Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Vytížení hdd na 100%

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
Jan1233
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 04 zář 2015 17:43

Vytížení hdd na 100%

#1 Příspěvek od Jan1233 »

Dobrý den, pustil jsem se do čištění pc mých příbuzných. Pc je velmi zaneřáděné, Avast našel 124 virů :shock: . Bohužel nějaký vir tam zůstal a ten pravidelně vytíží hdd na 100% asi každých 10 minut. Ve správci úloh běží pokaždé něco jiného, ale většinou to je proces systém, který vytěžuje disk. Děkuji předem za odpověď :)
Vkládám log RSIT:
Logfile of random's system information tool 1.10 (written by random/random)
Run by oem at 2015-09-25 15:24:09
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 9 GB (2%) free of 477 GB
Total RAM: 2046 MB (58% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:24:19, on 25.9.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18015)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\vsnpstd3.exe
C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Inbox Toolbar\Inbox.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\GWX\GWX.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\taskeng.exe
C:\Users\Heli\Downloads\uuukj.exe
C:\Program Files\trend micro\oem.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.tsbohemia.cz
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - (no file)
R3 - URLSearchHook: Inbox Toolbar - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - C:\PROGRA~1\INBOXT~1\Inbox.dll
R3 - URLSearchHook: OLE (Part 1 of 5) - - (no file)
R3 - URLSearchHook: (no name) - {4c60e5ab-5c68-4c59-abaa-885010b24b32} - C:\Program Files\FromDocToPDF_65\bar\1.bin\65SrcAs.dll
R3 - URLSearchHook: (no name) - {6d010537-9e99-400b-b652-b0d5a5757e5d} - (no file)
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Inbox Toolbar - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - C:\PROGRA~1\INBOXT~1\Inbox.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll
O3 - Toolbar: &Inbox Toolbar - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\PROGRA~1\INBOXT~1\Inbox.dll
O3 - Toolbar: &Crawler lišta - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [snpstd3] C:\Windows\vsnpstd3.exe
O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [InboxToolbar] "C:\Program Files\Inbox Toolbar\Inbox.exe" /STARTUP
O4 - HKLM\..\Run: [Logitech Download Assistant] C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe
O4 - HKLM\..\Run: [NvBackend] "C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Program Files\Seznam.cz\listicka.dll
O9 - Extra 'Tools' menuitem: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Program Files\Seznam.cz\listicka.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files\Seznam.cz\listicka.dll
O9 - Extra 'Tools' menuitem: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files\Seznam.cz\listicka.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O15 - Trusted Zone: http://love.intim.dn.ua
O15 - Trusted Zone: http://www.tiscali.cz
O15 - Trusted Zone: http://www.wspk.cz
O18 - Protocol: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\PROGRA~1\INBOXT~1\Inbox.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GO36F4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: Garmin Core Update Service - Garmin Ltd or its subsidiaries - C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

--
End of file - 9788 bytes

======Scheduled tasks folder======

C:\Windows\tasks\8cb542dc-9f3c-40d3-b096-63930a1f0bdb-1.job - C:\Program Files\TornPlusTV_version1.11\TornPlusTV_version1.11-codedownloader.exe /rawdata=duWHLmd393HI5o+avz/nkY+zYVYjkSW1jUfRggh/tJsjOnHnhDdu+brTQo0I0nSSQ02rrHRsx/NUXnj1HRII7Ii3jbmoMH4mz1ctYQE5yWha6lY3tBngV276RvcpsLVJFOUs9OwvvzzXEfLb9/a3m7DYdr7N5SBfqX1eIyKs969mi5joJRTdgH99trS/v39LHoPyS6QSjjMViIvUIq60nPvYOWe/M+N9X5/5M9mrCVLeXu+h7Z3XQMijBJ6uR1jur9qshMO5hIC8iiZjeC8fv4iQwGfAC6iE5D1F/Q4STRNelVBVspa6LWvzgnlNCEJ5loNbY7hfjeuXDSmsr6aCOKtYV9/PvFC5jtMHQGJUkftzl95oovWCjfRDbIGM6qmXqj/OuBiAu8L7fiuKTNKHiMgdE7leWqE6lBhhT3zQpsH5JIQtNfmhX1DNKGWtoE5hFXvAPfdWATpwHG1+R0AjktaUSenfNOQ4kOS+qYpFI78ViR9H3bMQDJzHm6seMULrlW22j4Mm66R5db+FtjR9+o/S2RO092Q+VcxpPSLjwBqB3zzQzXo71ns+qX/M9JPm9+ZdzgpbvqXSFz9e+/NKygGS7ESjYHTNPpmLdO8CnuGtocy2j2R1MSXVSB0VScNCPYnRe9FOdZ7Lx23gHq5uvtDvFbm03vpjNczlYmTQUnSF44BexOqd6bgsNaQhxgWirgq6piIEVlNOh1SkmASYpZFGjwIq2uN1DrNZxeQ0CkNfXW126L6IohOawyXs+CiMHZXDlR7QRxU18H0BdWodotozVqwUnRY8W6MNtIVJAnqmQtHF0HNnK14nYpD86PLh+mvf1Ocfsy+W0NHlkl36MnV6urOqlWY4Zmun2hT8Lbjidoq8y5OM1P32lD6Cun7pi6m4uMmCovrecmc9NIv2Lf0IjFC2+6W7Sf84V9KxAws+v2NiUlsUA+It5bDSr59HQJH5Ipu6t1oqwSyw5ZMKudLUrnIyy50GGj8br13tesV7PC8gykH0iKSd0U/jH3BnKNptb9+55DXf1ecL81p4+zDBAIFgscHuJfXuQ9ed5P51PoGTxqs4GFkrVvP3rdOmWE5lejewXvR8IB9gJpxEJqHDqGE0XSgG8zTyMdP6yg3zmXo/rzIn/XXdBhGLK+NLXQruZr+ioJN1RBLEADEAeO30wXyxc4wXz/+CqMqx+IojfRqxes1tZU4z4yuxq0Opmxb2ok7Xj5Ri7CvfV5J/m356+yeIJvX65b30A5y45PfI14ul+oADArZ2ZQtaRdN0/Vey9IQIWhYZWeOl1yqapROXbWeRAeHEC5+SwFwbmuz7wi3AXJdAXrLoKm8XMg6gExSML81Mjkw4kMWZTphP4HbFiDcl52lMsiJTPLeD5r3OBrLog4lmQqxS/nEvDNTV9pTfEJs7zmqAvUva7+umQhF18bJ/ZYwgNgUnOB0uRVkNAPTsA2EHsDLH2EQpc5p6Ybi8I2GkSVjs62g1JmL8UjbWOrnV+epXwcsGfgNbqaNawHe8/DrUZdTi3k1O6PwU
C:\Windows\tasks\8cb542dc-9f3c-40d3-b096-63930a1f0bdb-4.job - C:\Program Files\TornPlusTV_version1.11\8cb542dc-9f3c-40d3-b096-63930a1f0bdb-4.exe /rawdata=fEyozBvK1mCVf6VYX+nTR7rdIPHO88ICvQBe4aTMNLSq1NbOh4qLfEcjNOuGlCAZVNAUoZMAIJ3/EcMPLvykW58R7X999Wpgt0mhnTZBQC9esIAP2jie88CzKpMvlDW6r5y3MSGDgiyf0FgZ/CT5uZKwTCt+jX6O45aDpHk+nFBilb9GI+RfwEAu/be4rdS6P4dgXcs78nhV9nNL5JnPYJHhHwe4HtCCfbFgAp5Jjzg4psCuH3e9Zfp7apijdX+icgi1TVyngnc51tg/Dm6r75B2pl5BY0twROFNtgwwti3J6iaCkjwhmJbf07k0sTtjXo0vUOVM6bIpNTZZn8pcCnhzakBJosxvThgbJ6DcjOEd+UJxHIQtQCu25MvGRkdRDVsBwkYhEMjQjsBWUf5rS4IJpjf61Ho6Lrh1XdtmKVdx+EJrkzlCRzyYOy4QEZntCqNfRTkWsMvyUcIVzHAAmwwWVMSkyzAGDD8StyzhHutv65cuoBYzu+ur8n+fsJqza4yhs+h5LpaiUD7CMAbCiYLdD2fkVj441Tg94Ax3jaFCKm/RnOm5FqovUToDRO7HA4X4y3MjqssFmdrg4Oy+OFQQNxwUAvZ+8p+L536sZIfblBaHnWsBnscO7CqXfUQj+LnpVrQgsSPIr/pgjomZNuYsNleQSAVx8bSkjqdfgppCtaaQv7Vy9o05Zca4kZfZ+l3SMFWGyJCCbMxlj+AukdLdQ1Mx9FnsuAt8ffarlObUNNqUNpzbfdtg8opZtyUrcvM+j4vxp5Q8zQt622vv3V4UjBbNRacxC1ozchSjTirmR0+XM64Xggi3NdHsTkxCHSVnVxdT6A4rpo+GK5mSEzuyTLtSJReRB7y+rUFxLeQ6Uf0fKQVK+ugi/dAo+CEwXE33iu/gDvX1P6HKzF2oQ9rg2pZjH9cUii8yhKk2MiMcjQ5FtFEpSUHpK4AgQsYWYbUxkX4/KIoWMagtVunu57HDMoy1s13N2xgnzR9N7c2IL8r5TzoUHDul4J0xdqAycrQmGBsrAkyW1Ej4HVm/Y+RfXUGW6f79LdskO68DWl1s8ihVxM7B1j2XmEsdUgItVEX5XHrOrgZQFHUdN057HIwpKAcn8T7RXNJpj8yXZcDldalD5C+rIsL/WJVIsPApS7ZWjfPG/MIL10J3XG5GCAGvUHl3T1qPXWHeDsShkGYdh81oL0MSevMxNe21jmpdBZv1qEgvFj8NLDVgvHPM0E/004J9w/+NhE+JbxY4bfieBwI2FdE7t7kUiYxikJrprAGXFCbnaxq55NgKfwPjVQU/mJjGbMlvCf32P/Q6VPJd15jZeexBzXsaKabBLHSb5Re0NxFi0F0ARuHCpTJT73EqTPf1gMaEJ8igIRR5xsMCW22T8GlLEdxyPWatnDVfWRFtmf5n3wAt7s4eM/LDfL+X7EDtP8ouxzoeJakzkU30t2tCZ1kn26LvkHjH410m91+glcD79UOlQ3tyXuVICjlUPaZMbabTzMG8xCJ4w/QY/ZupDCGvGO0uAMVOQXuQmSIBveXKjc/b6hK6Y5u7PcU6XIoETU+V8SWOIm4fbObmOb6QyggvNI33MoN+i0urUdWVgO9olGH4xaYqTcP6wndiynk97slYWrQ2N+fRWPSstLc+HUHIm20H2ro6oyWvmFeOg2bLDdVocIY/kpC668l+aAjD5NUh56mIIKn0DY4umU3Sr6EgDmpVlgVx8D8PoPVKsabOuumvYkDR9NVfs6mbnajRFQft9soegDIb8gQo+5gBqWxD8MoRzdDTnzOGCToKY2M0Ia0HjXZt3eOzeJlwgTmpWuq1hkypglVV6ade/zj7T7HT2/7BeIzag8LAbgn1IVBSx9M22H0nsJfqua9n/r+6K7v+GlBHpIqSmgitnN6ny12iLBhlILNIfv30gLM9AsSyosh6CGWCc1ZfvcD6/l0mpDrb5gyoAUvuQrXarddKN2QLnbLq8+foYxYKpwrU5cvwD7c52MgYBLKtB+nl4x+UFA14BaUFnd9by+yRNwyJ5mManlolWoJKiI2AvWVL1EKe135I/midmOLj0Byx82nXi05K/C6vmmwRnYDPYsgbTWaxiLl1Q7VswXgeHaAn7Z//ahRq2r1zYa3NcaT0Ww30xTKe1iLZ9sfm6mqDITV265EF6Rphp2L8gXuK70GyVuLz/GSwZWqod7pdt3mt7CfD1tDhK6vRWZYHlYg=
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2684258682-1194155784-308387527-1004Core.job - C:\Users\Karel\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2684258682-1194155784-308387527-1004UA.job - C:\Users\Karel\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\OKXJLUU.job - C:\Users\Karel\AppData\Roaming\OKXJLUU.exe /infocmdline=dWx1Cewk+Dpb5+9mxUK4UepPVJ8gp1EK+U2EdOSTSiHKFln77Rv5VvqRbv8BaD2zEEO3voptIFyglfzfahDqXdjQzbc1lO5p6fFh/e4Iw2Fqn3DCvZtNb6uTgBYz5eRKeC2NY4EYJ8lUfd14TGEHLpDDdIY91Eiz8hShPuVQRNq9G92ilOuFqr4E2WFnpy1juPrAZ25aKkD7fpm1nplIBp2xoJdDsCXvPjMGq0H1NB9qW9qmHUu+4H515dSRIE9dX5txkR+mqQg5Q8pZbtfDb81ht4y2dQ6tv2VCipYqbtZ2s6hQdxM3f7Nnt6x6mKwWBa1c/pfR4tgECKx/d7An7WnjuabeYGrTG0tWBzn5fWIL5X+oUJDCWkptP63HfF7vHGR8eNHj2AHuLIS+wKHIRFkNfzkJMWd7XiwASXz8yrDzDh2sOQj5COiHhcPtrEWTKJs2ZTsDl4oZr2bcU1m/w2lccIz3BY9qHtd/4zElqprYQb5DP7qFGChY3ZqLF6K9
C:\Windows\tasks\RegCure Pro_sch_F56727A2-C2E0-11E3-B71A-00241DCEA5BE.job - C:\Program Files\ParetoLogic\RegCure Pro\RegCurePro.exe /schedule:"F56727A2-C2E0-11E3-B71A-00241DCEA5BE"

