonaná.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055638.dll (PUP.Optional.Bandoo.A) -> Žiadna úloha nevykonaná.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055639.dll (PUP.Optional.Bandoo.A) -> Žiadna úloha nevykonaná.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055640.dll (PUP.Optional.Bandoo.A) -> Žiadna úloha nevykonaná.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055641.dll (PUP.Optional.Bandoo.A) -> Žiadna úloha nevykonaná.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055642.dll (PUP.Optional.Bandoo.A) -> Žiadna úloha nevykonaná.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055643.dll (PUP.Optional.Bandoo.A) -> Žiadna úloha nevykonaná.
C:\Documents and Settings\alfaomega\Data aplikací\savevidmoviestoolbarha\apnuserid.dat (PUP.Optional.MoviesToolBar.A) -> Žiadna úloha nevykonaná.
C:\Documents and Settings\alfaomega\Data aplikací\savevidmoviestoolbarha\appid.dat (PUP.Optional.MoviesToolBar.A) -> Žiadna úloha nevykonaná.
C:\Documents and Settings\alfaomega\Data aplikací\savevidmoviestoolbarha\dtx.ini (PUP.Optional.MoviesToolBar.A) -> Žiadna úloha nevykonaná.
C:\Documents and Settings\alfaomega\Data aplikací\savevidmoviestoolbarha\geodata.xml (PUP.Optional.MoviesToolBar.A) -> Žiadna úloha nevykonaná.
C:\Documents and Settings\alfaomega\Data aplikací\savevidmoviestoolbarha\guid.dat (PUP.Optional.MoviesToolBar.A) -> Žiadna úloha nevykonaná.
C:\Documents and Settings\alfaomega\Data aplikací\savevidmoviestoolbarha\preferences.dat (PUP.Optional.MoviesToolBar.A) -> Žiadna úloha nevykonaná.
C:\Documents and Settings\alfaomega\Data aplikací\savevidmoviestoolbarha\sysid.dat (PUP.Optional.MoviesToolBar.A) -> Žiadna úloha nevykonaná.
C:\Documents and Settings\alfaomega\Data aplikací\savevidmoviestoolbarha\trackid.dat (PUP.Optional.MoviesToolBar.A) -> Žiadna úloha nevykonaná.

(koniec)

#8 Příspěvek od **cernohous13** » 08 lis 2014 15:41

MBAM - po ukončení kontroly -> Zobrazit výsledky -> zkontrolovat zda je vše označeno -> Odstranit označené
vyběhne log, ve kterém budou záznamy tohoto typu:
Nalezené soubory
C:\Program Files\xxxxxx -> Přesun do karantény a smazání se zdařilo/Pridanie do karantény a zmazanie úspešné.
ten bych rád viděl

pak odinstaluješ http://www.malwarebytes.org/mbam-clean.exe
a po restartu dáš nový RSIT

Iva212 · #9 Příspěvek od **Iva212** » 08 lis 2014 15:53

Malwarebytes Anti-Malware (Skúšobná verzia) 1.75.0.1300
www.malwarebytes.org

Verzia databázy: v2014.11.08.02

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
alfaomega :: IVO [administrátor]

Ochrana: Zapnuté

8. 11. 2014 14:26:25
mbam-log-2014-11-08 (14-26-25).txt

Typ kontroly: Úplná kontrola (C:\|D:\|)
Možnosti kontroly zapnuté: Pamäť | Po spustení | Registre | Systémové súbory | Heuristika/Extra | Heuristika/Shuriken | PUP | PUM
Možnosti kontroly vypnuté: P2P
Objektov kontrolovaných: 391867
Uplynutý čas: 43 min, 41 sek

Detegované služby pamäte: 0
(Škodlivé položky neboli zistené)

Detegované moduly pamäte: 0
(Škodlivé položky neboli zistené)

Detegované registračné kľúče: 3
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{82249076-D5C8-431D-982B-023779779587} (PUP.Optional.PlurPush.A) -> Pridanie do karantény a zmazanie úspešné.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{82249076-D5C8-431D-982B-023779779587} (PUP.Optional.PlurPush.A) -> Pridanie do karantény a zmazanie úspešné.
HKCU\Software\savevidmoviestoolbarha (PUP.Optional.MoviesToolBar.A) -> Pridanie do karantény a zmazanie úspešné.

Detegované registračné hodnoty: 0
(Škodlivé položky neboli zistené)

Detegované položky registračných dát: 0
(Škodlivé položky neboli zistené)

Detegované priečinky: 1
C:\Documents and Settings\alfaomega\Data aplikací\savevidmoviestoolbarha (PUP.Optional.MoviesToolBar.A) -> Pridanie do karantény a zmazanie úspešné.

