Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu logu děkuji
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosím o kontrolu logu děkuji
Ten buddha.dll měl 7/56 pozitivních , tak jsem ho radši taky smazal.
Re: Prosím o kontrolu logu děkuji
Skener ani moje oko zadne dalsi viry nevidi, takze jeste uklidime.
- Stahnete a spustte DelFix - https://toolslib.net/downloads/viewdownload/2-delfix/
- Oznacte jen moznost "Remove disinfection tools"
- kliknete na Run
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Prosím o kontrolu logu děkuji
Dobrý den, také prosím o kontrolu. Používám pravidelně CC Cleaner, přesto stále velké zpomalení. Díky.
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 24-04-2015
Ran by T61 (administrator) on T61-IVA on 26-04-2015 13:20:32
Running from C:\Users\T61\Desktop
Loaded Profiles: T61 (Available profiles: T61)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe
(Wondershare) C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Nokia) C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Andrea Electronics Corporation) C:\Windows\System32\AEADISRV.EXE
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe
(Nokia) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
(Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\T61\Desktop\FRSTLauncher (1).exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM\...\Run: [SoundMAXPnP] => C:\Program Files\Analog Devices\Core\smax4pnp.exe [1314816 2009-05-18] (Analog Devices, Inc.)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [SwitchBoard] => C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeCS5ServiceManager] => C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM\...\Run: [Wondershare Helper Compact] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [1694208 2013-05-04] (Wondershare)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [978520 2015-01-30] (Microsoft Corporation)
HKLM\...\Run: [mncsqyobSrv] => C:\Windows\system32\mncsqyob.vbe [7670 2014-03-05] ()
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM\...\Run: [] => [X]
HKU\S-1-5-21-3667763670-2633500779-3748370723-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3673728 2012-11-06] (DT Soft Ltd)
HKU\S-1-5-21-3667763670-2633500779-3748370723-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3667763670-2633500779-3748370723-1000\...\Run: [] => [X]
HKU\S-1-5-21-3667763670-2633500779-3748370723-1000\...\Run: [NokiaSuite.exe] => C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe [1053056 2011-11-01] (Nokia)
HKU\S-1-5-21-3667763670-2633500779-3748370723-1000\...\Run: [iCloudServices] => C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-10-17] (Apple Inc.)
HKU\S-1-5-21-3667763670-2633500779-3748370723-1000\...\Run: [ApplePhotoStreams] => C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-3667763670-2633500779-3748370723-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [30872160 2014-12-03] (Skype Technologies S.A.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2013-06-25]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2014-06-20]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-3667763670-2633500779-3748370723-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=UP97&ocid=UP97DHP
SearchScopes: HKU\S-1-5-21-3667763670-2633500779-3748370723-1000 -> {CA24AA2B-C214-4AB3-B1EE-DEC567D6528E} URL = http://websearch.ask.com/redirect?clien ... C54D5A96A6
BHO: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\T61\AppData\Roaming\Mozilla\Firefox\Profiles\tedsftja.default
FF DefaultSearchEngine: Bing
FF DefaultSearchEngine,S: WebSearch
FF DefaultSearchUrl: hxxp://websearch.pu-result.info/?pid=708&r=2013/06/12&hid=938212851&lg=EN&cc=CZ&l=1&q=
FF SearchEngineOrder.1: WebSearch
FF SearchEngineOrder.1,S: WebSearch
FF SelectedSearchEngine: Bing
FF SelectedSearchEngine,S: WebSearch
FF Homepage: hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2013-10-08] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2013-10-08] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll [2013-12-01] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll [2013-12-01] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\T61\AppData\Roaming\Mozilla\Firefox\Profiles\tedsftja.default\searchplugins\askcom.xml [2013-03-06]
FF SearchPlugin: C:\Users\T61\AppData\Roaming\Mozilla\Firefox\Profiles\tedsftja.default\searchplugins\bingp.xml [2014-08-03]
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml [2012-11-29]
FF Extension: BestiSaveFOrYou - C:\Users\T61\AppData\Roaming\Mozilla\Firefox\Profiles\tedsftja.default\Extensions\ayauqhf5mbtz@a-eiat.co.uk [2014-02-22]
FF Extension: BloockkTheADApp - C:\Users\T61\AppData\Roaming\Mozilla\Firefox\Profiles\tedsftja.default\Extensions\a_6nzceeo@o-ovw.edu [2014-02-22]
FF Extension: DigiaCoupon - C:\Users\T61\AppData\Roaming\Mozilla\Firefox\Profiles\tedsftja.default\Extensions\gdvgvdpuuoa@wb-oauu.net [2014-08-04]