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2012-09-23 72336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
C:\PROGRA~1\Crawler\Toolbar\ctbr.dll [2011-05-31 1219832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-05-11 460384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-09-21 559624]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files\Windows Live\Companion\companioncore.dll [2010-11-10 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-25 194504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-01-17 3855520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}]
Inbox Toolbar - C:\PROGRA~1\INBOXT~1\Inbox.dll [2014-09-23 1041816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-05-11 172640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{D7E97865-918F-41E4-9CD0-25AB1C574CE8} - &Inbox Toolbar - C:\PROGRA~1\INBOXT~1\Inbox.dll [2014-09-23 1041816]
{4B3803EA-5230-4DC3-A7FC-33638F3D3542} - &Crawler lišta - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll [2011-05-31 1219832]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-25 194504]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Easy-PrintToolBox"=C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE [2004-01-14 409600]
"NWEReboot"= []
"snpstd3"=C:\Windows\vsnpstd3.exe [2006-09-18 843776]
"Google Quick Search Box"=C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe [2011-08-06 126976]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
"InboxToolbar"=C:\Program Files\Inbox Toolbar\Inbox.exe [2015-05-15 2458008]
"Logitech Download Assistant"=C:\Windows\System32\LogiLDA.dll [2012-09-20 1425208]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-01-20 6711840]
"Skytel"=C:\Program Files\Realtek\Audio\HDA\Skytel.exe [2009-01-20 1833504]
"NvBackend"=C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2014-03-20 1797064]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2015-04-30 334896]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-09-21 6134544]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07 998104]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GarminExpressTrayApp]
C:\Program Files\Garmin\Express Tray\ExpressTray.exe [2013-11-08 1095000]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2010-08-23 30192]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Quick Search Box]
C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe [2011-08-06 126976]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\Karel\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-06 144200]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSC]
c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2010-11-10 4240760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2010-02-02 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegistryBooster]
C:\Program Files\Uniblue\RegistryBooster\launcher.exe delay 20000 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SiteRanker]
C:\Program Files\SiteRanker\SiteRankTray.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2014-12-11 30877280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2015-04-30 334896]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2010-02-02 39408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2011-03-09 247728]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tsnpstd3]
C:\Windows\tsnpstd3.exe [2007-03-30 262144]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ZyXEL USB Share Center]
C:\Program Files\ZyXEL\NetUSB Share Center\Share Center.exe -mini []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]
C:\PROGRA~1\MCAFEE~1\311~1.163\SSSCHE~1.EXE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Karel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Topface.lnk]
C:\PROGRA~1\TFTray\tftray.exe []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~1\Google\GOOGLE~3\GO36F4~1.DLL"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"msacm.siren"=sirenacm.dll
"VIDC.DIVX"=divx.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-09-25 15:24:09 ----D---- C:\rsit
2015-09-25 15:24:09 ----D---- C:\Program Files\trend micro
2015-09-22 17:30:04 ----D---- C:\Users\oem\AppData\Roaming\Ahead
2015-09-22 16:15:01 ----A---- C:\Windows\system32\aswBoot.exe
2015-09-22 16:02:22 ----D---- C:\Users\oem\AppData\Roaming\OpenOffice
2015-09-22 15:11:42 ----D---- C:\Users\oem\AppData\Roaming\AVAST Software
2015-09-21 20:03:13 ----D---- C:\Windows\system32\vbox
2015-09-21 19:59:04 ----A---- C:\Windows\system32\drivers\aswStm.sys
2015-09-21 19:59:03 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2015-09-21 19:59:02 ----A---- C:\Windows\system32\drivers\aswSP.sys
2015-09-21 19:59:01 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2015-09-21 19:59:00 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2015-09-21 19:58:59 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2015-09-21 19:58:58 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2015-09-21 19:58:55 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2015-09-21 19:58:54 ----A---- C:\Windows\system32\drivers\ngvss.sys
2015-09-21 19:58:37 ----A---- C:\Windows\avastSS.scr
2015-09-21 19:56:18 ----D---- C:\Program Files\AVAST Software
2015-09-21 19:55:35 ----D---- C:\ProgramData\AVAST Software
2015-09-21 19:10:29 ----D---- C:\Windows\pss
2015-09-21 17:58:06 ----D---- C:\Users\oem\AppData\Roaming\JAM Software
2015-09-21 17:48:48 ----D---- C:\Users\oem\AppData\Roaming\OnlineMapFinder_9p
2015-09-17 09:11:46 ----D---- C:\462ef6ecce8e47aa31b35d4374dd64
2015-09-09 15:18:57 ----A---- C:\Windows\system32\InkEd.dll
2015-09-09 15:18:56 ----A---- C:\Windows\system32\jnwmon.dll
2015-09-09 15:18:53 ----A---- C:\Windows\system32\msxml6.dll
2015-09-09 15:18:52 ----A---- C:\Windows\system32\msxml6r.dll
2015-09-09 15:18:52 ----A---- C:\Windows\system32\msxml3r.dll
2015-09-09 15:18:52 ----A---- C:\Windows\system32\msxml3.dll
2015-09-09 15:18:48 ----A---- C:\Windows\system32\schedsvc.dll
2015-09-09 15:18:44 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2015-09-09 15:18:43 ----A---- C:\Windows\system32\appidsvc.dll
2015-09-09 15:18:43 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2015-09-09 15:18:43 ----A---- C:\Windows\system32\appidapi.dll
2015-09-09 15:18:42 ----A---- C:\Windows\system32\setbcdlocale.dll
2015-09-09 15:18:42 ----A---- C:\Windows\system32\drivers\appid.sys
2015-09-09 15:18:18 ----A---- C:\Windows\system32\atmfd.dll
2015-09-09 15:18:17 ----A---- C:\Windows\system32\win32k.sys
2015-09-09 15:18:17 ----A---- C:\Windows\system32\lpk.dll
2015-09-09 15:18:17 ----A---- C:\Windows\system32\dciman32.dll
2015-09-09 15:18:17 ----A---- C:\Windows\system32\atmlib.dll
2015-09-09 15:18:16 ----A---- C:\Windows\system32\fontsub.dll
2015-09-09 15:18:11 ----A---- C:\Windows\system32\UtcResources.dll
2015-09-09 15:18:11 ----A---- C:\Windows\system32\diagtrack.dll
2015-09-09 15:18:10 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-09-09 15:18:09 ----A---- C:\Windows\system32\ntkrnlpa.exe
2015-09-09 15:18:09 ----A---- C:\Windows\system32\ntdll.dll
2015-09-09 15:18:08 ----A---- C:\Windows\system32\tdh.dll
2015-09-09 15:18:08 ----A---- C:\Windows\system32\advapi32.dll
2015-09-09 15:18:07 ----A---- C:\Windows\system32\srcore.dll
2015-09-09 15:18:07 ----A---- C:\Windows\system32\lsasrv.dll
2015-09-09 15:18:06 ----A---- C:\Windows\system32\rstrui.exe
2015-09-09 15:18:06 ----A---- C:\Windows\system32\rpcrt4.dll
2015-09-09 15:18:06 ----A---- C:\Windows\system32\kerberos.dll
2015-09-09 15:18:05 ----A---- C:\Windows\system32\schannel.dll
2015-09-09 15:18:05 ----A---- C:\Windows\system32\msv1_0.dll
2015-09-09 15:18:05 ----A---- C:\Windows\system32\csrsrv.dll
2015-09-09 15:18:04 ----A---- C:\Windows\system32\smss.exe
2015-09-09 15:18:03 ----A---- C:\Windows\system32\wdigest.dll
2015-09-09 15:18:03 ----A---- C:\Windows\system32\TSpkg.dll
2015-09-09 15:18:03 ----A---- C:\Windows\system32\ncrypt.dll
2015-09-09 15:18:03 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-09-09 15:18:03 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-09-09 15:18:02 ----A---- C:\Windows\system32\sspicli.dll
2015-09-09 15:18:02 ----A---- C:\Windows\system32\srclient.dll
2015-09-09 15:18:02 ----A---- C:\Windows\system32\lsass.exe
2015-09-09 15:18:02 ----A---- C:\Windows\system32\auditpol.exe
2015-09-09 15:18:01 ----A---- C:\Windows\system32\secur32.dll
2015-09-09 15:18:01 ----A---- C:\Windows\system32\cryptbase.dll
2015-09-09 15:18:00 ----A---- C:\Windows\system32\sspisrv.dll
2015-09-09 15:18:00 ----A---- C:\Windows\system32\credssp.dll
2015-09-09 15:17:59 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2015-09-09 15:17:59 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2015-09-09 15:17:59 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2015-09-09 15:17:58 ----A---- C:\Windows\system32\msaudite.dll
2015-09-09 15:17:58 ----A---- C:\Windows\system32\apisetschema.dll
2015-09-09 15:17:58 ----A---- C:\Windows\system32\adtschema.dll
2015-09-09 15:17:57 ----A---- C:\Windows\system32\msobjs.dll
2015-09-09 15:17:26 ----A---- C:\Windows\system32\dwmcore.dll
2015-09-09 15:17:26 ----A---- C:\Windows\system32\dwmapi.dll
2015-09-09 15:17:24 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-09-09 15:17:24 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-09-09 15:17:24 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-09-09 15:17:23 ----A---- C:\Windows\system32\urlmon.dll
2015-09-09 15:17:23 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-09-09 15:17:23 ----A---- C:\Windows\system32\iernonce.dll
2015-09-09 15:17:23 ----A---- C:\Windows\system32\iedkcs32.dll
2015-09-09 15:17:23 ----A---- C:\Windows\system32\ie4uinit.exe
2015-09-09 15:17:22 ----A---- C:\Windows\system32\jsproxy.dll
2015-09-09 15:17:22 ----A---- C:\Windows\system32\jscript9diag.dll
2015-09-09 15:17:22 ----A---- C:\Windows\system32\ieUnatt.exe
2015-09-09 15:17:22 ----A---- C:\Windows\system32\ieapfltr.dll
2015-09-09 15:17:22 ----A---- C:\Windows\system32\dxtmsft.dll
2015-09-09 15:17:21 ----A---- C:\Windows\system32\msfeeds.dll
2015-09-09 15:17:20 ----A---- C:\Windows\system32\msrating.dll
2015-09-09 15:17:20 ----A---- C:\Windows\system32\iesetup.dll
2015-09-09 15:17:19 ----A---- C:\Windows\system32\wininet.dll
2015-09-09 15:17:19 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-09-09 15:17:18 ----A---- C:\Windows\system32\ieui.dll
2015-09-09 15:17:18 ----A---- C:\Windows\system32\ieframe.dll
2015-09-09 15:17:18 ----A---- C:\Windows\system32\dxtrans.dll
2015-09-09 15:17:16 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-09-09 15:17:16 ----A---- C:\Windows\system32\mshtmled.dll
2015-09-09 15:17:15 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-09-09 15:17:15 ----A---- C:\Windows\system32\iertutil.dll
2015-09-09 15:17:14 ----A---- C:\Windows\system32\mshtml.dll
2015-09-09 15:17:13 ----A---- C:\Windows\system32\vbscript.dll
2015-09-09 15:17:12 ----A---- C:\Windows\system32\jscript9.dll
2015-09-09 15:17:12 ----A---- C:\Windows\system32\jscript.dll
2015-09-09 15:17:08 ----A---- C:\Windows\system32\consent.exe
2015-09-09 15:17:08 ----A---- C:\Windows\system32\authui.dll
2015-09-09 15:17:08 ----A---- C:\Windows\system32\appinfo.dll
2015-09-09 15:16:41 ----A---- C:\Windows\system32\wucltux.dll
2015-09-09 15:16:41 ----A---- C:\Windows\system32\wuaueng.dll
2015-09-09 15:16:40 ----A---- C:\Windows\system32\wuwebv.dll
2015-09-09 15:16:40 ----A---- C:\Windows\system32\wups2.dll
2015-09-09 15:16:40 ----A---- C:\Windows\system32\wups.dll
2015-09-09 15:16:40 ----A---- C:\Windows\system32\wudriver.dll
2015-09-09 15:16:40 ----A---- C:\Windows\system32\wuauclt.exe
2015-09-09 15:16:40 ----A---- C:\Windows\system32\wuapp.exe
2015-09-09 15:16:40 ----A---- C:\Windows\system32\wuapi.dll
2015-09-09 15:16:40 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-09-09 15:16:40 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-09-09 15:16:25 ----A---- C:\Windows\system32\tzres.dll

======List of files/folders modified in the last 1 month======

2015-09-25 15:24:19 ----D---- C:\Windows\Prefetch
2015-09-25 15:24:09 ----RD---- C:\Program Files
2015-09-25 14:57:46 ----D---- C:\Windows\tracing
2015-09-25 14:44:19 ----D---- C:\Windows\Temp
2015-09-25 14:43:55 ----SHD---- C:\Windows\Installer
2015-09-25 14:42:23 ----D---- C:\ProgramData\NVIDIA
2015-09-24 16:59:35 ----D---- C:\Windows\system32\config
2015-09-24 16:58:20 ----SHD---- C:\System Volume Information
2015-09-22 20:52:25 ----HD---- C:\Config.Msi
2015-09-22 20:50:09 ----D---- C:\Windows\system32\catroot
2015-09-22 19:13:28 ----D---- C:\Windows\System32
2015-09-22 19:13:23 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2015-09-22 17:37:28 ----D---- C:\Windows\system32\drivers
2015-09-22 17:34:08 ----D---- C:\Windows\system32\Tasks
2015-09-22 17:34:06 ----D---- C:\ProgramData\ParetoLogic
2015-09-22 17:34:06 ----D---- C:\Program Files\Common Files
2015-09-22 17:34:05 ----D---- C:\Windows\Tasks
2015-09-22 17:33:26 ----D---- C:\Program Files\Common Files\Nero
2015-09-22 17:33:03 ----D---- C:\ProgramData\Nero
2015-09-22 17:32:53 ----D---- C:\Program Files\Nero
2015-09-22 17:28:57 ----D---- C:\Program Files\Canon
2015-09-22 17:26:27 ----SD---- C:\ProgramData\Microsoft
2015-09-22 17:26:27 ----D---- C:\Program Files\Microsoft
2015-09-22 17:20:16 ----D---- C:\Program Files\Babylon
2015-09-22 17:19:42 ----D---- C:\Windows\system32\catroot2
2015-09-22 17:17:01 ----D---- C:\Windows\system32\DriverStore
2015-09-22 17:17:01 ----D---- C:\Windows\inf
2015-09-22 16:14:58 ----D---- C:\Windows
2015-09-21 22:12:11 ----D---- C:\Program Files\TornPlusTV_version1.11
2015-09-21 22:12:06 ----D---- C:\Program Files\1dc8655b-d275-4d5e-a7ed-08ee03f5e116
2015-09-21 22:12:05 ----D---- C:\ProgramData\ShopperPro
2015-09-21 22:12:04 ----D---- C:\Program Files\XTab
2015-09-21 22:12:04 ----D---- C:\Program Files\Common Files\ShopperPro
2015-09-21 22:12:03 ----D---- C:\Program Files\SupTab
2015-09-21 19:58:52 ----D---- C:\Windows\winsxs
2015-09-21 19:55:35 ----HD---- C:\ProgramData
2015-09-21 19:23:56 ----D---- C:\Windows\system32\drivers\etc
2015-09-21 18:13:20 ----SD---- C:\Windows\system32\GWX
2015-09-21 18:13:20 ----D---- C:\Windows\system32\wfp
2015-09-21 18:13:14 ----D---- C:\Windows\system32\wbem
2015-09-21 18:13:14 ----D---- C:\Windows\registration
2015-09-21 18:13:06 ----HD---- C:\ProgramData\CanonBJ
2015-09-21 18:12:51 ----D---- C:\Users\oem\AppData\Roaming\Skype
2015-09-10 08:05:26 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-09-10 07:56:21 ----D---- C:\Program Files\Windows Journal
2015-09-10 07:56:18 ----D---- C:\Windows\system32\en-US
2015-09-10 07:56:18 ----D---- C:\Windows\system32\cs-CZ
2015-09-10 07:56:10 ----D---- C:\Windows\PolicyDefinitions
2015-09-10 07:56:06 ----D---- C:\Program Files\Internet Explorer
2015-09-09 16:24:43 ----D---- C:\ProgramData\Microsoft Help
2015-09-09 16:23:58 ----D---- C:\Windows\Microsoft.NET
2015-09-09 16:17:18 ----D---- C:\Windows\system32\MRT
2015-09-09 16:14:05 ----RSD---- C:\Windows\assembly
2015-09-09 16:08:09 ----D---- C:\Windows\ehome
2015-08-26 18:36:06 ----A---- C:\Windows\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-09-21 49776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-09-21 208664]
R0 ngvss;ngvss; C:\Windows\system32\drivers\ngvss.sys [2015-09-21 107984]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-09-21 81728]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-09-21 789296]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-09-21 434184]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-09-21 24016]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-09-21 76000]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-09-21 115640]
R2 cnmpar21;C; \??\C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon iP4200 Installer\Inst2\cnmpar21.sys [2002-02-01 15300]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R2 RMCAST;@%SystemRoot%\system32\wshrm.dll,-102; C:\Windows\system32\DRIVERS\RMCAST.sys [2010-11-20 117760]
R2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2015-09-21 220752]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-01-20 2317536]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x86.sys [2009-11-13 58368]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2009-07-14 8192]
R3 SNPSTD3;USB PC Camera (SNPSTD3); C:\Windows\system32\DRIVERS\snpstd3.sys [2007-04-03 10246144]
S0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys []
S1 elrbafge;elrbafge; \??\C:\Windows\system32\drivers\elrbafge.sys []
S2 npf;npf; \??\C:\Windows\system32\drivers\npf.sys []
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 ENTECH;ENTECH; \??\C:\Windows\system32\DRIVERS\ENTECH.sys [2007-08-20 27672]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 39272]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys []
S3 grmnusb;grmnusb; C:\Windows\system32\drivers\grmnusb.sys [2012-04-18 15720]
S3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys []
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsu.sys [2011-08-17 137472]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 RTL8167;Ovladač Realtek 8167 NT; C:\Windows\system32\DRIVERS\Rt86win7.sys [2009-07-14 139776]
S3 Ser2pl;MAT Serial port driver; C:\Windows\system32\DRIVERS\ser2pl.sys [2003-07-16 43264]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-10-02 49152]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2012-12-13 45056]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 36352]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;Ovladač procesoru VIA C7; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\drivers\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-07-07 82128]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-09-21 146600]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 Garmin Core Update Service;Garmin Core Update Service; C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [2013-11-08 250712]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-02-04 670536]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-02-04 409800]
R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [2011-03-09 92592]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464]
R3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2015-09-21 3219136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-09-22 269000]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2014-04-12 45744]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2010-08-23 30192]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-21 194032]
S3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-08-15 102912]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-03-30 1343400]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2014-12-11 315496]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Vytížení hdd na 100%