Detegované súbory: 107
C:\AdwCleaner\Quarantine\C\Documents and Settings\alfaomega\Data aplikací\FirefoxToolbar\Movies Toolbar\Datamngr\components\DatamngrHlpFF14.dll.vir (PUP.Optional.Bandoo.A) -> Pridanie do karantény a zmazanie úspešné.
C:\AdwCleaner\Quarantine\C\Documents and Settings\alfaomega\Data aplikací\FirefoxToolbar\Movies Toolbar\Datamngr\components\DatamngrHlpFF10.dll.vir (PUP.Optional.Bandoo.A) -> Pridanie do karantény a zmazanie úspešné.
C:\AdwCleaner\Quarantine\C\Documents and Settings\alfaomega\Data aplikací\FirefoxToolbar\Movies Toolbar\Datamngr\components\DatamngrHlpFF11.dll.vir (PUP.Optional.Bandoo.A) -> Pridanie do karantény a zmazanie úspešné.
C:\AdwCleaner\Quarantine\C\Documents and Settings\alfaomega\Data aplikací\FirefoxToolbar\Movies Toolbar\Datamngr\components\DatamngrHlpFF12.dll.vir (PUP.Optional.Bandoo.A) -> Pridanie do karantény a zmazanie úspešné.
C:\AdwCleaner\Quarantine\C\Documents and Settings\alfaomega\Data aplikací\FirefoxToolbar\Movies Toolbar\Datamngr\components\DatamngrHlpFF13.dll.vir (PUP.Optional.Bandoo.A) -> Pridanie do karantény a zmazanie úspešné.
C:\AdwCleaner\Quarantine\C\Documents and Settings\alfaomega\Data aplikací\FirefoxToolbar\Movies Toolbar\Datamngr\components\DatamngrHlpFF15.dll.vir (PUP.Optional.Bandoo.A) -> Pridanie do karantény a zmazanie úspešné.
C:\AdwCleaner\Quarantine\C\Documents and Settings\alfaomega\Data aplikací\FirefoxToolbar\Movies Toolbar\Datamngr\components\DatamngrHlpFF16.dll.vir (PUP.Optional.Bandoo.A) -> Pridanie do karantény a zmazanie úspešné.
C:\AdwCleaner\Quarantine\C\Documents and Settings\alfaomega\Data aplikací\FirefoxToolbar\Movies Toolbar\Datamngr\components\DatamngrHlpFF17.dll.vir (PUP.Optional.Bandoo.A) -> Pridanie do karantény a zmazanie úspešné.
C:\AdwCleaner\Quarantine\C\Documents and Settings\alfaomega\Data aplikací\FirefoxToolbar\Movies Toolbar\Datamngr\components\DatamngrHlpFF18.dll.vir (PUP.Optional.Bandoo.A) -> Pridanie do karantény a zmazanie úspešné.
C:\AdwCleaner\Quarantine\C\Documents and Settings\alfaomega\Data aplikací\FirefoxToolbar\Movies Toolbar\Datamngr\components\DatamngrHlpFF19.dll.vir (PUP.Optional.Bandoo.A) -> Pridanie do karantény a zmazanie úspešné.
C:\AdwCleaner\Quarantine\C\Documents and Settings\alfaomega\Data aplikací\FirefoxToolbar\Movies Toolbar\Datamngr\components\DatamngrHlpFF2.dll.vir (PUP.Optional.Bandoo.A) -> Pridanie do karantény a zmazanie úspešné.
C:\AdwCleaner\Quarantine\C\Documents and Settings\alfaomega\Data aplikací\FirefoxToolbar\Movies Toolbar\Datamngr\components\DatamngrHlpFF20.dll.vir (PUP.Optional.Bandoo.A) -> Pridanie do karantény a zmazanie úspešné.
C:\AdwCleaner\Quarantine\C\Documents and Settings\alfaomega\Data aplikací\FirefoxToolbar\Movies Toolbar\Datamngr\components\DatamngrHlpFF21.dll.vir (PUP.Optional.Bandoo.A) -> Pridanie do karantény a zmazanie úspešné.
C:\AdwCleaner\Quarantine\C\Documents and Settings\alfaomega\Data aplikací\FirefoxToolbar\Movies Toolbar\Datamngr\components\DatamngrHlpFF22.dll.vir (PUP.Optional.Bandoo.A) -> Pridanie do karantény a zmazanie úspešné.
C:\AdwCleaner\Quarantine\C\Documents and Settings\alfaomega\Data aplikací\FirefoxToolbar\Movies Toolbar\Datamngr\components\DatamngrHlpFF23.dll.vir (PUP.Optional.Bandoo.A) -> Pridanie do karantény a zmazanie úspešné.
C:\AdwCleaner\Quarantine\C\Documents and Settings\alfaomega\Data aplikací\FirefoxToolbar\Movies Toolbar\Datamngr\components\DatamngrHlpFF24.dll.vir (PUP.Optional.Bandoo.A) -> Pridanie do karantény a zmazanie úspešné.
C:\AdwCleaner\Quarantine\C\Documents and Settings\alfaomega\Data aplikací\FirefoxToolbar\Movies Toolbar\Datamngr\components\DatamngrHlpFF25.dll.vir (PUP.Optional.Bandoo.A) -> Pridanie do karantény a zmazanie úspešné.
C:\AdwCleaner\Quarantine\C\Documents and Settings\alfaomega\Data aplikací\FirefoxToolbar\Movies Toolbar\Datamngr\components\DatamngrHlpFF26.dll.vir (PUP.Optional.Bandoo.A) -> Pridanie do karantény a zmazanie úspešné.
C:\AdwCleaner\Quarantine\C\Documents and Settings\alfaomega\Data aplikací\FirefoxToolbar\Movies Toolbar\Datamngr\components\DatamngrHlpFF27.dll.vir (PUP.Optional.Bandoo.A) -> Pridanie do karantény a zmazanie úspešné.
C:\AdwCleaner\Quarantine\C\Documents and Settings\alfaomega\Data aplikací\FirefoxToolbar\Movies Toolbar\Datamngr\components\DatamngrHlpFF28.dll.vir (PUP.Optional.Bandoo.A) -> Pridanie do karantény a zmazanie úspešné.