FF Extension: CCoupExtEnsion - C:\Users\T61\AppData\Roaming\Mozilla\Firefox\Profiles\tedsftja.default\Extensions\gqfsyn@uyekwxo.net [2014-02-22]
FF Extension: CheaPuMe - C:\Users\T61\AppData\Roaming\Mozilla\Firefox\Profiles\tedsftja.default\Extensions\k-y23b2@d-opaoai.edu [2014-08-04]
FF Extension: BestSSaveoFooRYou - C:\Users\T61\AppData\Roaming\Mozilla\Firefox\Profiles\tedsftja.default\Extensions\o06xvjyyouao@d-qos.com [2014-08-04]
FF Extension: Fuuon2Save - C:\Users\T61\AppData\Roaming\Mozilla\Firefox\Profiles\tedsftja.default\Extensions\xcwie-o@nyvmsgomlbtya.com [2014-08-04]
FF Extension: ShopaDroOp - C:\Users\T61\AppData\Roaming\Mozilla\Firefox\Profiles\tedsftja.default\Extensions\yogr0f@uuodpdw.com [2014-04-06]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-06-25]
FF HKLM\...\Thunderbird\Extensions: [te_7.0@nokia.com] - C:\Program Files\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_7.0
FF Extension: Thunderbird Address Book Synchronisation Extension - C:\Program Files\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_7.0 [2013-07-30]
FF HKU\S-1-5-21-3667763670-2633500779-3748370723-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKU\S-1-5-21-3667763670-2633500779-3748370723-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2014-10-08]
Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\T61\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (McAfee Security Scan+) - C:\Users\T61\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh [2014-06-20]
CHR Extension: (BloockkTheADApp) - C:\Users\T61\AppData\Local\Google\Chrome\User Data\Default\Extensions\denpiaffgiijcaokniikpmjdlpdejecj [2014-07-08]
CHR Extension: (Skype Click to Call) - C:\Users\T61\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-10-19]
CHR Extension: (Google Wallet) - C:\Users\T61\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-06]
CHR HKLM\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - http://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 24-04-2015
Ran by T61 (administrator) on T61-IVA on 26-04-2015 13:20:32
Running from C:\Users\T61\Desktop
Loaded Profiles: T61 (Available profiles: T61)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe
(Wondershare) C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Nokia) C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Andrea Electronics Corporation) C:\Windows\System32\AEADISRV.EXE
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe
(Nokia) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
(Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\T61\Desktop\FRSTLauncher (1).exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM\...\Run: [SoundMAXPnP] => C:\Program Files\Analog Devices\Core\smax4pnp.exe [1314816 2009-05-18] (Analog Devices, Inc.)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [SwitchBoard] => C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeCS5ServiceManager] => C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM\...\Run: [Wondershare Helper Compact] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [1694208 2013-05-04] (Wondershare)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [978520 2015-01-30] (Microsoft Corporation)
HKLM\...\Run: [mncsqyobSrv] => C:\Windows\system32\mncsqyob.vbe [7670 2014-03-05] ()
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM\...\Run: [] => [X]
HKU\S-1-5-21-3667763670-2633500779-3748370723-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3673728 2012-11-06] (DT Soft Ltd)
HKU\S-1-5-21-3667763670-2633500779-3748370723-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3667763670-2633500779-3748370723-1000\...\Run: [] => [X]
HKU\S-1-5-21-3667763670-2633500779-3748370723-1000\...\Run: [NokiaSuite.exe] => C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe [1053056 2011-11-01] (Nokia)
HKU\S-1-5-21-3667763670-2633500779-3748370723-1000\...\Run: [iCloudServices] => C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-10-17] (Apple Inc.)
HKU\S-1-5-21-3667763670-2633500779-3748370723-1000\...\Run: [ApplePhotoStreams] => C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-3667763670-2633500779-3748370723-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [30872160 2014-12-03] (Skype Technologies S.A.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2013-06-25]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2014-06-20]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-3667763670-2633500779-3748370723-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=UP97&ocid=UP97DHP
SearchScopes: HKU\S-1-5-21-3667763670-2633500779-3748370723-1000 -> {CA24AA2B-C214-4AB3-B1EE-DEC567D6528E} URL = http://websearch.ask.com/redirect?clien ... C54D5A96A6
BHO: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\T61\AppData\Roaming\Mozilla\Firefox\Profiles\tedsftja.default
FF DefaultSearchEngine: Bing
FF DefaultSearchEngine,S: WebSearch
FF DefaultSearchUrl: hxxp://websearch.pu-result.info/?pid=708&r=2013/06/12&hid=938212851&lg=EN&cc=CZ&l=1&q=