#2 Příspěvek od vyosek »

Zdravim :)

:arrow: Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
  • Ulozte nejlepe na plochu
  • Ukoncete vsechny programy
  • Po spusteni probehne stazeni databaze
  • Kliknete na Scan a nasledne Clean
  • Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner[C?].txt, ten sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
Jan1233
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 04 zář 2015 17:43

Re: Vytížení hdd na 100%

#3 Příspěvek od Jan1233 »

Bohužel mi AdwCleaner spadl a proto musím poslat dva logy.
1.log:
# AdwCleaner v5.008 - Logfile created 25/09/2015 at 16:19:59
# Updated 18/09/2015 by Xplode
# Database : 2015-09-23.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x86)
# Username : oem - KAREL-PC
# Running from : C:\Users\oem\Downloads\jan.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****

[-] Folder Deleted : C:\vghd
[-] Folder Deleted : C:\Program Files\AskPartnerNetwork
[-] Folder Deleted : C:\Program Files\AskTBar
[-] Folder Deleted : C:\Program Files\Babylon
[-] Folder Deleted : C:\Program Files\Conduit
[-] Folder Deleted : C:\Program Files\Crawler
[-] Folder Deleted : C:\Program Files\globalUpdate
[-] Folder Deleted : C:\Program Files\ICQ6Toolbar
[-] Folder Deleted : C:\Program Files\Inbox Toolbar
[-] Folder Deleted : C:\Program Files\iWebar
[-] Folder Deleted : C:\Program Files\MyPC Backup
[-] Folder Deleted : C:\Program Files\RegClean Pro
[-] Folder Deleted : C:\Program Files\SupTab
[-] Folder Deleted : C:\Program Files\Uniblue
[-] Folder Deleted : C:\Program Files\vghd
[-] Folder Deleted : C:\Program Files\SensePlus
[-] Folder Deleted : C:\Program Files\XTab
[-] Folder Deleted : C:\Program Files\SourceApp
[-] Folder Deleted : C:\Program Files\digi docket
[-] Folder Deleted : C:\Program Files\PrriiceeLesas
[-] Folder Deleted : C:\Program Files\youtubeadblocker
[-] Folder Deleted : C:\Program Files\FromDocToPDF_65
[-] Folder Deleted : C:\Program Files\OnlineMapFinder_9p
[!] Folder Not Deleted : C:\Program Files\iWebar
[!] Folder Not Deleted : C:\Program Files\SensePlus
[-] Folder Deleted : C:\Program Files\Common Files\ShopperPro
[-] Folder Deleted : C:\ProgramData\apn
[-] Folder Deleted : C:\ProgramData\AskPartnerNetwork
[-] Folder Deleted : C:\ProgramData\Conduit
[-] Folder Deleted : C:\ProgramData\ICQ\ICQToolbar
[-] Folder Deleted : C:\ProgramData\IePluginServices
[-] Folder Deleted : C:\ProgramData\ParetoLogic
[-] Folder Deleted : C:\ProgramData\ShopperPro
[-] Folder Deleted : C:\ProgramData\WindowsMangerProtect
[-] Folder Deleted : C:\ProgramData\IHProtectUpDate
[-] Folder Deleted : C:\ProgramData\11143621787656506619
[-] Folder Deleted : C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
[-] Folder Deleted : C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inbox Toolbar
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro
[-] Folder Deleted : C:\Users\Heli\AppData\Local\Babylon
[-] Folder Deleted : C:\Users\Heli\AppData\LocalLow\Inbox Toolbar
[-] Folder Deleted : C:\Users\Heli\AppData\LocalLow\SiteRanker
[-] Folder Deleted : C:\Users\Heli\AppData\Roaming\Babylon
[-] Folder Deleted : C:\Users\Heli\AppData\Roaming\OnlineMapFinder_9p
[-] Folder Deleted : C:\Users\Heli\AppData\Roaming\Mozilla\Firefox\Profiles\jepwl8fn.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[!] Folder Not Deleted : C:\Users\Heli\AppData\Roaming\Mozilla\Firefox\Profiles\jepwl8fn.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[-] Folder Deleted : C:\Users\Heli\AppData\Roaming\Mozilla\Firefox\Profiles\jepwl8fn.default\Extensions\staged\{ea614400-e918-4741-9a97-7a972ff7c30b}
[-] Folder Deleted : C:\Users\Karel 1\AppData\Local\iac
[-] Folder Deleted : C:\Users\Karel 1\AppData\Local\FromDocToPDF_65
[-] Folder Deleted : C:\Users\Karel 1\AppData\LocalLow\iac
[-] Folder Deleted : C:\Users\Karel 1\AppData\LocalLow\Inbox Toolbar
[-] Folder Deleted : C:\Users\Karel 1\AppData\LocalLow\SiteRanker
[-] Folder Deleted : C:\Users\Karel 1\AppData\LocalLow\FromDocToPDF_65
[-] Folder Deleted : C:\Users\Karel 1\AppData\Roaming\OnlineMapFinder_9p
[-] Folder Deleted : C:\Users\Karel 1\AppData\Roaming\Mozilla\Firefox\Profiles\pok8iz8b.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[!] Folder Not Deleted : C:\Users\Karel 1\AppData\Roaming\Mozilla\Firefox\Profiles\pok8iz8b.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[-] Folder Deleted : C:\Users\Karel\AppData\Local\Conduit
[-] Folder Deleted : C:\Users\Karel\AppData\Local\globalUpdate
[-] Folder Deleted : C:\Users\Karel\AppData\Local\iac
[-] Folder Deleted : C:\Users\Karel\AppData\Local\PackageAware
[-] Folder Deleted : C:\Users\Karel\AppData\Local\FromDocToPDF_65
[-] Folder Deleted : C:\Users\Karel\AppData\Local\OnlineMapFinder_9p
[-] Folder Deleted : C:\Users\Karel\AppData\LocalLow\Conduit
[-] Folder Deleted : C:\Users\Karel\AppData\LocalLow\iac
[-] Folder Deleted : C:\Users\Karel\AppData\LocalLow\Inbox Toolbar
[-] Folder Deleted : C:\Users\Karel\AppData\LocalLow\PriceGong
[-] Folder Deleted : C:\Users\Karel\AppData\LocalLow\SiteRanker
[-] Folder Deleted : C:\Users\Karel\AppData\LocalLow\FromDocToPDF_65
[-] Folder Deleted : C:\Users\Karel\AppData\LocalLow\OnlineMapFinder_9p
[-] Folder Deleted : C:\Users\Karel\AppData\Roaming\DriverCure
[-] Folder Deleted : C:\Users\Karel\AppData\Roaming\ParetoLogic
[-] Folder Deleted : C:\Users\Karel\AppData\Roaming\SearchProtect
[-] Folder Deleted : C:\Users\Karel\AppData\Roaming\Systweak
[-] Folder Deleted : C:\Users\Karel\AppData\Roaming\TornTV.com
[-] Folder Deleted : C:\Users\Karel\AppData\Roaming\vghd
[-] Folder Deleted : C:\Users\Karel\AppData\Roaming\mystartsearch
[-] Folder Deleted : C:\Users\Karel\AppData\Roaming\DriverFinder
[-] Folder Deleted : C:\Users\Karel\AppData\Roaming\genieo
[-] Folder Deleted : C:\Users\Karel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ParetoLogic
[-] Folder Deleted : C:\Users\oem\AppData\LocalLow\Inbox Toolbar
[-] Folder Deleted : C:\Users\oem\AppData\Roaming\OnlineMapFinder_9p
[-] Folder Deleted : C:\Users\Public\Documents\Goobzo
[-] Folder Deleted : C:\Users\Public\Documents\ShopperPro
[-] Folder Deleted : C:\Users\Public\Documents\YTAHelper

***** [ Files ] *****

[-] File Deleted : C:\END
[-] File Deleted : C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.mystartsearch.com_0.localstorage
[-] File Deleted : C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.mystartsearch.com_0.localstorage-journal

***** [ Shortcuts ] *****

2.log:
# AdwCleaner v5.008 - Logfile created 25/09/2015 at 16:24:16
# Updated 18/09/2015 by Xplode
# Database : 2015-09-23.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x86)
# Username : oem - KAREL-PC
# Running from : C:\Users\oem\Downloads\jan.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****


***** [ Files ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****

[-] Task Deleted : 8cb542dc-9f3c-40d3-b096-63930a1f0bdb-1
[-] Task Deleted : 8cb542dc-9f3c-40d3-b096-63930a1f0bdb-4
[-] Task Deleted : 8cb542dc-9f3c-40d3-b096-63930a1f0bdb-1