C:\AdwCleaner\Quarantine\C\Documents and Settings\alfaomega\Data aplikací\FirefoxToolbar\Movies Toolbar\Datamngr\components\DatamngrHlpFF29.dll.vir (PUP.Optional.Bandoo.A) -> Pridanie do karantény a zmazanie úspešné.
C:\AdwCleaner\Quarantine\C\Documents and Settings\alfaomega\Data aplikací\FirefoxToolbar\Movies Toolbar\Datamngr\components\DatamngrHlpFF30.dll.vir (PUP.Optional.Bandoo.A) -> Pridanie do karantény a zmazanie úspešné.
C:\AdwCleaner\Quarantine\C\Documents and Settings\alfaomega\Data aplikací\FirefoxToolbar\Movies Toolbar\Datamngr\components\DatamngrHlpFF4.dll.vir (PUP.Optional.Bandoo.A) -> Pridanie do karantény a zmazanie úspešné.
C:\AdwCleaner\Quarantine\C\Documents and Settings\alfaomega\Data aplikací\FirefoxToolbar\Movies Toolbar\Datamngr\components\DatamngrHlpFF5.dll.vir (PUP.Optional.Bandoo.A) -> Pridanie do karantény a zmazanie úspešné.
C:\AdwCleaner\Quarantine\C\Documents and Settings\alfaomega\Data aplikací\FirefoxToolbar\Movies Toolbar\Datamngr\components\DatamngrHlpFF6.dll.vir (PUP.Optional.Bandoo.A) -> Pridanie do karantény a zmazanie úspešné.
C:\AdwCleaner\Quarantine\C\Documents and Settings\alfaomega\Data aplikací\FirefoxToolbar\Movies Toolbar\Datamngr\components\DatamngrHlpFF7.dll.vir (PUP.Optional.Bandoo.A) -> Pridanie do karantény a zmazanie úspešné.
C:\AdwCleaner\Quarantine\C\Documents and Settings\alfaomega\Data aplikací\FirefoxToolbar\Movies Toolbar\Datamngr\components\DatamngrHlpFF8.dll.vir (PUP.Optional.Bandoo.A) -> Pridanie do karantény a zmazanie úspešné.
C:\AdwCleaner\Quarantine\C\Documents and Settings\alfaomega\Data aplikací\FirefoxToolbar\Movies Toolbar\Datamngr\components\DatamngrHlpFF9.dll.vir (PUP.Optional.Bandoo.A) -> Pridanie do karantény a zmazanie úspešné.
C:\AdwCleaner\Quarantine\C\Program Files\Linkey\Helper.dll.vir (PUP.Optional.AztecMedia.A) -> Pridanie do karantény a zmazanie úspešné.
C:\AdwCleaner\Quarantine\C\Program Files\Linkey\LinkeyDeals.exe.vir (PUP.Optional.Linkey.A) -> Pridanie do karantény a zmazanie úspešné.
C:\AdwCleaner\Quarantine\C\Program Files\Linkey\Uninstall.exe.vir (PUP.Optional.Linkey.A) -> Pridanie do karantény a zmazanie úspešné.
C:\AdwCleaner\Quarantine\C\Program Files\Linkey\IEExtension\iedll.dll.vir (PUP.Optional.Linkey.A) -> Pridanie do karantény a zmazanie úspešné.
C:\AdwCleaner\Quarantine\C\Program Files\Linkey\IEExtension\iedll64.dll.vir (PUP.Optional.Linkey.A) -> Pridanie do karantény a zmazanie úspešné.
C:\AdwCleaner\Quarantine\C\Program Files\Settings Manager\systemk\Helper.dll.vir (PUP.Optional.AztecMedia.A) -> Pridanie do karantény a zmazanie úspešné.
C:\AdwCleaner\Quarantine\C\Program Files\Settings Manager\systemk\Internet Explorer Settings.exe.vir (PUP.Optional.AztecMedia.A) -> Pridanie do karantény a zmazanie úspešné.
C:\AdwCleaner\Quarantine\C\Program Files\Settings Manager\systemk\syskldr.dll.vir (PUP.Optional.AztecMedia.A) -> Pridanie do karantény a zmazanie úspešné.
C:\AdwCleaner\Quarantine\C\Program Files\Settings Manager\systemk\syskldr_u.dll.vir (PUP.Optional.AztecMedia.A) -> Pridanie do karantény a zmazanie úspešné.
C:\AdwCleaner\Quarantine\C\Program Files\Settings Manager\systemk\systemk.dll.vir (PUP.Optional.SystemK.A) -> Pridanie do karantény a zmazanie úspešné.
C:\AdwCleaner\Quarantine\C\Program Files\Settings Manager\systemk\systemkbho.dll.vir (PUP.Optional.SystemK.A) -> Pridanie do karantény a zmazanie úspešné.
C:\AdwCleaner\Quarantine\C\Program Files\Settings Manager\systemk\systemkmgrc1.cfg.vir (PUP.Optional.SystemK.A) -> Pridanie do karantény a zmazanie úspešné.
C:\AdwCleaner\Quarantine\C\Program Files\Settings Manager\systemk\SystemkService.exe.vir (PUP.Optional.SystemK.A) -> Pridanie do karantény a zmazanie úspešné.
C:\AdwCleaner\Quarantine\C\Program Files\Settings Manager\systemk\systemku.exe.vir (PUP.Optional.SystemK.A) -> Pridanie do karantény a zmazanie úspešné.
C:\AdwCleaner\Quarantine\C\Program Files\Settings Manager\systemk\tbicon.exe.vir (PUP.Optional.Linkey.A) -> Pridanie do karantény a zmazanie úspešné.
C:\AdwCleaner\Quarantine\C\Program Files\Settings Manager\systemk\Uninstall.exe.vir (PUP.Optional.Linkey.A) -> Pridanie do karantény a zmazanie úspešné.
C:\Documents and Settings\alfaomega\Dokumenty\Preberanie\SoftonicDownloader_for_grand-theft-auto-san-andreas.exe (PUP.Optional.Softonic) -> Pridanie do karantény a zmazanie úspešné.