FF SearchEngineOrder.1: WebSearch
FF SearchEngineOrder.1,S: WebSearch
FF SelectedSearchEngine: Bing
FF SelectedSearchEngine,S: WebSearch
FF Homepage: hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2013-10-08] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2013-10-08] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll [2013-12-01] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll [2013-12-01] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\T61\AppData\Roaming\Mozilla\Firefox\Profiles\tedsftja.default\searchplugins\askcom.xml [2013-03-06]
FF SearchPlugin: C:\Users\T61\AppData\Roaming\Mozilla\Firefox\Profiles\tedsftja.default\searchplugins\bingp.xml [2014-08-03]
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml [2012-11-29]
FF Extension: BestiSaveFOrYou - C:\Users\T61\AppData\Roaming\Mozilla\Firefox\Profiles\tedsftja.default\Extensions\ayauqhf5mbtz@a-eiat.co.uk [2014-02-22]
FF Extension: BloockkTheADApp - C:\Users\T61\AppData\Roaming\Mozilla\Firefox\Profiles\tedsftja.default\Extensions\a_6nzceeo@o-ovw.edu [2014-02-22]
FF Extension: DigiaCoupon - C:\Users\T61\AppData\Roaming\Mozilla\Firefox\Profiles\tedsftja.default\Extensions\gdvgvdpuuoa@wb-oauu.net [2014-08-04]
FF Extension: CCoupExtEnsion - C:\Users\T61\AppData\Roaming\Mozilla\Firefox\Profiles\tedsftja.default\Extensions\gqfsyn@uyekwxo.net [2014-02-22]
FF Extension: CheaPuMe - C:\Users\T61\AppData\Roaming\Mozilla\Firefox\Profiles\tedsftja.default\Extensions\k-y23b2@d-opaoai.edu [2014-08-04]
FF Extension: BestSSaveoFooRYou - C:\Users\T61\AppData\Roaming\Mozilla\Firefox\Profiles\tedsftja.default\Extensions\o06xvjyyouao@d-qos.com [2014-08-04]
FF Extension: Fuuon2Save - C:\Users\T61\AppData\Roaming\Mozilla\Firefox\Profiles\tedsftja.default\Extensions\xcwie-o@nyvmsgomlbtya.com [2014-08-04]
FF Extension: ShopaDroOp - C:\Users\T61\AppData\Roaming\Mozilla\Firefox\Profiles\tedsftja.default\Extensions\yogr0f@uuodpdw.com [2014-04-06]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-06-25]
FF HKLM\...\Thunderbird\Extensions: [te_7.0@nokia.com] - C:\Program Files\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_7.0
FF Extension: Thunderbird Address Book Synchronisation Extension - C:\Program Files\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_7.0 [2013-07-30]
FF HKU\S-1-5-21-3667763670-2633500779-3748370723-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKU\S-1-5-21-3667763670-2633500779-3748370723-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2014-10-08]
Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\T61\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (McAfee Security Scan+) - C:\Users\T61\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh [2014-06-20]
CHR Extension: (BloockkTheADApp) - C:\Users\T61\AppData\Local\Google\Chrome\User Data\Default\Extensions\denpiaffgiijcaokniikpmjdlpdejecj [2014-07-08]
CHR Extension: (Skype Click to Call) - C:\Users\T61\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-10-19]
CHR Extension: (Google Wallet) - C:\Users\T61\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-06]
CHR HKLM\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - http://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
- Přílohy
-
- Addition.rar
- (5.21 KiB) Staženo 42 x
Re: Prosím o kontrolu logu děkuji
Hotovo, tak děkuji.
Přikládám log... Jestli bude k něčemu...
# DelFix v10.9 - Logfile created 26/04/2015 at 13:58:19
# Updated 27/02/2015 by Xplode
# Username : Sallec - DEKOR
# Operating System : Windows 8.1 (64 bits)
~ Removing disinfection tools ...
Deleted : C:\FRST
Deleted : C:\zoek_backup
Deleted : C:\zoek-results.log
Deleted : C:\Users\Sallec\Desktop\Addition.txt
Deleted : C:\Users\Sallec\Desktop\Fixlog.txt
Deleted : C:\Users\Sallec\Desktop\FRST.rar
Deleted : C:\Users\Sallec\Desktop\FRST.txt
Deleted : C:\Users\Sallec\Desktop\FRST64.exe
Deleted : HKLM\SOFTWARE\AdwCleaner
########## - EOF - ##########
Přikládám log... Jestli bude k něčemu...
# DelFix v10.9 - Logfile created 26/04/2015 at 13:58:19
# Updated 27/02/2015 by Xplode
# Username : Sallec - DEKOR
# Operating System : Windows 8.1 (64 bits)
~ Removing disinfection tools ...
Deleted : C:\FRST
Deleted : C:\zoek_backup
Deleted : C:\zoek-results.log
Deleted : C:\Users\Sallec\Desktop\Addition.txt
Deleted : C:\Users\Sallec\Desktop\Fixlog.txt
Deleted : C:\Users\Sallec\Desktop\FRST.rar
Deleted : C:\Users\Sallec\Desktop\FRST.txt
Deleted : C:\Users\Sallec\Desktop\FRST64.exe
Deleted : HKLM\SOFTWARE\AdwCleaner
########## - EOF - ##########
Re: Prosím o kontrolu logu děkuji
ddiva
Dobry den,
zalozte si prosim nove tema, at v tom neni zmatek
Zavirovano mate.
Slepyc
Nemate zac, rad jsem pomohl
Mejte se krasne a treba zase nekdy
Dobry den,
zalozte si prosim nove tema, at v tom neni zmatek
Zavirovano mate.Slepyc
Nemate zac, rad jsem pomohl
Mejte se krasne a treba zase nekdy
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Přispějete na provoz fóra?