***** [ Registry ] *****

[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Crawler Search
[-] Key Deleted : HKLM\SOFTWARE\Classes\ctbcommon.Buttons
[-] Key Deleted : HKLM\SOFTWARE\Classes\ctbr.R404Pro
[-] Key Deleted : HKLM\SOFTWARE\Classes\CToolbar.TB4Client
[-] Key Deleted : HKLM\SOFTWARE\Classes\CToolbar.TB4Script
[-] Key Deleted : HKLM\SOFTWARE\Classes\CToolbar.TB4Server
[-] Key Deleted : HKLM\SOFTWARE\Classes\FromDocToPDF_65.DynamicBarButton
[-] Key Deleted : HKLM\SOFTWARE\Classes\inbox.appserver
[-] Key Deleted : HKLM\SOFTWARE\Classes\inbox.ibx404
[-] Key Deleted : HKLM\SOFTWARE\Classes\Inbox.JSServer
[-] Key Deleted : HKLM\SOFTWARE\Classes\Inbox.Toolbar
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\Inbox.WS.com IE Toolbar
[-] Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
[-] Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
[-] Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\inbox
[-] Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\tbr
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\Crawler
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [InboxToolbar]
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{042DA63B-0933-403D-9395-B49307691690}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{13119113-0854-469D-807A-171568457991}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{183643C8-EE67-4574-9A38-927852E34163}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1DDA201E-5B42-4352-933E-21A92B297E3B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{33119133-0854-469D-807A-171568457991}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{37540F19-DD4C-478B-B2DF-C19281BCAF27}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4D25FB7A-8902-4291-960E-9ADA051CFBBF}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{54ECA872-DB2A-4C6B-BBB2-F3777C6786CC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{612AD33D-9824-4E87-8396-92374E91C4BB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{72D05120-DF65-4C27-921E-899B5267FEF2}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8736C681-37A0-40C6-A0F0-4C083409151C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8AD40E5E-9FD9-4F5E-B4D1-DDF2C921DCE3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9CB65201-89C4-402C-BA80-02D8C59F9B1D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A0CF6CB9-2276-4F30-B841-05A67067ACE0}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FE063DB1-4EC0-403E-8DD8-394C54984B2C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FE063DB9-4EC0-403E-8DD8-394C54984B2C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01C78433-6FDF-4E5A-A82D-B535C32E03DF}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{28C3737A-32D1-492D-B76B-8D75EBBFB887}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{41349826-5C7F-4BF0-8279-5DAF1DE6E9AE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{604EA016-1EDE-41E6-A23E-76CF8F2A4808}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B3BA5582-79A9-464D-A7FA-711C5888C6E9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CE057E0D-2D7E-4DFF-A890-07BA69B8C762}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D97143C2-4282-496B-BDC4-7EC852F1497C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E9BBD270-4B87-4EE2-912F-6635674986C0}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{03119103-0854-469D-807A-171568457991}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1747AE4D-0A83-4336-84D4-48500BF1554F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{506F578A-91E1-46CE-830F-E2F4268E9966}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{542EAC56-BF4B-46A7-943E-0A4C2CBA34EA}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{615E8AA1-6BB8-4A3D-A1CC-373194DB612C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A85ACA7E-5CD2-461B-877A-994CCCCF491C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{BF6FDBB8-7CD5-402D-AB4F-E4F13D3490C8}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{CBEF8724-D080-4737-88DA-111EEC6651AA}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E3CDDB72-3ADC-4920-B42B-68A8C29FA942}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E79BB61D-7F1A-41DF-8AD0-402795E3B566}
[!] Key Not Deleted : HKLM\SOFTWARE\Classes\TypeLib\{03119103-0854-469D-807A-171568457991}
[!] Key Not Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1747AE4D-0A83-4336-84D4-48500BF1554F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1B1C4B0D-2A22-4429-B8F2-47B24708A1C8}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{251A849E-0172-4BE9-8DEC-34B5EB12D3B3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2C9D27D8-C81E-4968-8026-E725E01650C1}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{301DE3C5-8B01-4327-B60F-881B95C42C64}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3BB1BA04-1B88-4690-9AD3-0D38412F5FF1}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3EFEC319-72E8-42AA-AC38-8CF8A0661CDD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4D8AEB1D-4ED4-44AC-A039-4775B2575DB0}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{51E030F1-EE07-403B-9F1C-7F69C918CC6C}
[!] Key Not Deleted : HKLM\SOFTWARE\Classes\TypeLib\{542EAC56-BF4B-46A7-943E-0A4C2CBA34EA}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6191571E-F7EE-47C3-B229-2DFAC70DB5D2}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6F9AD55C-1BCE-4A69-939D-1A94CD5E1DB8}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74C02D12-FAEE-4834-80D2-5B7D2480AD61}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{840AE8AE-D547-433E-985C-6BF6C74F5084}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{8C20B4AB-55D8-4752-A30E-D2E59F21BD4C}
[!] Key Not Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A85ACA7E-5CD2-461B-877A-994CCCCF491C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B85586B4-C048-4D01-AF9B-E90C0155C75A}
[!] Key Not Deleted : HKLM\SOFTWARE\Classes\TypeLib\{BF6FDBB8-7CD5-402D-AB4F-E4F13D3490C8}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E3C8490C-7C39-485C-92D0-D4EABDEFBF66}
[!] Key Not Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E3CDDB72-3ADC-4920-B42B-68A8C29FA942}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E496510F-5578-4D99-A2AF-CF5CC818CB9E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E65B6C42-3B93-4279-8117-10172692FE83}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{042DA63B-0933-403D-9395-B49307691690}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9CB65201-89C4-402C-BA80-02D8C59F9B1D}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9CB65206-89C4-402C-BA80-02D8C59F9B1D}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FE063DB1-4EC0-403E-8DD8-394C54984B2C}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FE063DB9-4EC0-403E-8DD8-394C54984B2C}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9CB65201-89C4-402C-BA80-02D8C59F9B1D}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9CB65206-89C4-402C-BA80-02D8C59F9B1D}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FE063DB1-4EC0-403E-8DD8-394C54984B2C}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FE063DB9-4EC0-403E-8DD8-394C54984B2C}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8AD40E5E-9FD9-4F5E-B4D1-DDF2C921DCE3}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E1C4699E-5E74-4F30-A4A2-378E45D44F07}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{FC2B119B-2352-4E7A-9197-B9E1BBADE61B}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B6}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{612AD33D-9824-4E87-8396-92374E91C4BB}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7459F1D0-9FB6-4D71-AA7B-9DECB34EB704}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D97143C2-4282-496B-BDC4-7EC852F1497C}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FBF1B8D2-9A06-4174-A8B5-E38606DDB92B}
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D7E97865-918F-41E4-9CD0-25AB1C574CE8}]
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D7E97865-918F-41E4-9CD0-25AB1C574CE8}]
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{FE063DB9-4EC0-403E-8DD8-394C54984B2C}]
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{21FA44EF-376D-4D53-9B0F-8A89D3229068}]
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{9CB65206-89C4-402C-BA80-02D8C59F9B1D}]
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{D3D233D5-9F6D-436C-B6C7-E63F77503B30}]
[-] Key Deleted : HKCU\Software\CToolbar
[-] Key Deleted : HKCU\Software\ParetoLogic
[-] Key Deleted : HKLM\SOFTWARE\AskTBar
[-] Key Deleted : HKLM\SOFTWARE\CToolbar
[-] Key Deleted : HKLM\SOFTWARE\ICQ\ICQToolbar
[-] Key Deleted : HKLM\SOFTWARE\Inbox Toolbar
[-] Key Deleted : HKLM\SOFTWARE\ParetoLogic
[-] Key Deleted : HKLM\SOFTWARE\Uniblue
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{612AD33D-9824-4E87-8396-92374E91C4BB}_is1
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CToolbar_UNINSTALL
[!] Data Not Restored : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
[!] Data Not Restored : HKU\S-1-5-21-2684258682-1194155784-308387527-1000\Software\Microsoft\Internet Explorer\Main [ICQ Search]
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9a216821-0ec5-49a3-85ac-fb72ae79a1e8}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9a216821-0ec5-49a3-85ac-fb72ae79a1e8}
[!] Key Not Deleted : HKU\S-1-5-21-2684258682-1194155784-308387527-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
[!] Key Not Deleted : HKU\S-1-5-21-2684258682-1194155784-308387527-1000\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
[!] Key Not Deleted : HKU\S-1-5-21-2684258682-1194155784-308387527-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
[!] Key Not Deleted : HKU\S-1-5-21-2684258682-1194155784-308387527-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9a216821-0ec5-49a3-85ac-fb72ae79a1e8}

***** [ Web browsers ] *****

[-] [C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : icq
[-] [C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : search.conduit.com
[-] [C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : omiga-plus
[-] [C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : mystartsearch.com
[-] [C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : mystartsearch
[-] [C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Homepage] Deleted : hxxp://www.mystartsearch.com/?type=hp&ts=14229 ... 1452714527

*************************

:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [15313 bytes] ##########
Nahoru
Jan1233
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 04 zář 2015 17:43

Re: Vytížení hdd na 100%

#4 Příspěvek od Jan1233 »

Všiml jsem si že mi ve správci úloh běží dva procesy csrss jeden z PID 444 a ten druhý ho má pokaždé jiné teď aktuálně 3420. stejně tak dva procesy eplorer a hpwuSchd2.exe a spousta dalších.
:?: zatím problé přetrvává každopádně děkuju za reakci :)
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Vytížení hdd na 100%

#5 Příspěvek od vyosek »

:arrow: Stahnete RKill http://download.bleepingcomputer.com/grinler/rkill.com PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK
:arrow: Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe
  • Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
  • Pokud mate Win XP spustte pod uctem Spravce\Administratora
  • Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
  • Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
  • Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
  • Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
  • Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
  • Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
  • Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
Jan1233
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 04 zář 2015 17:43

Re: Vytížení hdd na 100%

#6 Příspěvek od Jan1233 »

Combofix jsem spustil přesné podle pokynů, a zatím běží hodinu a nedokončil ani jednu fázy a kotrolka disku jen občas problikne a kurzor se nehýbe. Není třeba možné ,že se ComboFix zasekl. :?: Děkuji za odpověď :)
Nahoru
Jan1233
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 04 zář 2015 17:43

Re: Vytížení hdd na 100%

#7 Příspěvek od Jan1233 »

Nakonec jsem musel pc po 3 hodinách natvrdo restartovat. Znovu jsem spustil Rkill a znovu ComboFix projistotu jsem ho přejmenoval. Výsledek stejný jako předtím hdd nepracuje, alespoň se znovu nezasekl kurzor ComboFix opět ještě nedokončil žádnou fázi :( . Zátím test bězí 15 minut.
Nahoru
Jan1233
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 04 zář 2015 17:43

Re: Vytížení hdd na 100%

#8 Příspěvek od Jan1233 »

Bohužel, ani po několikátý se mi nepodařilo správně rozběhnout ComboFix vždy zamrzl ve stejné fázi jak jsem popisoval. Proto vkládám log pouze z Rkill. Zjistil jsem, že problém z vytíženým hdd se objevuje pouze na jednom účtu, který jediný není administrátorský.
Log Rkill:
Rkill 2.8.2 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2015 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 09/27/2015 08:20:59 PM in x86 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Active Proxy Server Detected

* Proxy Disabled.
* ProxyOverride value deleted.
* ProxyServer value deleted.
* AutoConfigURL value deleted.
* Proxy settings were backed up to Registry file.

Checking Registry for malware related settings:

* No issues found in the Registry.

Backup Registry file created at:
C:\Users\Karel\Desktop\rkill\rkill-09-27-2015-08-21-05.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Manual

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 09/27/2015 08:23:05 PM
Execution time: 0 hours(s), 2 minute(s), and 6 seconds(s)
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Vytížení hdd na 100%

#9 Příspěvek od vyosek »

Pustte tam MBAM dle tohoto http://forum.viry.cz/viewtopic.php?f=29&t=144868
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
Jan1233
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 04 zář 2015 17:43

Re: Vytížení hdd na 100%

#10 Příspěvek od Jan1233 »

Omlouvám se za denní spožedění.
Log MBAM:
Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 2.10.2015
Čas skenování: 14:44
Protokol: log.txt
Správce: Ano

Verze: 2.1.8.1057
Databáze malwaru: v2015.10.02.03
Databáze rootkitů: v2015.09.22.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x86
Souborový systém: NTFS
Uživatel: oem

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 654672
Uplynulý čas: 2 hod, 54 min, 4 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 48
PUP.Optional.Babylon, HKU\S-1-5-21-2684258682-1194155784-308387527-1004\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}, , [55d612404645b87e81440fdfe919be42],
PUP.Optional.Babylon, HKU\S-1-5-21-2684258682-1194155784-308387527-1005\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}, , [55d612404645b87e81440fdfe919be42],
PUP.Optional.InboxToolBar, HKU\S-1-5-21-2684258682-1194155784-308387527-1004\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}, , [31fab79b5d2e49ed2533be33976b31cf],
PUP.Optional.InboxToolBar, HKU\S-1-5-21-2684258682-1194155784-308387527-1005\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}, , [31fab79b5d2e49ed2533be33976b31cf],
PUP.Optional.InboxToolBar, HKU\S-1-5-21-2684258682-1194155784-308387527-1004\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}, , [31fab79b5d2e49ed2533be33976b31cf],
PUP.Optional.InboxToolBar, HKU\S-1-5-21-2684258682-1194155784-308387527-1005\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}, , [31fab79b5d2e49ed2533be33976b31cf],
PUP.Optional.InboxToolBar, HKU\S-1-5-21-2684258682-1194155784-308387527-1004\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}, , [23083e14becd221480d95f9234ceb848],
PUP.Optional.InboxToolBar, HKU\S-1-5-21-2684258682-1194155784-308387527-1005\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}, , [23083e14becd221480d95f9234ceb848],
PUP.Optional.InboxToolBar, HKU\S-1-5-21-2684258682-1194155784-308387527-1004\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}, , [23083e14becd221480d95f9234ceb848],
PUP.Optional.InboxToolBar, HKU\S-1-5-21-2684258682-1194155784-308387527-1005\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}, , [23083e14becd221480d95f9234ceb848],
PUP.Optional.ICQToolbar, HKU\S-1-5-21-2684258682-1194155784-308387527-1005\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{855F3B16-6D32-4FE6-8A56-BBB695989046}, , [dd4e63ef68231c1a66d88d64e1214fb1],
PUP.Optional.ICQToolbar, HKU\S-1-5-21-2684258682-1194155784-308387527-1005\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{855F3B16-6D32-4FE6-8A56-BBB695989046}, , [dd4e63ef68231c1a66d88d64e1214fb1],
PUP.Optional.InboxToolBar, HKLM\SOFTWARE\CLASSES\Inbox.InboxServer, , [f8338ac81477c1751542f6fbac568977],
PUP.Optional.FunWebProducts, HKLM\SOFTWARE\CLASSES\FromDocToPDF_65.SkinLauncherSettings, , [7ab10f436823ca6c3dab886811f1718f],
PUP.Optional.FunWebProducts, HKLM\SOFTWARE\CLASSES\FromDocToPDF_65.SkinLauncherSettings.1, , [58d309491873ea4c965206eac73bbb45],
PUP.Optional.MindSpark, HKLM\SOFTWARE\FromDocToPDF_65, , [181390c2b2d92e081eaf52646b99af51],
PUP.Optional.MindSpark, HKLM\SOFTWARE\OnlineMapFinder_9p, , [1c0fd082dbb00531a280fdba1fe5ad53],
PUP.Optional.MindSpark, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8663977E-01E4-4F5C-B343-4675834E8A9F}, , [111a6ae8d1ba51e54ba7f4c28282e719],
PUP.Optional.MindSpark, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8CB29AD2-CA79-46E5-865C-8D56B2BCE662}, , [33f8a4ae404b81b5747e714516ee7987],
PUP.Optional.MindSpark, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9D1A84CB-3E2B-4CCE-B7B7-D0214959F011}, , [35f6f45e018a38fedd15e1d5bc48936d],
PUP.Optional.MindSpark, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{AED6E119-4324-4E26-956B-6AD9ACEF9E7E}, , [86a5064ccdbe4ee8876bf8bea0640af6],
PUP.Optional.MindSpark, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{CB39F555-997F-45CB-8086-E5E6E2866DAF}, , [dd4e371b0f7c0630747e6254f60e3dc3],
PUP.Optional.MindSpark, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E0C3A839-0E5E-4EBC-9F8F-E56F8FC732CE}, , [bf6c252deba0a78f05ed298dd72d09f7],
PUP.Optional.MindSpark, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E59567B2-2035-4A62-8B1E-F27A426BBCA9}, , [0d1ecd8506857eb83db509ad9c6808f8],
PUP.Optional.MindSpark, HKLM\SOFTWARE\MOZILLAPLUGINS\@FromDocToPDF_65.com/Plugin, , [7fac54fe6625d1659972eccbb153ce32],
PUP.Optional.MindSpark, HKU\S-1-5-21-2684258682-1194155784-308387527-1000\SOFTWARE\OnlineMapFinder_9p, , [6ac1074bfb902a0c81d49e1891736a96],
PUP.Optional.MindSpark, HKU\S-1-5-21-2684258682-1194155784-308387527-1000\SOFTWARE\APPDATALOW\SOFTWARE\FromDocToPDF_65, , [bb70d37f602ba98d5ed1e3d29c68827e],
PUP.Optional.MindSpark, HKU\S-1-5-21-2684258682-1194155784-308387527-1000\SOFTWARE\APPDATALOW\SOFTWARE\OnlineMapFinder_9p, , [0e1daba7fc8f52e44d143a7b6d978c74],
PUP.Optional.1ClickDownload, HKU\S-1-5-21-2684258682-1194155784-308387527-1004\SOFTWARE\1ClickDownload, , [a685b49ea9e2d46237482f61b54fa957],
PUP.Optional.MindSpark, HKU\S-1-5-21-2684258682-1194155784-308387527-1004\SOFTWARE\FromDocToPDF_65, , [a388bd95f99245f11fbba510897b9c64],
PUP.Optional.InboxToolBar, HKU\S-1-5-21-2684258682-1194155784-308387527-1004\SOFTWARE\Inbox Toolbar, , [e04b12405f2c7bbbd9e8a30a6f95649c],
PUP.Optional.MindSpark, HKU\S-1-5-21-2684258682-1194155784-308387527-1004\SOFTWARE\OnlineMapFinder_9p, , [0f1cfd55c0cb290dc5905d5953b16997],
PUP.Optional.MindSpark, HKU\S-1-5-21-2684258682-1194155784-308387527-1004\SOFTWARE\APPDATALOW\SOFTWARE\FromDocToPDF_65, , [cd5ef16147444ee8e44b6d487490dd23],
PUP.Optional.MindSpark, HKU\S-1-5-21-2684258682-1194155784-308387527-1004\SOFTWARE\APPDATALOW\SOFTWARE\OnlineMapFinder_9p, , [a487d37f454696a01c45981d9f65916f],
PUP.Optional.ICQ, HKU\S-1-5-21-2684258682-1194155784-308387527-1004\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{6552C7DD-90A4-4387-B795-F8F96747DE19}, , [2b00aca68a0187af5972d2da11f3f50b],
PUP.Optional.ASK, HKU\S-1-5-21-2684258682-1194155784-308387527-1004\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9A216821-0EC5-49A3-85AC-FB72AE79A1E8}, , [13189db53259b680ab1d73672adaa858],
PUP.Optional.MindSpark, HKU\S-1-5-21-2684258682-1194155784-308387527-1005\SOFTWARE\FromDocToPDF_65, , [02297bd7deadb58128b2c1f4917313ed],
PUP.Optional.MindSpark, HKU\S-1-5-21-2684258682-1194155784-308387527-1005\SOFTWARE\OnlineMapFinder_9p, , [cc5fc290d7b4be78a1b4486ec044d729],
PUP.Optional.MindSpark, HKU\S-1-5-21-2684258682-1194155784-308387527-1005\SOFTWARE\APPDATALOW\SOFTWARE\FromDocToPDF_65, , [af7c96bc395296a0ac836d48b05455ab],
PUP.Optional.MindSpark, HKU\S-1-5-21-2684258682-1194155784-308387527-1005\SOFTWARE\APPDATALOW\SOFTWARE\OnlineMapFinder_9p, , [49e21d3593f8f54165fc6b4a7292d52b],
PUP.Optional.ICQ, HKU\S-1-5-21-2684258682-1194155784-308387527-1005\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{6552C7DD-90A4-4387-B795-F8F96747DE19}, , [78b3d28093f882b4ac1fe4c8986c7d83],
PUP.Optional.ASK, HKU\S-1-5-21-2684258682-1194155784-308387527-1005\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9A216821-0EC5-49A3-85AC-FB72AE79A1E8}, , [e447d67c5a31c76f12b6776325df51af],
PUP.Optional.InboxToolBar, HKU\S-1-5-21-2684258682-1194155784-308387527-1006\SOFTWARE\Inbox Toolbar, , [919a064cf4974ceafbc6cde0719350b0],
PUP.Optional.MindSpark, HKU\S-1-5-21-2684258682-1194155784-308387527-1006\SOFTWARE\OnlineMapFinder_9p, , [a88351016c1f9c9adc79efc7e91b6e92],
PUP.Optional.PCPowerSpeed, HKU\S-1-5-21-2684258682-1194155784-308387527-1006\SOFTWARE\PCPowerSpeed, , [6ebd01512566e1551e519db051b234cc],
PUP.Optional.MindSpark, HKU\S-1-5-21-2684258682-1194155784-308387527-1006\SOFTWARE\APPDATALOW\SOFTWARE\FromDocToPDF_65, , [ad7eb49e1a7172c49b94a510ea1a27d9],
PUP.Optional.MindSpark, HKU\S-1-5-21-2684258682-1194155784-308387527-1006\SOFTWARE\APPDATALOW\SOFTWARE\OnlineMapFinder_9p, , [ca61272beba0c1755011caeb996b42be],
PUP.Optional.ICQ, HKU\S-1-5-21-2684258682-1194155784-308387527-1006\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{6552C7DD-90A4-4387-B795-F8F96747DE19}, , [84a7a3af8803c96d6e5d505ccc389a66],

