Keylogger?

[Meggie]

Tady je log, díky moc!

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default.migrated

User: Public

User: sweety
->Temp folder emptied: 21319950 bytes
->Temporary Internet Files folder emptied: 23122 bytes
->FireFox cache emptied: 674 bytes
->Google Chrome cache emptied: 306515208 bytes
->Flash cache emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 16138723 bytes
RecycleBin emptied: 2519473 bytes

Total Files Cleaned = 330,00 mb


[EMPTYFLASH]

User: Administrator

User: All Users

User: Default

User: Default User

User: Default.migrated

User: Public

User: sweety
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

Restore point Set: OTL Restore Point
========== SERVICES/DRIVERS ==========
Error: Unable to stop service eamonm!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\eamonm deleted successfully.
Error: Unable to stop service ehdrv!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ehdrv deleted successfully.
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
C:\Windows\SysNative\drivers\eamonm.sys moved successfully.
C:\Windows\SysNative\drivers\ehdrv.sys moved successfully.
========== OTL ==========
Error: Unable to stop service eamonm!
Service\Driver key eamonm not found.
File C:\Windows\SysNative\drivers\eamonm.sys not found.
Error: Unable to stop service ehdrv!
Service\Driver key ehdrv not found.
File C:\Windows\SysNative\drivers\ehdrv.sys not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKU\S-1-5-21-1033858388-2215584304-1103054407-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-1033858388-2215584304-1103054407-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Prefs.js: false removed from browser.search.isUS
Prefs.js: "this is my first firefox searchEngine" removed from browser.search.searchengine.desc
Prefs.js: "obw" removed from browser.search.searchengine.ptid
Prefs.js: "ST320LT020-9YG142_W0Q57LEXXXXXW0Q57LEX" removed from browser.search.searchengine.uid
Registry value HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com deleted successfully.
File C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
C:\ProgramData\ESET\ESET NOD32 Antivirus folder moved successfully.
C:\ProgramData\ESET folder moved successfully.
C:\Users\sweety\Documents\~WRL3373.tmp deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2A82.tmp\Microsoft.Office.Tools.Common.v9.0.dll deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2A82.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4920.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAP56BC.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAPCF49.tmp\Microsoft.VisualStudio.Tools.Applications.Hosting.v10.0.dll deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAPCF49.tmp folder deleted successfully.
C:\WINDOWS\Installer\MSICB21.tmp deleted successfully.
C:\WINDOWS\SoftwareDistribution\Download\25fb187813b8c2cbe82f0e9ffac7b4cd\$dpx$.tmp\job.xml deleted successfully.
C:\WINDOWS\SoftwareDistribution\Download\25fb187813b8c2cbe82f0e9ffac7b4cd\$dpx$.tmp folder deleted successfully.

OTL by OldTimer - Version 3.2.69.0 log created on 07142015_101821

Files\Folders moved on Reboot...
C:\Users\sweety\AppData\Local\Microsoft\Windows\INetCache\counters.dat moved successfully.
File move failed. C:\WINDOWS\temp\_avast_\AvastLock.txt scheduled to be moved on reboot.
File\Folder C:\WINDOWS\temp\officeclicktorun.exe_c2ruidll(20150714100031654).log not found!
File\Folder C:\WINDOWS\temp\officeclicktorun.exe_streamserver(20150714100033654).log not found!
C:\WINDOWS\temp\PC-20150714-1000.log moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

[Márty84]

Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

DelFix https://toolslib.net/downloads/finish/2/

• Stahnete a spustte
• Ponechte zatrzitkou pouze u volby Remove disinfection tools
• Kliknete na Run

Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)

Defragmentujte disk(y) (SSD Disky ne!)
Stahnete program Defraggler https://www.piriform.com/defraggler/download/standard
Pri instalaci opet pozor na toolbar a dalsi nesmysly.
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.




Pak napiste, jak to s pc vypada.

[Meggie]

Dobrý, počítač šlape, reklamy zmizely a přestala vyskakovat i reklamní okna. Moc děkuji za pomoc, umím si představit, že s tím bordelem, co jsem měla v pc to bylo na dlouho

[Márty84]

To jsem rad, ze je to v poradku

Nemate zac, rado se stalo!

Nebylo to tak hrozne, videl jsem daleko zaliskanejsi pocitace Kazdopadne pravidelne zalohujte, vzhledem k tem chybam disku. No a kdyby neco, staci se ozvat

Mejte se krasne a treba zase nekdy