C:\Documents and Settings\alfaomega\Dokumenty\Preberanie\SoftonicDownloader_for_unity-web-player.exe (PUP.Optional.Softonic) -> Pridanie do karantény a zmazanie úspešné.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055608.dll (PUP.Optional.SystemK.A) -> Pridanie do karantény a zmazanie úspešné.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055626.dll (PUP.Optional.Bandoo.A) -> Pridanie do karantény a zmazanie úspešné.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055644.dll (PUP.Optional.Bandoo.A) -> Pridanie do karantény a zmazanie úspešné.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055559.exe (PUP.Optional.Linkey.A) -> Pridanie do karantény a zmazanie úspešné.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055561.dll (PUP.Optional.Bandoo.A) -> Pridanie do karantény a zmazanie úspešné.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055562.exe (PUP.Optional.Bandoo.A) -> Pridanie do karantény a zmazanie úspešné.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055563.exe (PUP.Optional.Bandoo.A) -> Pridanie do karantény a zmazanie úspešné.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055564.dll (PUP.Optional.Bandoo.A) -> Pridanie do karantény a zmazanie úspešné.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055567.dll (PUP.Optional.Bandoo.A) -> Pridanie do karantény a zmazanie úspešné.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055570.cfg (PUP.Optional.Bandoo.A) -> Pridanie do karantény a zmazanie úspešné.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055578.exe (PUP.Optional.Sambreel.A) -> Pridanie do karantény a zmazanie úspešné.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055580.exe (PUP.Optional.PlurPush.A) -> Pridanie do karantény a zmazanie úspešné.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055595.dll (PUP.Optional.AztecMedia.A) -> Pridanie do karantény a zmazanie úspešné.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055596.exe (PUP.Optional.Linkey.A) -> Pridanie do karantény a zmazanie úspešné.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055599.exe (PUP.Optional.Linkey.A) -> Pridanie do karantény a zmazanie úspešné.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055600.dll (PUP.Optional.Linkey.A) -> Pridanie do karantény a zmazanie úspešné.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055601.dll (PUP.Optional.Linkey.A) -> Pridanie do karantény a zmazanie úspešné.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055603.dll (PUP.Optional.AztecMedia.A) -> Pridanie do karantény a zmazanie úspešné.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055604.exe (PUP.Optional.AztecMedia.A) -> Pridanie do karantény a zmazanie úspešné.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055605.dll (PUP.Optional.AztecMedia.A) -> Pridanie do karantény a zmazanie úspešné.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055606.dll (PUP.Optional.AztecMedia.A) -> Pridanie do karantény a zmazanie úspešné.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055607.dll (PUP.Optional.SystemK.A) -> Pridanie do karantény a zmazanie úspešné.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055610.cfg (PUP.Optional.SystemK.A) -> Pridanie do karantény a zmazanie úspešné.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055611.exe (PUP.Optional.SystemK.A) -> Pridanie do karantény a zmazanie úspešné.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055612.exe (PUP.Optional.SystemK.A) -> Pridanie do karantény a zmazanie úspešné.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055613.exe (PUP.Optional.Linkey.A) -> Pridanie do karantény a zmazanie úspešné.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055614.exe (PUP.Optional.Linkey.A) -> Pridanie do karantény a zmazanie úspešné.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055617.dll (PUP.Optional.Bandoo.A) -> Pridanie do karantény a zmazanie úspešné.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055618.dll (PUP.Optional.Bandoo.A) -> Pridanie do karantény a zmazanie úspešné.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055619.dll (PUP.Optional.Bandoo.A) -> Pridanie do karantény a zmazanie úspešné.