Hodnoty registru: 43
PUP.Optional.InboxToolBar, HKU\S-1-5-21-2684258682-1194155784-308387527-1004\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS|{D3D233D5-9F6D-436C-B6C7-E63F77503B30}, , [31fab79b5d2e49ed2533be33976b31cf],
PUP.Optional.InboxToolBar, HKU\S-1-5-21-2684258682-1194155784-308387527-1005\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS|{D3D233D5-9F6D-436C-B6C7-E63F77503B30}, , [31fab79b5d2e49ed2533be33976b31cf],
PUP.Optional.InboxToolBar, HKU\S-1-5-21-2684258682-1194155784-308387527-1006\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS|{D3D233D5-9F6D-436C-B6C7-E63F77503B30}, , [31fab79b5d2e49ed2533be33976b31cf],
PUP.Optional.InboxToolBar, HKU\S-1-5-21-2684258682-1194155784-308387527-1004\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER|{D7E97865-918F-41E4-9CD0-25AB1C574CE8}, exé׏‘äAśĐ%« WLč, , [23083e14becd221480d95f9234ceb848]
PUP.Optional.InboxToolBar, HKU\S-1-5-21-2684258682-1194155784-308387527-1005\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER|{D7E97865-918F-41E4-9CD0-25AB1C574CE8}, exé׏‘äAśĐ%« WLč, , [23083e14becd221480d95f9234ceb848]
PUP.Optional.InboxToolBar, HKU\S-1-5-21-2684258682-1194155784-308387527-1006\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER|{D7E97865-918F-41E4-9CD0-25AB1C574CE8}, exé׏‘äAśĐ%« WLč, , [23083e14becd221480d95f9234ceb848]
PUP.Optional.ICQToolbar, HKU\S-1-5-21-2684258682-1194155784-308387527-1004\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS|{855F3B16-6D32-4FE6-8A56-BBB695989046}, , [dd4e63ef68231c1a66d88d64e1214fb1],
PUP.Optional.ICQToolbar, HKU\S-1-5-21-2684258682-1194155784-308387527-1005\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS|{855F3B16-6D32-4FE6-8A56-BBB695989046}, , [dd4e63ef68231c1a66d88d64e1214fb1],
PUP.Optional.ICQToolbar, HKU\S-1-5-21-2684258682-1194155784-308387527-1006\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS|{855F3B16-6D32-4FE6-8A56-BBB695989046}, , [dd4e63ef68231c1a66d88d64e1214fb1],
PUP.Optional.InboxToolBar, HKU\S-1-5-21-2684258682-1194155784-308387527-1004\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}, , [a883fa58f4977db99bbeab4628dafc04],
PUP.Optional.InboxToolBar, HKU\S-1-5-21-2684258682-1194155784-308387527-1005\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}, , [b279064c7b106cca40198a6719e9d12f],
PUP.Optional.InboxToolBar, HKU\S-1-5-21-2684258682-1194155784-308387527-1006\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}, , [4cdfdd759dee3df9154422cf47bb60a0],
PUP.Optional.ICQToolbar, HKU\S-1-5-21-2684258682-1194155784-308387527-1004\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS\{855F3B16-6D32-4fe6-8A56-BBB695989046}, , [a784f85a8cffd36351ed08e9f11115eb],
PUP.Optional.InboxToolBar, HKU\S-1-5-21-2684258682-1194155784-308387527-1004\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}, , [88a3331f2a61ef476fe9e20f40c216ea],
PUP.Optional.ICQToolbar, HKU\S-1-5-21-2684258682-1194155784-308387527-1005\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS\{855F3B16-6D32-4fe6-8A56-BBB695989046}, , [38f30e4436553402310d01f0f40e53ad],
PUP.Optional.InboxToolBar, HKU\S-1-5-21-2684258682-1194155784-308387527-1005\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}, , [73b8450d0d7efb3b60f8d51c6e94857b],
PUP.Optional.ICQToolbar, HKU\S-1-5-21-2684258682-1194155784-308387527-1006\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS\{855F3B16-6D32-4fe6-8A56-BBB695989046}, , [e14a4c061f6c92a4a79735bc788af40c],
PUP.Optional.InboxToolBar, HKU\S-1-5-21-2684258682-1194155784-308387527-1006\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}, , [60cbe07290fbbe7817419e53fd05a25e],
PUP.Optional.MindSpark, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8663977e-01e4-4f5c-b343-4675834e8a9f}|AppPath, C:\Program Files\OnlineMapFinder_9p\bar\1.bin, , [111a6ae8d1ba51e54ba7f4c28282e719]
PUP.Optional.MindSpark, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8cb29ad2-ca79-46e5-865c-8d56b2bce662}|AppPath, C:\Program Files\OnlineMapFinder_9p\bar\1.bin, , [33f8a4ae404b81b5747e714516ee7987]
PUP.Optional.MindSpark, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9d1a84cb-3e2b-4cce-b7b7-d0214959f011}|AppPath, C:\Program Files\OnlineMapFinder_9p\bar\1.bin, , [35f6f45e018a38fedd15e1d5bc48936d]
PUP.Optional.MindSpark, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{aed6e119-4324-4e26-956b-6ad9acef9e7e}|AppPath, C:\Program Files\OnlineMapFinder_9p\bar\1.bin, , [86a5064ccdbe4ee8876bf8bea0640af6]
PUP.Optional.MindSpark, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{cb39f555-997f-45cb-8086-e5e6e2866daf}|AppPath, C:\Program Files\OnlineMapFinder_9p\bar\1.bin, , [dd4e371b0f7c0630747e6254f60e3dc3]
PUP.Optional.MindSpark, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{e0c3a839-0e5e-4ebc-9f8f-e56f8fc732ce}|AppPath, C:\Program Files\FromDocToPDF_65\bar\1.bin, , [bf6c252deba0a78f05ed298dd72d09f7]
PUP.Optional.MindSpark, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{e59567b2-2035-4a62-8b1e-f27a426bbca9}|AppPath, C:\Program Files\OnlineMapFinder_9p\bar\1.bin, , [0d1ecd8506857eb83db509ad9c6808f8]
PUP.Optional.MindSpark, HKLM\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|65ffxtbr@FromDocToPDF_65.com, C:\Program Files\FromDocToPDF_65\bar\1.bin, , [d358242e345776c05ca380366e965ca4]
PUP.Optional.Babylon, HKU\S-1-5-21-2684258682-1194155784-308387527-1004\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}|URL, http://search.babylon.com/web/{searchTe ... wsersearch, , [3af1ce84800bc175c0ab098aba4ad927]
PUP.Optional.ICQ, HKU\S-1-5-21-2684258682-1194155784-308387527-1004\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{6552C7DD-90A4-4387-B795-F8F96747DE19}|URL, http://search.icq.com/search/results.ph ... }&ch_id=sm, , [2b00aca68a0187af5972d2da11f3f50b]
PUP.Optional.ICQ, HKU\S-1-5-21-2684258682-1194155784-308387527-1004\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{6552C7DD-90A4-4387-B795-F8F96747DE19}|FaviconURL, http://c.icq.com/favicon.ico, , [35f6be94f695191de7e4a4084eb6c040]
PUP.Optional.ASK, HKU\S-1-5-21-2684258682-1194155784-308387527-1004\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9a216821-0ec5-49a3-85ac-fb72ae79a1e8}|DisplayName, Ask Web Search, , [13189db53259b680ab1d73672adaa858]
PUP.Optional.ASK, HKU\S-1-5-21-2684258682-1194155784-308387527-1004\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9a216821-0ec5-49a3-85ac-fb72ae79a1e8}|URL, http://search.tb.ask.com/search/GGmain. ... earchTerms}, , [67c4aea4dead3105c20532a84bb92bd5]
PUP.Optional.ASK, HKU\S-1-5-21-2684258682-1194155784-308387527-1004\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9a216821-0ec5-49a3-85ac-fb72ae79a1e8}|SuggestionsURL_JSON, http://srchsugg.tb.ask.com/query?li=ff& ... earchTerms}, , [2b0089c996f5f640b512c515f113c23e]
PUP.Optional.Babylon, HKU\S-1-5-21-2684258682-1194155784-308387527-1005\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}|URL, http://search.babylon.com/web/{searchTe ... wsersearch, , [9992fd552d5e12242447088bc14338c8]
PUP.Optional.ICQ, HKU\S-1-5-21-2684258682-1194155784-308387527-1005\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{6552C7DD-90A4-4387-B795-F8F96747DE19}|URL, http://search.icq.com/search/results.ph ... }&ch_id=sm, , [78b3d28093f882b4ac1fe4c8986c7d83]
PUP.Optional.ICQ, HKU\S-1-5-21-2684258682-1194155784-308387527-1005\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{6552C7DD-90A4-4387-B795-F8F96747DE19}|FaviconURL, http://c.icq.com/favicon.ico, , [fe2d62f073181323cb00c5e7996b13ed]
PUP.Optional.ASK, HKU\S-1-5-21-2684258682-1194155784-308387527-1005\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9a216821-0ec5-49a3-85ac-fb72ae79a1e8}|DisplayName, Ask Web Search, , [e447d67c5a31c76f12b6776325df51af]
PUP.Optional.ASK, HKU\S-1-5-21-2684258682-1194155784-308387527-1005\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9a216821-0ec5-49a3-85ac-fb72ae79a1e8}|URL, http://search.tb.ask.com/search/GGmain. ... earchTerms}, , [bb70f959c3c8ee481fa8c317ea1aa35d]
PUP.Optional.ASK, HKU\S-1-5-21-2684258682-1194155784-308387527-1005\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9a216821-0ec5-49a3-85ac-fb72ae79a1e8}|SuggestionsURL_JSON, http://srchsugg.tb.ask.com/query?li=ff& ... earchTerms}, , [a08b4c06b4d72a0c1aada1397b8903fd]
PUP.Optional.ICQ, HKU\S-1-5-21-2684258682-1194155784-308387527-1006\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{6552C7DD-90A4-4387-B795-F8F96747DE19}|URL, http://search.icq.com/search/results.ph ... }&ch_id=sm, , [84a7a3af8803c96d6e5d505ccc389a66]
PUP.Optional.ICQ, HKU\S-1-5-21-2684258682-1194155784-308387527-1006\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{6552C7DD-90A4-4387-B795-F8F96747DE19}|FaviconURL, http://c.icq.com/favicon.ico, , [c36886ccf794f442c803f0bc7f8521df]
PUM.UserWLoad, HKU\S-1-5-21-2684258682-1194155784-308387527-1006\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|Load, C:\Users\Heli\Local Settings\Temp\mskyprkvz.pif, , [d15abe94008b88ae83be174cc83bc23e]
Trojan.Zaccess, HKU\S-1-5-21-2684258682-1194155784-308387527-1006\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Google Update^??, , [ed3e3b17f2998bab6a18a35ffa06a957],
PUP.Optional.PCPowerSpeed, HKU\S-1-5-21-2684258682-1194155784-308387527-1006\SOFTWARE\PCPOWERSPEED|LAST_CMS_UPDATE, Mˆě÷Ůă@, , [6fbc0e448407f3437efd1d9f3bc914ec]