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055620.dll (PUP.Optional.Bandoo.A) -> Pridanie do karantény a zmazanie úspešné.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055621.dll (PUP.Optional.Bandoo.A) -> Pridanie do karantény a zmazanie úspešné.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055622.dll (PUP.Optional.Bandoo.A) -> Pridanie do karantény a zmazanie úspešné.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055623.dll (PUP.Optional.Bandoo.A) -> Pridanie do karantény a zmazanie úspešné.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055624.dll (PUP.Optional.Bandoo.A) -> Pridanie do karantény a zmazanie úspešné.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055625.dll (PUP.Optional.Bandoo.A) -> Pridanie do karantény a zmazanie úspešné.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055627.dll (PUP.Optional.Bandoo.A) -> Pridanie do karantény a zmazanie úspešné.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055628.dll (PUP.Optional.Bandoo.A) -> Pridanie do karantény a zmazanie úspešné.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055629.dll (PUP.Optional.Bandoo.A) -> Pridanie do karantény a zmazanie úspešné.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055630.dll (PUP.Optional.Bandoo.A) -> Pridanie do karantény a zmazanie úspešné.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055631.dll (PUP.Optional.Bandoo.A) -> Pridanie do karantény a zmazanie úspešné.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055632.dll (PUP.Optional.Bandoo.A) -> Pridanie do karantény a zmazanie úspešné.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055633.dll (PUP.Optional.Bandoo.A) -> Pridanie do karantény a zmazanie úspešné.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055634.dll (PUP.Optional.Bandoo.A) -> Pridanie do karantény a zmazanie úspešné.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055635.dll (PUP.Optional.Bandoo.A) -> Pridanie do karantény a zmazanie úspešné.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055636.dll (PUP.Optional.Bandoo.A) -> Pridanie do karantény a zmazanie úspešné.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055637.dll (PUP.Optional.Bandoo.A) -> Pridanie do karantény a zmazanie úspešné.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055638.dll (PUP.Optional.Bandoo.A) -> Pridanie do karantény a zmazanie úspešné.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055639.dll (PUP.Optional.Bandoo.A) -> Pridanie do karantény a zmazanie úspešné.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055640.dll (PUP.Optional.Bandoo.A) -> Pridanie do karantény a zmazanie úspešné.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055641.dll (PUP.Optional.Bandoo.A) -> Pridanie do karantény a zmazanie úspešné.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055642.dll (PUP.Optional.Bandoo.A) -> Pridanie do karantény a zmazanie úspešné.
C:\System Volume Information\_restore{BB73B554-0CA1-4054-B2AC-52C07F16E818}\RP163\A0055643.dll (PUP.Optional.Bandoo.A) -> Pridanie do karantény a zmazanie úspešné.
C:\Documents and Settings\alfaomega\Data aplikací\savevidmoviestoolbarha\apnuserid.dat (PUP.Optional.MoviesToolBar.A) -> Pridanie do karantény a zmazanie úspešné.
C:\Documents and Settings\alfaomega\Data aplikací\savevidmoviestoolbarha\appid.dat (PUP.Optional.MoviesToolBar.A) -> Pridanie do karantény a zmazanie úspešné.
C:\Documents and Settings\alfaomega\Data aplikací\savevidmoviestoolbarha\dtx.ini (PUP.Optional.MoviesToolBar.A) -> Pridanie do karantény a zmazanie úspešné.
C:\Documents and Settings\alfaomega\Data aplikací\savevidmoviestoolbarha\geodata.xml (PUP.Optional.MoviesToolBar.A) -> Pridanie do karantény a zmazanie úspešné.
C:\Documents and Settings\alfaomega\Data aplikací\savevidmoviestoolbarha\guid.dat (PUP.Optional.MoviesToolBar.A) -> Pridanie do karantény a zmazanie úspešné.
C:\Documents and Settings\alfaomega\Data aplikací\savevidmoviestoolbarha\preferences.dat (PUP.Optional.MoviesToolBar.A) -> Pridanie do karantény a zmazanie úspešné.
C:\Documents and Settings\alfaomega\Data aplikací\savevidmoviestoolbarha\sysid.dat (PUP.Optional.MoviesToolBar.A) -> Pridanie do karantény a zmazanie úspešné.
C:\Documents and Settings\alfaomega\Data aplikací\savevidmoviestoolbarha\trackid.dat (PUP.Optional.MoviesToolBar.A) -> Pridanie do karantény a zmazanie úspešné.

(koniec)

Iva212 · #10 Příspěvek od **Iva212** » 08 lis 2014 16:02

Nový RSIT
nech sa páči

Logfile of random's system information tool 1.10 (written by random/random)
Run by alfaomega at 2014-11-08 16:02:08
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 123 GB (82%) free of 150 GB
Total RAM: 2037 MB (66% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:02:15, on 8. 11. 2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft\BingBar\7.1.362.0\BBSvc.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\EPSON\MyEpson Portal\mepService.exe
C:\Program Files\PDF Architect\HelperService.exe
C:\Program Files\PDF Architect\ConversionService.exe
C:\WINDOWS\System32\snmp.exe
C:\Program Files\EPSON\MyEpson Portal\mep.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\alfaomega\Dokumenty\Preberanie\RSIT.exe
C:\Program Files\trend micro\alfaomega.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\7.1.362.0\BingExt.dll
O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [EPSON L800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIG5P.EXE /FU "C:\WINDOWS\TEMP\E_S3BA.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [Zoner Photo Studio Service 16] "C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXEC:\Program Files\Zoner\Photo Studio 16\Program32\ZPSService.exe"
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-18 Startup: Orezávač obrazovky a spúšťač programu OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (User 'SYSTEM')
O4 - .DEFAULT Startup: Orezávač obrazovky a spúšťač programu OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (User 'Default user')
O4 - Startup: Orezávač obrazovky a spúšťač programu OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: MyEpson Portal Service - SEIKO EPSON CORPORATION - C:\Program Files\EPSON\MyEpson Portal\mepService.exe
O23 - Service: PDF Architect Helper Service - pdfforge GmbH - C:\Program Files\PDF Architect\HelperService.exe
O23 - Service: PDF Architect Service - pdfforge GmbH - C:\Program Files\PDF Architect\ConversionService.exe

--
End of file - 6853 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\avast! Emergency Update.job - C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-343818398-1659004503-839522115-1004Core.job - C:\Documents and Settings\alfaomega\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-343818398-1659004503-839522115-1004UA.job - C:\Documents and Settings\alfaomega\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job - C:\WINDOWS\system32\xp_eos.exe
C:\WINDOWS\tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job - C:\WINDOWS\system32\xp_eos.exe -c

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\alfaomega\Data aplikací\Mozilla\Firefox\Profiles\1pws94c3.default

"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.152 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll

C:\Program Files\Mozilla Firefox\plugins\
NPOFF12.DLL
npPDFXCviewNPPlugin.dll

C:\Documents and Settings\alfaomega\Data aplikací\Mozilla\Firefox\Profiles\1pws94c3.default\extensions\
{db615d8a-b766-4397-9ef1-0eeaf684d8da}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-08-01 457712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}]
Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2011-01-26 319488]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files\Microsoft\BingBar\7.1.362.0\BingExt.dll [2012-02-13 1307928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2011-01-26 319488]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2008-12-18 150040]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2008-12-18 178712]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2008-12-18 150040]
"CanonSolutionMenuEx"=C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE [2010-04-02 1185112]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-08-01 4085896]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2013-10-04 20145368]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"EPSON L800 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIG5P.EXE [2010-12-07 208384]
"Zoner Photo Studio Service 16"=C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE [2013-12-13 831488]
"Zoner Photo Studio Autoupdate"=C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE [2013-12-13 831488]

C:\Documents and Settings\alfaomega\Nabídka Start\Programy\Po spuštění
Orezávač obrazovky a spúšťač programu OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2008-12-12 217088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Empire Interactive\FlatOut2\flatout2.exe"="C:\Program Files\Empire Interactive\FlatOut2\flatout2.exe:*:Enabled:FlatOut2"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Empire Interactive\FlatOut2\flatout2.exe"="C:\Program Files\Empire Interactive\FlatOut2\flatout2.exe:*:Enabled:FlatOut2"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======List of files/folders created in the last 1 month======