Data registru: 6
Hijack.StartPage, HKU\S-1-5-21-2684258682-1194155784-308387527-1004\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Bar, http://toolbar.inbox.com/search/dispatc ... &%language, Dobré: (www.google.com), Špatné: (http://toolbar.inbox.com/search/dispatc ... &%language),,[64c71a384a41df5748b86b1611f4f50b]
Hijack.SearchBar, HKU\S-1-5-21-2684258682-1194155784-308387527-1004\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Bar, http://toolbar.inbox.com/search/dispatc ... &%language, Dobré: (www.google.com/), Špatné: (http://toolbar.inbox.com/search/dispatc ... &%language),,[80ab58fab7d454e299687d04b550cb35]
Hijack.StartPage, HKU\S-1-5-21-2684258682-1194155784-308387527-1005\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Bar, http://toolbar.inbox.com/search/dispatc ... &%language, Dobré: (www.google.com), Špatné: (http://toolbar.inbox.com/search/dispatc ... &%language),,[f437430f850692a412ee3948c93cd828]
Hijack.SearchBar, HKU\S-1-5-21-2684258682-1194155784-308387527-1005\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Bar, http://toolbar.inbox.com/search/dispatc ... &%language, Dobré: (www.google.com/), Špatné: (http://toolbar.inbox.com/search/dispatc ... &%language),,[45e6e270b7d473c3738eb6cb29dcfb05]
Hijack.StartPage, HKU\S-1-5-21-2684258682-1194155784-308387527-1006\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Bar, http://toolbar.inbox.com/search/dispatc ... &%language, Dobré: (www.google.com), Špatné: (http://toolbar.inbox.com/search/dispatc ... &%language),,[18133e144e3d3ef80ef2bbc69c691ce4]
Hijack.SearchBar, HKU\S-1-5-21-2684258682-1194155784-308387527-1006\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Bar, http://toolbar.inbox.com/search/dispatc ... &%language, Dobré: (www.google.com/), Špatné: (http://toolbar.inbox.com/search/dispatc ... &%language),,[32f9f260642769cd926f1c65b45156aa]

Složky: 13
PUP.Optional.ConduitTB.Gen, C:\Users\Karel\AppData\Local\CRE, , [ee3d93bf1972c57174bcdf6048bb60a0],
PUP.Optional.CrossRider, C:\Program Files\TornPlusTV_version1.11, , [0724262c4c3f0531d51a514d28dc758b],
PUP.Optional.Sanbreel, C:\Program Files\Reverse Page\bin, , [34f7aba7632880b63f5f8d35a65ed828],
PUP.Optional.Sanbreel, C:\Program Files\Reverse Page\bin\TEMP, , [34f7aba7632880b63f5f8d35a65ed828],
PUP.Optional.Sanbreel, C:\Program Files\Reverse Page, , [34f7aba7632880b63f5f8d35a65ed828],
PUP.Optional.PCPowerSpeed, C:\Users\Heli\AppData\Roaming\PCPowerSpeed, , [ba7162f04d3e0135cec896751ee57987],
Trojan.0Access, C:\Users\Heli\AppData\Local\Google\Desktop\Install\{e640a798-b136-249a-2070-4fa3e5019e20}\???, , [d6551a38e1aa62d46d10c240d32d3fc1],
Trojan.0Access, C:\Users\Heli\AppData\Local\Google\Desktop\Install\{e640a798-b136-249a-2070-4fa3e5019e20}\???\???, , [d6551a38e1aa62d46d10c240d32d3fc1],
Trojan.0Access, C:\Users\Heli\AppData\Local\Google\Desktop\Install\{e640a798-b136-249a-2070-4fa3e5019e20}\???\???\???, , [d6551a38e1aa62d46d10c240d32d3fc1],
Trojan.0Access, C:\Users\Heli\AppData\Local\Google\Desktop\Install\{e640a798-b136-249a-2070-4fa3e5019e20}\???\???\???\{e640a798-b136-249a-2070-4fa3e5019e20}, , [d6551a38e1aa62d46d10c240d32d3fc1],
Trojan.0Access, C:\Users\Heli\AppData\Local\Google\Desktop\Install\{e640a798-b136-249a-2070-4fa3e5019e20}\???\???\???\{e640a798-b136-249a-2070-4fa3e5019e20}\L, , [d6551a38e1aa62d46d10c240d32d3fc1],
Trojan.0Access, C:\Users\Heli\AppData\Local\Google\Desktop\Install\{e640a798-b136-249a-2070-4fa3e5019e20}\???\???\???\{e640a798-b136-249a-2070-4fa3e5019e20}\U, , [d6551a38e1aa62d46d10c240d32d3fc1],
Trojan.0Access, C:\Users\Heli\AppData\Local\Google\Desktop\Install\{e640a798-b136-249a-2070-4fa3e5019e20}, , [77b4e56d0d7e1e18344a31d158a8ee12],

Soubory: 50
PUP.Optional.MindSpark, C:\AdwCleaner\Quarantine\C\Program Files\FromDocToPDF_65\bar\1.bin\65auxstb.dll.vir, , [ef3c1a3834572b0b954ffabe22e353ad],
PUP.Optional.AudioToAudioToolBar, C:\AdwCleaner\Quarantine\C\Program Files\FromDocToPDF_65\bar\1.bin\65barsvc.exe.vir, , [e14a2e24b8d3c472932c5bfa44bc7090],
PUP.Optional.MindSpark, C:\AdwCleaner\Quarantine\C\Program Files\FromDocToPDF_65\bar\1.bin\65brmon.exe.vir, , [2209361c3c4fdc5a7b690cacb2539070],
PUP.Optional.MindSpark, C:\AdwCleaner\Quarantine\C\Program Files\FromDocToPDF_65\bar\1.bin\65datact.dll.vir, , [141770e2a4e7191d6f752395e0252bd5],
PUP.Optional.MindSpark, C:\AdwCleaner\Quarantine\C\Program Files\FromDocToPDF_65\bar\1.bin\65dlghk.dll.vir, , [5fccf16122695adcffe5f6c213f2f709],
PUP.Optional.MindSpark, C:\AdwCleaner\Quarantine\C\Program Files\FromDocToPDF_65\bar\1.bin\65feedmg.dll.vir, , [5ecd4d0546450333ecf84d6b4abbd927],
PUP.Optional.MindSpark, C:\AdwCleaner\Quarantine\C\Program Files\FromDocToPDF_65\bar\1.bin\65highin.exe.vir, , [3deeff53e2a9c76f27bd7c3cc93cb848],
PUP.Optional.MindSpark, C:\AdwCleaner\Quarantine\C\Program Files\FromDocToPDF_65\bar\1.bin\65hkstub.dll.vir, , [63c84d056b20e84ed70d9b1d38cdac54],
PUP.Optional.MindSpark, C:\AdwCleaner\Quarantine\C\Program Files\FromDocToPDF_65\bar\1.bin\65httpct.dll.vir, , [65c60250e8a3cd6963814672bc4932ce],
PUP.Optional.MindSpark, C:\AdwCleaner\Quarantine\C\Program Files\FromDocToPDF_65\bar\1.bin\65idle.dll.vir, , [d655232f0f7ca78f41a30aaeda2b916f],
PUP.Optional.MindSpark, C:\AdwCleaner\Quarantine\C\Program Files\FromDocToPDF_65\bar\1.bin\65ieovr.dll.vir, , [2dfef85a107bf244ffe5cbed2fd6a45c],
PUP.Optional.MindSpark, C:\AdwCleaner\Quarantine\C\Program Files\FromDocToPDF_65\bar\1.bin\65medint.exe.vir, , [36f50f43a9e244f2eff57d3bf3120df3],
PUP.Optional.MindSpark, C:\AdwCleaner\Quarantine\C\Program Files\FromDocToPDF_65\bar\1.bin\65mlbtn.dll.vir, , [f932ba9859321224558f45734cb9d729],
PUP.Optional.MindSpark, C:\AdwCleaner\Quarantine\C\Program Files\FromDocToPDF_65\bar\1.bin\65msg.dll.vir, , [8c9f1b3790fbaa8cdd07694f996c9868],
PUP.Optional.MindSpark, C:\AdwCleaner\Quarantine\C\Program Files\FromDocToPDF_65\bar\1.bin\65regfft.dll.vir, , [a8831a38078451e5edf7f4c4768fc23e],
PUP.Optional.MindSpark, C:\AdwCleaner\Quarantine\C\Program Files\FromDocToPDF_65\bar\1.bin\65regiet.dll.vir, , [cb60d08242498babeff57d3bda2b6898],
PUP.Optional.MindSpark, C:\AdwCleaner\Quarantine\C\Program Files\FromDocToPDF_65\bar\1.bin\65script.dll.vir, , [e94280d293f894a2ffe55e5a16ef49b7],
PUP.Optional.MindSpark, C:\AdwCleaner\Quarantine\C\Program Files\FromDocToPDF_65\bar\1.bin\65skin.dll.vir, , [8c9ff45e6922c274edf71a9e5da8f907],
PUP.Optional.MindSpark, C:\AdwCleaner\Quarantine\C\Program Files\FromDocToPDF_65\bar\1.bin\65sknlcr.dll.vir, , [8aa169e94942b87ebe26c8f093721ee2],
PUP.Optional.MindSpark, C:\AdwCleaner\Quarantine\C\Program Files\FromDocToPDF_65\bar\1.bin\65skplay.exe.vir, , [13187ad81972191d4d978434877e837d],
PUP.Optional.MindSpark, C:\AdwCleaner\Quarantine\C\Program Files\FromDocToPDF_65\bar\1.bin\65SrcAs.dll.vir, , [9992d0827b107cbaebf9ccecf90cab55],
PUP.Optional.MindSpark, C:\AdwCleaner\Quarantine\C\Program Files\FromDocToPDF_65\bar\1.bin\65uabtn.dll.vir, , [a388084a58333ef86d77e3d526dfbd43],
PUP.Optional.MindSpark, C:\AdwCleaner\Quarantine\C\Program Files\FromDocToPDF_65\bar\1.bin\T8EXTPEX.DLL.vir, , [0b200e4491fa42f47a9dacace719916f],
PUP.Optional.ModGoog, C:\AdwCleaner\Quarantine\C\Program Files\globalUpdate\Update\1.3.25.0\GoogleCrashHandler.exe.vir, , [f2391141444788ae106f9adfea179f61],
PUP.Optional.MultiPlug, C:\AdwCleaner\Quarantine\C\Program Files\PrriiceeLesas\NdmHo6ZaSWt7Wt.exe.vir, , [0823b39f97f43afce44f87393ec3b749],
PUP.Optional.WindowsProtectManger, C:\AdwCleaner\Quarantine\C\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe.vir, , [4ae14d05503b4de9c9a7312843bd09f7],
PUP.Optional.Genieo, C:\AdwCleaner\Quarantine\C\Users\Karel\AppData\Roaming\genieo\Application\Partner\uninstall\partner_uninstall.exe.vir, , [e546a4ae2f5c3afc946a06b7897857a9],
PUP.Optional.Genieo, C:\AdwCleaner\Quarantine\C\Users\Karel\AppData\Roaming\genieo\Application\Partner\uninstall\gim394750002\partner_uninstall.exe.vir, , [8ba06ce61f6c21156a94d8e5b54c946c],
PUP.Optional.Genieo, C:\AdwCleaner\Quarantine\C\Users\Karel\AppData\Roaming\genieo\Application\Updater\genieo_temp\genieo_setup.exe.vir, , [1c0fe86a46454aec3ec02b9211f0867a],
PUP.Optional.Genieo, C:\AdwCleaner\Quarantine\C\Users\Karel\AppData\Roaming\genieo\Data\Updater\genieo_temp\genieo_setup.gen.vir, , [ef3c64eea6e589ad56a8f1cc0af7f50b],
PUP.Optional.Conduit, C:\AdwCleaner\Quarantine\C\Users\Karel\AppData\Roaming\SearchProtect\bin\cltmng.exe.vir, , [2b006ce6f6951125369bbefec73a6e92],
Trojan.Loader, C:\Program Files\ORTHOS\ORTHOS.exe, , [eb4039195e2db87e8eb1351818e909f7],
PUP.Optional.ConduitTB.Gen, C:\Users\Karel\AppData\Local\CRE\dhoigiahaahldpgnbbimfecackdgccna.crx, , [ee3d93bf1972c57174bcdf6048bb60a0],
PUP.Optional.ShopperPro, C:\Windows\System32\Tasks\ShopperPro, , [58d369e9484351e5e6a9e96528dbba46],
Rogue.Link, C:\Users\Karel\Favorites\Free Porn Videos - Shemale Allure Free Shemale Sex Videos Shemale Tube - Page 2.url, , [69c2480a860584b25cc47c1447bc46ba],
PUP.Optional.CrossRider, C:\Program Files\TornPlusTV_version1.11\bgNova.html, , [0724262c4c3f0531d51a514d28dc758b],
PUP.Optional.CrossRider, C:\Program Files\TornPlusTV_version1.11\8cb542dc-9f3c-40d3-b096-63930a1f0bdb.xpi, , [0724262c4c3f0531d51a514d28dc758b],
PUP.Optional.CrossRider, C:\Program Files\TornPlusTV_version1.11\background.html, , [0724262c4c3f0531d51a514d28dc758b],
PUP.Optional.CrossRider, C:\Program Files\TornPlusTV_version1.11\TornPlusTV_version1.11.ico, , [0724262c4c3f0531d51a514d28dc758b],
PUP.Optional.Sanbreel, C:\Program Files\Reverse Page\bin\BrowserAdapter.7z, , [34f7aba7632880b63f5f8d35a65ed828],
PUP.Optional.Sanbreel, C:\Program Files\Reverse Page\bin\7za.exe, , [34f7aba7632880b63f5f8d35a65ed828],
PUP.Optional.Sanbreel, C:\Program Files\Reverse Page\bin\ReversePage.expext.zip, , [34f7aba7632880b63f5f8d35a65ed828],
PUP.Optional.Sanbreel, C:\Program Files\Reverse Page\bin\ReversePage.PurBrowseG.zip, , [34f7aba7632880b63f5f8d35a65ed828],
PUP.Optional.Sanbreel, C:\Program Files\Reverse Page\bin\utilReversePage.InstallState, , [34f7aba7632880b63f5f8d35a65ed828],
PUP.Optional.Sanbreel, C:\Program Files\Reverse Page\updateReversePage.InstallState, , [34f7aba7632880b63f5f8d35a65ed828],
PUP.Optional.PCPowerSpeed, C:\Users\Heli\AppData\Roaming\PCPowerSpeed\banner_bottom.png, , [ba7162f04d3e0135cec896751ee57987],
PUP.Optional.PCPowerSpeed, C:\Users\Heli\AppData\Roaming\PCPowerSpeed\banner_free.png, , [ba7162f04d3e0135cec896751ee57987],
PUP.Optional.PCPowerSpeed, C:\Users\Heli\AppData\Roaming\PCPowerSpeed\banner_left.png, , [ba7162f04d3e0135cec896751ee57987],
PUP.Optional.PCPowerSpeed, C:\Users\Heli\AppData\Roaming\PCPowerSpeed\banner_uninst.png, , [ba7162f04d3e0135cec896751ee57987],
PUP.Optional.PCPowerSpeed, C:\Users\Heli\AppData\Roaming\PCPowerSpeed\faq.htm, , [ba7162f04d3e0135cec896751ee57987],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Vytížení hdd na 100%

#11 Příspěvek od vyosek »

:arrow: Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu
  • Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
  • Do okna vlozte skript nize

  • Kód: Vybrat vše

    autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;
  • Nasledne kliknete na Run Script
  • PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
Jan1233
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 04 zář 2015 17:43

Re: Vytížení hdd na 100%

#12 Příspěvek od Jan1233 »

Mockrát děkuju! Vypadáto, že problém je pryč. Mohu již odinstalovat MBAM ?
Log:

Zoek.exe v5.0.0.1 Updated 04-October-2015
Tool run by oem on po 05.10.2015 at 14:54:41,44.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\oem\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

5.10.2015 14:57:46 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Possible Rootkit Infection ======================

C:\Users\Heli\AppData\Local\Google\Desktop\Install

==== Empty Folders Check ======================

C:\Program Files\1dc8655b-d275-4d5e-a7ed-08ee03f5e116 deleted successfully
C:\Program Files\MSXML 4.0 deleted successfully
C:\Program Files\TomTom DesktopSuite deleted successfully
C:\Program Files\Common Files\Nero deleted successfully
C:\Program Files\Common Files\Symantec Shared deleted successfully
C:\Users\Karel\AppData\Roaming\GetRightToGo deleted successfully
C:\Users\Karel\AppData\Roaming\Windows Live Writer deleted successfully
C:\Users\oem\AppData\Roaming\JAM Software deleted successfully
C:\Users\Heli\AppData\Local\EmieBrowserModeList deleted successfully
C:\Users\Heli\AppData\Local\EmieSiteList deleted successfully
C:\Users\Heli\AppData\Local\EmieUserList deleted successfully
C:\Users\Heli\AppData\Local\{033E1E91-073F-4109-B214-0B444887E7F2} deleted successfully
C:\Users\Heli\AppData\Local\{0E2B2890-6757-4645-9A69-544B54596368} deleted successfully
C:\Users\Heli\AppData\Local\{27A209E0-37EB-430A-B4F0-94B3E3F5A936} deleted successfully
C:\Users\Heli\AppData\Local\{4FF3AF41-40C8-4BBF-B541-3B861802D77B} deleted successfully
C:\Users\Heli\AppData\Local\{5EAE8C94-73C4-4687-A575-6DF2803F1294} deleted successfully
C:\Users\Heli\AppData\Local\{9821B48F-6119-492E-BAAC-1BF7F4C8F925} deleted successfully
C:\Users\Heli\AppData\Local\{A1CED593-54B3-4937-9AE7-2543F8FF4126} deleted successfully
C:\Users\Heli\AppData\Local\{B74D0D79-DD6A-4D6E-9567-08D862EA8628} deleted successfully
C:\Users\Heli\AppData\Local\{BDE0106E-E078-41E1-AF26-EFD249851988} deleted successfully
C:\Users\Heli\AppData\Local\{FFD30242-36B9-41DB-AD60-38C20874FA6B} deleted successfully
C:\Users\Karel\AppData\Local\EmieBrowserModeList deleted successfully
C:\Users\Karel\AppData\Local\EmieSiteList deleted successfully
C:\Users\Karel\AppData\Local\EmieUserList deleted successfully
C:\Users\Karel\AppData\Local\MigWiz deleted successfully
C:\Users\Karel\AppData\Local\{0065BC94-5FCE-45DB-A1AF-46E2CDCBF838} deleted successfully
C:\Users\Karel\AppData\Local\{0284A833-9DC4-4EF8-B707-B90ACF8F36A5} deleted successfully
C:\Users\Karel\AppData\Local\{08DEBFCB-4268-4316-8CD9-4443269112C9} deleted successfully
C:\Users\Karel\AppData\Local\{091AF49F-1FD1-4A61-BF10-EE038C93B9C3} deleted successfully
C:\Users\Karel\AppData\Local\{10CCF39B-91DE-43C0-B352-473B93FBC186} deleted successfully
C:\Users\Karel\AppData\Local\{195E0B4C-A43A-46DC-A846-A0378F0E42DD} deleted successfully
C:\Users\Karel\AppData\Local\{1BE9D696-D3C5-4864-BADD-D552155B14D5} deleted successfully
C:\Users\Karel\AppData\Local\{2291BECA-38E2-4A66-AC08-B38D29F53A72} deleted successfully
C:\Users\Karel\AppData\Local\{23143987-026E-41C1-B0EB-1868A5238C63} deleted successfully
C:\Users\Karel\AppData\Local\{2430E1EE-A5E8-4CCF-A4C7-764DEAEDE489} deleted successfully
C:\Users\Karel\AppData\Local\{245E8BFF-D0CF-4BA0-9AAF-786EE7E0D616} deleted successfully
C:\Users\Karel\AppData\Local\{2510A53F-454F-424D-9295-7CFE468A9C68} deleted successfully
C:\Users\Karel\AppData\Local\{28AD97C0-F142-4A08-9323-54133DB54214} deleted successfully
C:\Users\Karel\AppData\Local\{28C93BE3-7C7D-4C5B-B6B1-9D3FED2C3F21} deleted successfully
C:\Users\Karel\AppData\Local\{29A9A3C1-B653-46DC-8471-0CC19F093A6E} deleted successfully
C:\Users\Karel\AppData\Local\{29CE8426-1D1F-4500-8BA5-7565ABF64996} deleted successfully
C:\Users\Karel\AppData\Local\{2A15C7C8-3C5E-40D6-B1BF-6A9A81D68F52} deleted successfully
C:\Users\Karel\AppData\Local\{2A8483AF-639E-4160-9440-46000C0AE757} deleted successfully
C:\Users\Karel\AppData\Local\{2BFDA0D4-75C8-43D0-B161-50CC4D87F0FB} deleted successfully
C:\Users\Karel\AppData\Local\{2C26FE3B-6153-4948-A9EC-96221295B170} deleted successfully
C:\Users\Karel\AppData\Local\{2CCF2053-2796-46F2-8AAE-3FC23A0A468F} deleted successfully
C:\Users\Karel\AppData\Local\{2E1D695E-3B9A-41E7-BA46-42DDF87A573F} deleted successfully
C:\Users\Karel\AppData\Local\{333AD0C2-CE7F-4FA2-A1FF-B0FB6B543215} deleted successfully
C:\Users\Karel\AppData\Local\{36DF242D-4A42-4874-9DAB-AA917390B49B} deleted successfully
C:\Users\Karel\AppData\Local\{375D6DBB-154F-4B23-985F-245BA9CE1719} deleted successfully
C:\Users\Karel\AppData\Local\{37CC1D19-724D-4163-B85C-849221AE3028} deleted successfully
C:\Users\Karel\AppData\Local\{381D18F2-A7B0-4E6E-857B-2603B7C939C1} deleted successfully
C:\Users\Karel\AppData\Local\{38BFDFB2-C1E1-4FEE-B857-53D789821459} deleted successfully
C:\Users\Karel\AppData\Local\{39BD0EF0-7DE8-4D2F-A1B6-440F716F668D} deleted successfully
C:\Users\Karel\AppData\Local\{3A9A6202-3E63-45B0-95A7-6549B76CCF85} deleted successfully
C:\Users\Karel\AppData\Local\{3AA6482A-9A17-4191-83A8-5C3363D4C4F4} deleted successfully
C:\Users\Karel\AppData\Local\{3B66129B-2F69-4200-908F-46D82FF03DC1} deleted successfully
C:\Users\Karel\AppData\Local\{43563A6F-D7FA-4B6E-89E5-937628A657BF} deleted successfully
C:\Users\Karel\AppData\Local\{475C45B4-5212-474C-810A-14F15750E605} deleted successfully
C:\Users\Karel\AppData\Local\{47FA23D0-9C0D-4F6C-9665-E50CAEF55692} deleted successfully
C:\Users\Karel\AppData\Local\{48B672D8-55A8-496B-89C4-001749B2B110} deleted successfully
C:\Users\Karel\AppData\Local\{56AC8307-5B35-4090-8E5D-EFCE7545ED5A} deleted successfully
C:\Users\Karel\AppData\Local\{5CB8A300-AC2C-42CF-BD78-EBFCC0151FDB} deleted successfully
C:\Users\Karel\AppData\Local\{5D53650C-17CB-47F3-AF75-8A84F0B68930} deleted successfully
C:\Users\Karel\AppData\Local\{5E62FE0F-8A9E-4574-846B-7A9A063B7886} deleted successfully
C:\Users\Karel\AppData\Local\{5F8F1B26-FE55-4CA4-8609-E1D415382E1F} deleted successfully
C:\Users\Karel\AppData\Local\{6096502C-9434-47B2-ACBA-CD0D9F272D3B} deleted successfully
C:\Users\Karel\AppData\Local\{67EABDC9-0DD0-4A79-8A75-7FDC8DE48E45} deleted successfully
C:\Users\Karel\AppData\Local\{6EB66A3E-ECC0-4706-BAD3-F247CD3B4572} deleted successfully
C:\Users\Karel\AppData\Local\{71A71FAE-4674-4E7D-937D-27463D6EA173} deleted successfully
C:\Users\Karel\AppData\Local\{7281E083-3335-4857-892E-1BC9810111F7} deleted successfully
C:\Users\Karel\AppData\Local\{742C2953-0CE4-4416-9C4B-20C76E821468} deleted successfully
C:\Users\Karel\AppData\Local\{75EAAFAA-3589-4D76-98B8-ABD85B62E864} deleted successfully
C:\Users\Karel\AppData\Local\{7736B608-9AC5-4110-A3BB-40B94B229EAF} deleted successfully
C:\Users\Karel\AppData\Local\{77BD7CE2-6FB0-4CC4-93B2-AF7A47BE087E} deleted successfully
C:\Users\Karel\AppData\Local\{79DB7C86-1302-475A-9A30-4FCF49E12AE7} deleted successfully
C:\Users\Karel\AppData\Local\{7A0F10E3-18CA-44ED-93B3-4C9332D22B3C} deleted successfully
C:\Users\Karel\AppData\Local\{7D188445-4E36-432E-A9A2-AD78B89B4216} deleted successfully
C:\Users\Karel\AppData\Local\{7D20D4FC-E68D-4C05-BA48-66ADC061C4C7} deleted successfully
C:\Users\Karel\AppData\Local\{7E3C6427-3DF7-470A-87CD-FE6354AB630E} deleted successfully
C:\Users\Karel\AppData\Local\{7E990BDC-AE32-4944-A2B7-16ED304FDB94} deleted successfully
C:\Users\Karel\AppData\Local\{81C3DC91-F4B5-4905-8438-BBACF26B4CE3} deleted successfully
C:\Users\Karel\AppData\Local\{874866D7-ACFD-4BB9-A4B8-1CE9372BB157} deleted successfully
C:\Users\Karel\AppData\Local\{8C8DEAAF-2043-4E11-A014-FF8DF1B668E6} deleted successfully
C:\Users\Karel\AppData\Local\{8CEBF10B-C5CD-451B-930F-5EAE3324E5B1} deleted successfully
C:\Users\Karel\AppData\Local\{9097FAF9-E57E-45FD-B608-BF914543607E} deleted successfully
C:\Users\Karel\AppData\Local\{948620C6-0348-47A1-8631-2561DD3A2383} deleted successfully
C:\Users\Karel\AppData\Local\{95669366-F814-4AA7-A054-FEC4878B6358} deleted successfully
C:\Users\Karel\AppData\Local\{9572CDB0-8E05-4469-874E-6E4FD20DAE46} deleted successfully
C:\Users\Karel\AppData\Local\{9646A9A2-99BB-4917-8D05-66971C98DEA1} deleted successfully
C:\Users\Karel\AppData\Local\{98C8AB21-B2BE-46EF-84E0-DF501E393889} deleted successfully
C:\Users\Karel\AppData\Local\{98F983F5-682A-4397-A0D1-BCFF5E85BD70} deleted successfully
C:\Users\Karel\AppData\Local\{9AF52BE9-1D08-4783-AF11-BDE2B2195E9F} deleted successfully
C:\Users\Karel\AppData\Local\{9C5E06F5-955A-4B37-9B36-F3D76DB9AB92} deleted successfully
C:\Users\Karel\AppData\Local\{9C993B71-A206-44ED-AD5B-FF6C8F255244} deleted successfully
C:\Users\Karel\AppData\Local\{9D325790-9F9B-48BC-9A13-96C189311B16} deleted successfully
C:\Users\Karel\AppData\Local\{9EEAF400-3222-4421-9D23-283B28D246DE} deleted successfully
C:\Users\Karel\AppData\Local\{A74977ED-8221-48D1-B374-D423ED93B07B} deleted successfully
C:\Users\Karel\AppData\Local\{AA3F819C-DBDD-4A16-B2C8-6CB562704329} deleted successfully
C:\Users\Karel\AppData\Local\{AB98B83B-8ADF-4BBC-BA4C-182BA9C23C4E} deleted successfully
C:\Users\Karel\AppData\Local\{AE8F5ED0-93A4-4402-88A8-779878A088D4} deleted successfully
C:\Users\Karel\AppData\Local\{B0084B0D-1032-41B8-A3FF-B76D05D2950D} deleted successfully
C:\Users\Karel\AppData\Local\{B09EB926-496A-4FD3-878F-B9EF01D0EE6F} deleted successfully
C:\Users\Karel\AppData\Local\{B3B48D2D-9ABD-4267-85A5-A1E81074EE94} deleted successfully
C:\Users\Karel\AppData\Local\{B69B4CC3-12C6-4302-9D09-54EF5E6443E5} deleted successfully
C:\Users\Karel\AppData\Local\{B754F92F-02C7-4965-9B3F-C03C9BDB473C} deleted successfully
C:\Users\Karel\AppData\Local\{BBBA836A-80D9-4C59-BBE3-9A02422E3ABB} deleted successfully
C:\Users\Karel\AppData\Local\{BD5C223E-D734-44B5-A0CF-3FA2BCE138D6} deleted successfully
C:\Users\Karel\AppData\Local\{BFD7B6D7-A634-4E29-84C2-043AA33C5D97} deleted successfully
C:\Users\Karel\AppData\Local\{C20419F4-04A6-44D7-AA1C-16863F42D3B9} deleted successfully
C:\Users\Karel\AppData\Local\{C4CD13FA-F818-402F-BAE8-56FFF960135E} deleted successfully
C:\Users\Karel\AppData\Local\{C5C18DAB-1FE0-4908-BEE9-E7AE90C3B589} deleted successfully
C:\Users\Karel\AppData\Local\{C6BF237C-5FF0-43B5-BE7F-374E598A1D36} deleted successfully
C:\Users\Karel\AppData\Local\{C6E6D839-8469-43E9-8974-0470BB992AC4} deleted successfully
C:\Users\Karel\AppData\Local\{C715E014-9DED-4CBD-85E6-C80F1BFEA0B3} deleted successfully
C:\Users\Karel\AppData\Local\{C80D303A-77E8-4B38-A92A-4187E99B1874} deleted successfully
C:\Users\Karel\AppData\Local\{CA0049A7-C282-4C5F-B2BC-EFEB938B5D1C} deleted successfully
C:\Users\Karel\AppData\Local\{CA53DAB6-B3E3-4842-9305-4E72BCC407CD} deleted successfully
C:\Users\Karel\AppData\Local\{CB122367-C4B4-4853-9170-4E3DF397C90B} deleted successfully
C:\Users\Karel\AppData\Local\{CB5C134C-617E-407F-AF20-91107190D82F} deleted successfully
C:\Users\Karel\AppData\Local\{CC85C59C-4157-464C-9D00-2CCAE18C018D} deleted successfully
C:\Users\Karel\AppData\Local\{D1D1AB07-5C35-4923-A8B5-A814F2CCE426} deleted successfully
C:\Users\Karel\AppData\Local\{DBA49577-2D1F-41B1-9B15-F59BC67ED25E} deleted successfully
C:\Users\Karel\AppData\Local\{E2073418-C066-4BFC-BF90-E09CF2E632FF} deleted successfully
C:\Users\Karel\AppData\Local\{E5E23CE3-BAA1-4BC3-A7A7-5D89E0480700} deleted successfully
C:\Users\Karel\AppData\Local\{EE5756B7-803F-447F-8474-CF04A96E3386} deleted successfully
C:\Users\Karel\AppData\Local\{FB9A6087-2E68-4B3D-9DEA-CB2D18FB1269} deleted successfully
C:\Users\Karel\AppData\Local\{FEF1291B-D789-454C-832A-1337EB733199} deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2684258682-1194155784-308387527-1000\Software\Microsoft\Internet Explorer\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6} deleted successfully
HKEY_USERS\S-1-5-21-2684258682-1194155784-308387527-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32004B8A-44A9-43E7-84E9-808838809519} deleted successfully
HKEY_USERS\S-1-5-21-2684258682-1194155784-308387527-1000\Software\Microsoft\Internet Explorer\Explorer Bars\{34C535AA-E988-49FC-8A96-1721EEBBCAF8} deleted successfully
HKEY_USERS\S-1-5-21-2684258682-1194155784-308387527-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{34C535AA-E988-49FC-8A96-1721EEBBCAF8} deleted successfully
HKEY_USERS\S-1-5-21-2684258682-1194155784-308387527-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D} deleted successfully
HKEY_USERS\S-1-5-21-2684258682-1194155784-308387527-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D} deleted successfully
HKEY_USERS\S-1-5-21-2684258682-1194155784-308387527-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C442AC41-9200-4770-8CC0-7CDB4F245C55} deleted successfully
HKEY_USERS\S-1-5-21-2684258682-1194155784-308387527-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C442AC41-9200-4770-8CC0-7CDB4F245C55} deleted successfully
HKEY_USERS\S-1-5-21-2684258682-1194155784-308387527-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C442AC41-9200-4770-8CC0-7CDB4F245C55} deleted successfully
HKEY_USERS\S-1-5-21-2684258682-1194155784-308387527-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E0A900DF-9611-4446-86BD-4B1D47E7DB2A} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{4c60e5ab-5c68-4c59-abaa-885010b24b32} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C442AC41-9200-4770-8CC0-7CDB4F245C55} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C442AC41-9200-4770-8CC0-7CDB4F245C55} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-2684258682-1194155784-308387527-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{C66A678D-5E6C-4AF9-8F57-C6192F42CF74} deleted successfully
HKEY_USERS\S-1-5-21-2684258682-1194155784-308387527-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{4c60e5ab-5c68-4c59-abaa-885010b24b32} deleted successfully
HKEY_USERS\S-1-5-21-2684258682-1194155784-308387527-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{6d010537-9e99-400b-b652-b0d5a5757e5d} deleted successfully
HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\65ffxtbr@FromDocToPDF_65.com deleted successfully

==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\Heli\AppData\Roaming\Mozilla\Firefox\Profiles\jepwl8fn.default\prefs.js:

Added to C:\Users\Heli\AppData\Roaming\Mozilla\Firefox\Profiles\jepwl8fn.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Deleted from C:\Users\Heli\AppData\Roaming\TomTom\HOME\Profiles\gdxjkewl.default\prefs.js:

Added to C:\Users\Heli\AppData\Roaming\TomTom\HOME\Profiles\gdxjkewl.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Deleted from C:\Users\Karel\AppData\Roaming\TomTom\HOME\Profiles\ghgq6fra.default\prefs.js:

Added to C:\Users\Karel\AppData\Roaming\TomTom\HOME\Profiles\ghgq6fra.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Deleted from C:\Users\KAREL1~1\AppData\Roaming\Mozilla\Firefox\Profiles\pok8iz8b.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.seznam.cz/");

Added to C:\Users\KAREL1~1\AppData\Roaming\Mozilla\Firefox\Profiles\pok8iz8b.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\Heli\AppData\Roaming\Mozilla\Firefox\Profiles\jepwl8fn.default

user.js not found
---- Lines ffxtbr modified from prefs.js ----

user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"65ffxtbr@FromDocToPDF_65.com\":{\"descriptor\":\"C:\\\\Program Fi
---- FireFox user.js and prefs.js backups ----

prefs_05.10.2015_1529_.backup

ProfilePath: C:\Users\Heli\AppData\Roaming\TomTom\HOME\Profiles\gdxjkewl.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_05.10.2015_1529_.backup

ProfilePath: C:\Users\Karel\AppData\Roaming\TomTom\HOME\Profiles\ghgq6fra.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_05.10.2015_1529_.backup

ProfilePath: C:\Users\KAREL1~1\AppData\Roaming\Mozilla\Firefox\Profiles\pok8iz8b.default

user.js not found
---- Lines ffxtbr modified from prefs.js ----

user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"65ffxtbr@FromDocToPDF_65.com\":{\"descriptor\":\"C:\\\\Program Fi
---- FireFox user.js and prefs.js backups ----

prefs_05.10.2015_1529_.backup

==== Deleting Files \ Folders ======================

C:\Program Files\1dc8655b-d275-4d5e-a7ed-08ee03f5e116 not found
C:\Program Files\TomTom DesktopSuite not found
C:\Program Files\Add to Wunderlist deleted
C:\Program Files\TornPlusTV_version1.11 deleted
C:\PROGRA~2\ghblkfnkhommdkbngcfncpgkdjlmjjef deleted
C:\Users\Heli\AppData\Roaming\PCPowerSpeed deleted
C:\Users\Karel\AppData\Roaming\LogFile.txt deleted
C:\PROGRA~2\as98213.txt deleted
C:\PROGRA~2\ICQ deleted
C:\PROGRA~2\Package Cache deleted
C:\Users\Karel\AppData\Local\CRE deleted
C:\Users\Karel\AppData\Local\Installer deleted
C:\Users\Karel\AppData\Local\CrashRpt deleted
C:\Users\Karel\AppData\LocalLow\TornPlusTV_version1.11 deleted
C:\Windows\Tasks\RegCure Pro_sch_F56727A2-C2E0-11E3-B71A-00241DCEA5BE.job deleted
C:\Windows\system32\Tasks\RegCure Pro_sch_F56727A2-C2E0-11E3-B71A-00241DCEA5BE deleted
C:\Windows\system32\tasks\ShopperPro deleted
C:\Windows\System32\cnm2E52.tmp deleted
C:\Windows\System32\cnmB627.tmp deleted
C:\Windows\System32\AniGIF.ocx deleted
C:\Users\Heli\AppData\Roaming\Mozilla\Firefox\Profiles\jepwl8fn.default\extensions\staged deleted
C:\Users\KAREL1~1\AppData\Roaming\Mozilla\Firefox\Profiles\pok8iz8b.default\extensions\staged deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\Heli\AppData\Roaming\Mozilla\Firefox\Profiles\jepwl8fn.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\Heli\AppData\Roaming\TomTom\HOME\Profiles\gdxjkewl.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\Karel\AppData\Roaming\TomTom\HOME\Profiles\ghgq6fra.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\KAREL1~1\AppData\Roaming\Mozilla\Firefox\Profiles\pok8iz8b.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [22.09.2015 16:14]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Heli\AppData\Roaming\TomTom\HOME\Profiles\gdxjkewl.default
- Map status indicator - C:\Program Files\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com
- TomTom HOME default theme - C:\Program Files\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com

ProfilePath: C:\Users\Karel\AppData\Roaming\TomTom\HOME\Profiles\ghgq6fra.default
- Map status indicator - C:\Program Files\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com
- TomTom HOME default theme - C:\Program Files\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com
- Emulator - %ProfilePath%\extensions\Navcore.8.014.9372@tomtom.com

ProfilePath: C:\Users\KAREL1~1\AppData\Roaming\Mozilla\Firefox\Profiles\pok8iz8b.default
- Undetermined - C:\Users\Karel 1\AppData\Roaming\Mozilla\Firefox\Profiles\pok8iz8b.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}

==== Firefox Plugins ======================


==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
eofcbnmajmjmplflapaojjnihcjkigck - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx[21.09.2015 19:58]
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[21.09.2015 19:58]
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[17.01.2012 12:45]

Skype Click to Call - Karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.msn.com/?pc=MSSE"
"Search Page"="http://www.google.com"
"Default_Page_URL"="http://www.tsbohemia.cz"
"Search Bar"="http://www.google.com/ie"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
@="http://www.google.com/search/?q=%s"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.msn.com/?pc=MSSE"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IESR02"
{61c49f72-26f7-42d9-975c-cf8787374052} Mapy.cz Url="http://www.mapy.cz/?query={searchTerms} ... Listicka_1"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Bing Url="http://www.bing.com/search?q={searchTer ... DF&pc=MSSE"
{70D46D94-BF1E-45ED-B567-48701376298E} Google Desktop Url="http://127.0.0.1:4664/search&s=uGVaUo9X ... earchTerms}"
{9c2d02fc-788d-463f-8659-715cac8fa06b} Firmy.cz Url="http://www.firmy.cz/phr/{searchTerms}?s ... Listicka_1"
{e21059ec-24b4-4efd-a2c1-e7017aa516b8} Zboží.cz Url="http://www.zbozi.cz/?q={searchTerms}&r= ... Listicka_1"
{e53ed4c7-cbb3-44aa-b384-0995b53209f8} Seznam Url="http://search.seznam.cz/?q={searchTerms ... Listicka_1"

==== Reset Google Chrome ======================

C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Preferences.bad was reset successfully
C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Karel\AppData\Roaming\Opera Software\Opera Stable\Preferences was reset successfully
C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Karel\AppData\Roaming\Opera Software\Opera Stable\Web Data was reset successfully
C:\Users\Karel\AppData\Roaming\Opera Software\Opera Stable\Web Data-journal was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{52167B0C-FB5D-43E7-BEC5-24EE6BEE2BA0} deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSC deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegistryBooster deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SiteRanker deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ZyXEL USB Share Center deleted successfully

==== Empty IE Cache ======================

C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Heli\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Karel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Karel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Karel 1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\oem\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\Karel\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully
C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache is not empty, a reboot is needed

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=51 folders=28 18727335 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Heli\AppData\Local\Temp emptied successfully
C:\Users\Karel\AppData\Local\Temp will be emptied at reboot
C:\Users\Karel 1\AppData\Local\Temp emptied successfully
C:\Users\oem\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\oem\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Heli\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\BFDGRQMY\media.novinky.cz" not found
"C:\Users\Karel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NRH7C5L2\cdn1.static.extremetube.phncdn.com" not found
"C:\Users\Karel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NRH7C5L2\cdn1.static.xtube.com" not found
"C:\Users\Karel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NRH7C5L2\cdn1.static.youporn.phncdn.com" not found
"C:\Users\Karel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NRH7C5L2\cfiles.5min.com" not found
"C:\Users\Karel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NRH7C5L2\drtuber.com" not found
"C:\Users\Karel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NRH7C5L2\eu-st.xhcdn.com" not found
"C:\Users\Karel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NRH7C5L2\fbstatic-a.akamaihd.net" not found
"C:\Users\Karel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NRH7C5L2\media.novinky.cz" deleted
"C:\Users\Karel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NRH7C5L2\player.gammae.com" not found
"C:\Users\Karel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NRH7C5L2\ss.phncdn.com" not found
"C:\Users\Karel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NRH7C5L2\static.bz.tour.spartan.contentdef.com" not found
"C:\Users\Karel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NRH7C5L2\static.issuu.com" not found
"C:\Users\Karel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NRH7C5L2\vartuc.com" not found
"C:\Users\Karel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NRH7C5L2\www.drtuber.com" not found
"C:\Users\Karel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NRH7C5L2\www.glasurit.com" not found
"C:\Users\Karel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NRH7C5L2\www.nuvid.com" not found
"C:\Users\Karel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NRH7C5L2\www.performax.cz" not found
"C:\Users\Karel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NRH7C5L2\www.redtube.com" not found
"C:\Users\Karel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NRH7C5L2\www.shemaletubevideos.com" not found
"C:\Users\Karel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NRH7C5L2\www.xmoviles.com" not found
"C:\Users\Karel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NRH7C5L2\www.youshemale.com" not found
"C:\Users\Karel\AppData\Local\Temp\avastBCLTMP" not found
"C:\Users\Karel\AppData\Local\Temp\Low" not found
"C:\Users\Karel\AppData\Local\Temp\Microsoft" not found

==== EOF on po 05.10.2015 at 15:55:42,49 ======================
Nahoru
Jan1233
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 04 zář 2015 17:43

Re: Vytížení hdd na 100%

#13 Příspěvek od Jan1233 »

Bohužel radoval jsem se předčasně :( Problém se po chvíli vrátil.
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Vytížení hdd na 100%

#14 Příspěvek od vyosek »

:arrow: Stahnete si TDSSKiller http://media.kaspersky.com/utilities/Vi ... killer.exe
  • Po spusteni odsouhlaste licencni podminky (klik na Accept)
  • Kliknete na volbu Change parametrs
  • V okne Additional Option zakliknete vsechny moznosti
  • Kliknete na OK
  • Utilite prikazte, at skenuje - klik na Start Scan
  • Po dokonceni skenu se objevi okno, zkontrolujte, zda-li je vsude moznost Skip
  • Pokud moznost Skip nebude primarne nastavena, prekliknete ji na Skip
  • Pokud mate vsude Skip, kliknete na Continue
  • Na disku, kde mate Windows (obvykle c:\) ve tvaru TDSSKiller.nejaka cisilka _log.txt bude log - jeho obsah sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
Jan1233
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 04 zář 2015 17:43

Re: Vytížení hdd na 100%

#15 Příspěvek od Jan1233 »

Bohužel se mi zobrazilo okno, ale nebyli v něm žádné možnosti.
Log přesahoval maximální počet znaků, proto ho posílám přílohou přes ulož to.
http://uloz.to/xroyVzrQ/tdsskiller-3-1- ... 14-log-txt soubor
Zasílám pak print screen okna.
Přílohy
Výstřižek.JPG
Výstřižek.JPG (34.81 KiB) Zobrazeno 4321 x
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“