2014-11-08 14:12:57 ----D---- C:\Documents and Settings\alfaomega\Data aplikací\Malwarebytes
2014-11-08 14:12:19 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2014-11-07 20:44:49 ----SHD---- C:\RECYCLER
2014-11-07 20:40:32 ----A---- C:\WINDOWS\zoek-delete.exe
2014-11-07 20:40:31 ----D---- C:\WINDOWS\Temp
2014-11-07 20:24:01 ----D---- C:\zoek_backup
2014-11-07 20:17:58 ----A---- C:\WINDOWS\system32\sqlite3.dll
2014-11-07 20:16:40 ----D---- C:\AdwCleaner
2014-11-07 20:04:31 ----D---- C:\WINDOWS\ERUNT
2014-11-07 14:44:16 ----D---- C:\Program Files\Mozilla Firefox
2014-11-07 14:35:24 ----D---- C:\rsit
2014-11-07 14:35:24 ----D---- C:\Program Files\trend micro
2014-11-02 14:37:05 ----D---- C:\spoolerlogs
2014-10-11 08:42:46 ----A---- C:\WINDOWS\system32\hidserv.dll
2014-10-11 08:42:42 ----A---- C:\WINDOWS\system32\drivers\kbdhid.sys
2014-10-11 07:43:43 ----A---- C:\WINDOWS\vncutil.exe
2014-10-11 07:43:43 ----A---- C:\WINDOWS\SOUNDMAN.EXE
2014-10-11 07:43:43 ----A---- C:\WINDOWS\RtlUpd.exe
2014-10-11 07:43:43 ----A---- C:\WINDOWS\RTLCPL.EXE
2014-10-11 07:43:42 ----A---- C:\WINDOWS\system32\RtkCoLDRXP.dll
2014-10-11 07:43:42 ----A---- C:\WINDOWS\system32\RtkCoInstIIXP.dll
2014-10-11 07:43:42 ----A---- C:\WINDOWS\system32\drivers\RtkHDAud.sys
2014-10-11 07:43:42 ----A---- C:\WINDOWS\RtkAudioService.exe
2014-10-11 07:43:40 ----A---- C:\WINDOWS\system32\drivers\RTAIODAT.DAT
2014-10-11 07:43:40 ----A---- C:\WINDOWS\system32\drivers\Monfilt.sys
2014-10-11 07:43:40 ----A---- C:\WINDOWS\RTHDCPL.EXE
2014-10-11 07:43:40 ----A---- C:\WINDOWS\MicCal.exe
2014-10-11 07:43:38 ----A---- C:\WINDOWS\system32\drivers\Ambfilt.sys
2014-10-11 07:43:38 ----A---- C:\WINDOWS\ALCWZRD.EXE
2014-10-11 07:43:38 ----A---- C:\WINDOWS\ALCMTR.EXE
2014-10-11 07:43:33 ----A---- C:\WINDOWS\RtlExUpd.dll

======List of files/folders modified in the last 1 month======

2014-11-08 16:00:36 ----D---- C:\WINDOWS\system32\ias
2014-11-08 16:00:30 ----D---- C:\WINDOWS\system32\CatRoot2
2014-11-08 15:59:19 ----A---- C:\WINDOWS\SchedLgU.Txt
2014-11-08 15:58:30 ----D---- C:\WINDOWS\Prefetch
2014-11-08 15:58:28 ----D---- C:\Program Files
2014-11-08 15:58:27 ----D---- C:\WINDOWS\system32\drivers
2014-11-08 15:53:25 ----RD---- C:\WINDOWS\Offline Web Pages
2014-11-07 20:41:38 ----D---- C:\WINDOWS
2014-11-07 20:35:52 ----D---- C:\Program Files\Common Files\DVDVideoSoft
2014-11-07 20:25:06 ----D---- C:\WINDOWS\system32\drivers\etc
2014-11-07 20:24:02 ----D---- C:\WINDOWS\system32
2014-11-07 16:05:59 ----D---- C:\Program Files\Mozilla Maintenance Service
2014-11-07 14:29:04 ----D---- C:\WINDOWS\Debug
2014-11-02 13:53:57 ----D---- C:\Documents and Settings\All Users\Data aplikací\CanonIJPLM
2014-10-26 08:46:15 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2014-10-16 06:05:06 ----D---- C:\WINDOWS\system32\MRT
2014-10-16 06:00:52 ----A---- C:\WINDOWS\system32\MRT.exe
2014-10-11 12:24:07 ----SD---- C:\Documents and Settings\alfaomega\Data aplikací\Microsoft
2014-10-11 08:42:53 ----RSHDC---- C:\WINDOWS\system32\dllcache
2014-10-11 08:42:29 ----HD---- C:\WINDOWS\inf
2014-10-11 07:43:57 ----D---- C:\WINDOWS\system32\RTCOM
2014-10-11 07:43:38 ----HD---- C:\Program Files\InstallShield Installation Information
2014-10-11 07:43:38 ----D---- C:\Program Files\Realtek

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2014-08-01 49944]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2014-08-01 192352]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2014-08-01 55112]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2014-08-01 779536]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2014-08-01 414520]
R1 aswTdi;aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [2014-08-01 57800]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2014-08-01 24184]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2014-08-01 67824]
R2 irda;Protokol IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192]
R2 NwlnkIpx;Transportní protokol kompatibilní s NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-13 88320]
R2 NwlnkNb;Služba NWLink pro rozhraní NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2006-03-02 63232]
R2 NwlnkSpx;Protokol NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2006-03-02 55936]
R3 admjoy;Aureal Game Port Enumerator; C:\WINDOWS\system32\DRIVERS\admjoy.sys [2008-04-13 10880]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2008-12-12 6048768]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2013-12-10 5630168]
R3 irsir;Microsoft Serial Infrared Driver; C:\WINDOWS\system32\DRIVERS\irsir.sys [2001-08-17 18688]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-03-02 12160]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2009-06-05 142336]
R3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S2 ASInsHelp;ASInsHelp; \??\C:\WINDOWS\system32\drivers\AsInsHelp32.sys []
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2009-11-18 1691480]
S3 AndNetDiag;LGE AndroidNet USB Serial Port; C:\WINDOWS\system32\DRIVERS\lgandnetdiag.sys [2012-07-03 23040]
S3 ANDNetModem;LGE AndroidNet USB Modem; C:\WINDOWS\system32\DRIVERS\lgandnetmodem.sys [2012-07-03 27776]
S3 cpuz134;cpuz134; \??\C:\Program Files\CPUID\PC Wizard 2010\pcwiz_x32.sys []
S3 cpuz136;cpuz136; \??\C:\Program Files\CPUID\PC Wizard 2013\pcwiz_x32.sys []
S3 massfilter_hs;HS HandSet Mass Storage Filter Driver; \??\C:\WINDOWS\system32\drivers\massfilter_hs.sys []
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2009-11-18 1395800]
S3 nm;Ovladač programu Sledování sítě; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-13 40320]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S3 zghsser;ZTE General Handset Serial Port; C:\WINDOWS\system32\DRIVERS\zghsser.sys [2012-10-31 116232]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-08-01 50344]
R2 BBSvc;BingBar Service; C:\Program Files\Microsoft\BingBar\7.1.362.0\BBSvc.exe [2012-02-13 193816]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2010-04-05 116104]
R2 Irmon;Sledování infračerveného přenosu; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 MyEpson Portal Service;MyEpson Portal Service; C:\Program Files\EPSON\MyEpson Portal\mepService.exe [2012-07-26 703616]
R2 PDF Architect Helper Service;PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [2014-01-23 1335344]
R2 PDF Architect Service;PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [2014-01-23 856112]
R2 SNMP;SNMP; C:\WINDOWS\System32\snmp.exe [2008-04-14 32768]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-10 267440]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 BBUpdate;BBUpdate; C:\Program Files\Microsoft\BingBar\7.1.362.0\SeaPort.exe [2012-02-13 240408]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 LPDSVC;Tiskový server TCP/IP; C:\WINDOWS\system32\tcpsvcs.exe [2006-03-02 19456]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-11-07 114288]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SNMPTRAP;Zachytávání pro službu SNMP; C:\WINDOWS\System32\snmptrap.exe [2008-04-14 8704]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

#11 Příspěvek od **cernohous13** » 08 lis 2014 16:17

Používáš obě tiskárny Canon+Epson ?

Jak to vypadá s vyskakovacími reklamami?

Iva212 · #12 Příspěvek od **Iva212** » 08 lis 2014 16:20

Takže švagor hovorí, že používajú iba Epson ...
reklamy už nevyskakujú ....

Iva212 · #13 Příspěvek od **Iva212** » 08 lis 2014 16:23

hmmm ale Canon tu majú scanner ... to môže byť to čo vidíš? či nie?
a ten scanner používajú

#14 Příspěvek od **cernohous13** » 08 lis 2014 16:31

Vysvětleno

Jestli už nejsou problémy tak můžeme uklízet

Stáhni TempFolderCleaner http://oldtimer.geekstogo.com/TFC.exe
Zavři všechny programy a spusť. Po ukončení akce bude PC restartován.
Pokud ne, restartuj sám.
(čistí Temp složky , nečistí URL, historii, prefetch ani cookies)

vyosek píše: DelFix https://toolslib.net/downloads/finish/2/
Stahnete a spustte

Ponechte zatrzitkou pouze u volby Remote disinfection tools

Kliknete na Run

Mohu doporučit kontrolu a vyčištění Ccleanerem

Stáhni Ccleaner - http://www.filehippo.com/download_ccleaner
Při instalaci vyhodit fajfku u nabízených toolbarů
Můžeš nastavit potřebný jazyk
zavřít Internetový prohlížeč a
spustit "Čistič" > "Spustit Ccleaner" - odstraní nepotřebné
spustit "Registry" > "Hledej problémy" > "Opravit vybrané problémy"
souhlas se zálohou registrů - opakovat dokud nebudou registry čisté.
spustit "Nástroje" > "Start" - tady můžeš zkusit deaktivovat procesy, které při spuštění nepotřebuješ (pokud by ti potom něco nechodilo, stejným způsobem je povolíš)

Návod:http://jnp.zive.cz/Clanky/Prirucka-do-k ... fault.aspx

Ten si můžeš nechat i na budoucí občasné čištění.

a snad jsme hotovi

Iva212 · #15 Příspěvek od **Iva212** » 08 lis 2014 18:23

Hotovo, tak som všetko spravila tak ako si napísal.

Inak ccleaner tu mali nainštalovaný, len som ho aktualizovala. Iba dúfam, že tam nebude aj tá "seznam lištička" lebo teda som sa na to pozerala, ale myslím, že som nezachytila pri tej aktualizácii, že by mi to ponúkalo aj tú lištičku. Tak dúfam, že tu nie je. hmmm

A ešte sa chcem spýtať, mám nechať zapnutý ten ccleaner monitoring? Alebo ho mám zakázať. Vypadá to, že cleaner to spúšťa po štarte? To je asi nejaká nová funkcia, lebo doteraz som si nič také v cleanerovi nevšimla.

VIRY.CZ

Prosím o kontrolu

Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu