Zpomalený počítač

Zpráva

Diego_Smith · #1 Příspěvek od **Diego_Smith** » 16 lis 2016 16:30

Prosím o kontrolu, mám velmi zpomalený pc, ale prosím o jednoduche rady protože tomu moc nerozumím děkuji.
Logfile of random's system information tool 1.10 (written by random/random)
Run by Diego at 2016-11-16 16:04:49
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 2 GB (5%) free of 38 GB
Total RAM: 2046 MB (61% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:04:54, on 16.11.2016
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\ByteFence\ByteFenceService.exe
C:\Program Files\Hi-Rez Studios\HiPatchService.exe
C:\WINDOWS\system32\IProsetMonitor.exe
c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\ByteFence\rtop\bin\rtop_bg.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\McAfee Security Scan\3.11.334\SSScheduler.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Diego\Dokumenty\Stažené soubory\RSIT.exe
C:\Program Files\trend micro\Diego.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://de.search.yahoo.com/yhs/web?hsp ... ndows%2BXP
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://de.search.yahoo.com/yhs/web?hsp ... ndows%2BXP
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - {0740f3dd-e1f0-4ec6-8855-04f999d071fa} - (no file)
O1 - Hosts: 0.0.0.1 mssplus.mcafee.com
O2 - BHO: Search Assistant BHO - {481f6b47-2ad8-4c6a-8554-a2897e6cf900} - C:\Program Files\DownSpeedTest_dq\bar\1.bin\dqSrcAs.dll
O2 - BHO: Toolbar BHO - {5818cea7-889d-459a-9a75-889e1298a892} - C:\PROGRA~1\DOWNSP~1\bar\1.bin\dqbar.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [WinZip Malware Protector_startup] "C:\Program Files\WinZip Malware Protector\WinZipMalwareProtector.exe" autolaunch
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [ByteFence] "C:\Program Files\ByteFence\ByteFence.exe" /a
O4 - HKUS\S-1-5-18\..\Run: [ByteFence] "C:\Program Files\ByteFence\ByteFence.exe" /a (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ByteFence] "C:\Program Files\ByteFence\ByteFence.exe" /a (User 'Default user')
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.11.334\SSScheduler.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: ByteFence Anti-Malware Service (ByteFenceService) - Byte Technologies LLC - C:\Program Files\ByteFence\ByteFenceService.exe
O23 - Service: DownSpeedTestService (DownSpeedTest_dqService) - Mindspark - C:\PROGRA~1\DOWNSP~1\bar\1.bin\dqbarsvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - C:\Program Files\Hi-Rez Studios\HiPatchService.exe
O23 - Service: Intel(R) PROSet Monitoring Service - Intel Corporation - C:\WINDOWS\system32\IProsetMonitor.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.11.334\McCHSvc.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: ByteFence Security Real-time Protection (rtop) - Unknown owner - C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe

--
End of file - 6545 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\avast! Emergency Update.job - C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\SafeZone scheduled Autoupdate 1468479553.job - C:\Program Files\AVAST Software\SZBrowser\launcher.exe --scheduledautoupdate $(Arg0)

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Diego\Data aplikací\Mozilla\Firefox\Profiles\fjmy7zn9.default

prefs.js - "browser.startup.homepage" - "http://hp.myway.com/downspeedtest/ttab0 ... =undefined"

"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"{23fcfd51-4958-4f00-80a3-ae97e717ed8b}"=C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
"sp@avast.com"=C:\Program Files\AVAST Software\Avast\SafePrice\FF

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 23.0.0.205 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_23_0_0_205.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw_1225195.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Plus Web Player Plug-In,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\plugins\
nppdf32.dll

C:\Documents and Settings\Diego\Data aplikací\Mozilla\Firefox\Profiles\fjmy7zn9.default\extensions\
_dqMembers_@www.downspeedtest.com
_dzMembers_@www.pconverter.com
_fsMembers_@free.pdfconverterhq.com

C:\Documents and Settings\Diego\Data aplikací\Mozilla\Firefox\Profiles\fjmy7zn9.default\searchplugins\
yahoo! powered.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{481f6b47-2ad8-4c6a-8554-a2897e6cf900}]
Search Assistant BHO - C:\Program Files\DownSpeedTest_dq\bar\1.bin\dqSrcAs.dll [2015-11-02 145744]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5818cea7-889d-459a-9a75-889e1298a892}]
Toolbar BHO - C:\PROGRA~1\DOWNSP~1\bar\1.bin\dqbar.dll [2015-11-02 1021776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-07-12 716632]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-08-09 8900328]
"WinZip Malware Protector_startup"=C:\Program Files\WinZip Malware Protector\WinZipMalwareProtector.exe [2016-05-12 6792944]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2005-06-21 155648]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2005-06-21 126976]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19 1022152]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Steam"=C:\Program Files\Steam\steam.exe -silent []
"ByteFence"=C:\Program Files\ByteFence\ByteFence.exe [2016-10-05 2168288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Reader Speed Launch.lnk]
C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE []

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.11.334\SSScheduler.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxsrvc.dll [2005-06-21 348160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ7.7\ICQ.exe"="C:\Program Files\ICQ7.7\ICQ.exe:*:Enabled:ICQ7.7"
"C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player"
"C:\Program Files\Maxthon\Bin\MxUp.exe"="C:\Program Files\Maxthon\Bin\MxUp.exe:*:Enabled:MxUp"
"C:\Program Files\Maxthon\Bin\Maxthon.exe"="C:\Program Files\Maxthon\Bin\Maxthon.exe:*:Enabled:Maxthon"
"C:\Program Files\Google\Chrome\Application\chrome.exe"="C:\Program Files\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome"
"C:\Program Files\Java\jre7\bin\java.exe"="C:\Program Files\Java\jre7\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Sportingbet\ParadisePoker.exe"="C:\Sportingbet\ParadisePoker.exe:*:Enabled:ParadisePoker"
"C:\Documents and Settings\Master\Data aplikací\uTorrent\uTorrent.exe"="C:\Documents and Settings\Master\Data aplikací\uTorrent\uTorrent.exe:*:Enabled:µTorrent (Master)"
"C:\Documents and Settings\Master\Counter-Strike 1.6\hl.exe"="C:\Documents and Settings\Master\Counter-Strike 1.6\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"C:\Program Files\Steam\bin\steamwebhelper.exe"="C:\Program Files\Steam\bin\steamwebhelper.exe:*:Enabled:Steam Web Helper"
"C:\Documents and Settings\Diego\Plocha\eminem2\Stranded Multiplayer English\StrandedII.exe"="C:\Documents and Settings\Diego\Plocha\eminem2\Stranded Multiplayer English\StrandedII.exe:*:Disabled:StrandedII"
"C:\Documents and Settings\Diego\Counter-Strike 1.6\hl.exe"="C:\Documents and Settings\Diego\Counter-Strike 1.6\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox (C:\Program Files\Mozilla Firefox)"
"C:\Program Files\Microsoft Games\Halo\halo.exe"="C:\Program Files\Microsoft Games\Halo\halo.exe:*:Enabled:Halo"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ7.7\ICQ.exe"="C:\Program Files\ICQ7.7\ICQ.exe:*:Enabled:ICQ7.7"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"vidc.DIVX"=DivX.dll
"vidc.yv12"=DivX.dll

======List of files/folders created in the last 1 month======

2016-11-10 18:56:57 ----A---- C:\WINDOWS\d3dx.dat
2016-11-06 21:36:15 ----D---- C:\Documents and Settings\Diego\Data aplikací\WinRAR
2016-10-30 13:07:57 ----D---- C:\Program Files\GameSpy Arcade
2016-10-30 13:07:45 ----D---- C:\Program Files\MSXML 4.0
2016-10-30 12:36:05 ----D---- C:\Documents and Settings\Diego\Data aplikací\OpenOffice
2016-10-30 11:16:31 ----D---- C:\Documents and Settings\All Users\Data aplikací\ByteFence
2016-10-30 11:06:47 ----D---- C:\Documents and Settings\All Users\Data aplikací\{E259273A-681B-ADFC-EEDD-33BE749FB870}
2016-10-30 11:05:41 ----D---- C:\Documents and Settings\Diego\Data aplikací\Nico Mak Computing
2016-10-30 11:04:46 ----HD---- C:\WINDOWS\system32\GroupPolicy
2016-10-30 11:04:31 ----D---- C:\Documents and Settings\All Users\Data aplikací\Nico Mak Computing
2016-10-30 11:04:29 ----D---- C:\Program Files\WinZip Malware Protector
2016-10-30 11:04:29 ----A---- C:\WINDOWS\system32\wsusnative32.exe
2016-10-30 11:03:58 ----D---- C:\Program Files\ByteFence
2016-10-30 11:03:52 ----D---- C:\Program Files\Offers Olymp
2016-10-28 10:02:08 ----D---- C:\Documents and Settings\Diego\Data aplikací\Seznam.cz
2016-10-28 09:45:40 ----D---- C:\Program Files\Mozilla Firefox
2016-10-28 09:21:41 ----D---- C:\Documents and Settings\All Users\Data aplikací\McAfee Security Scan
2016-10-28 09:21:38 ----D---- C:\Program Files\McAfee Security Scan
2016-10-20 18:26:51 ----D---- C:\Program Files\Common Files\DirectX
2016-10-20 18:13:13 ----D---- C:\Documents and Settings\Diego\Data aplikací\InstalujDownloader

======List of files/folders modified in the last 1 month======

2016-11-16 16:04:52 ----D---- C:\Program Files\trend micro
2016-11-16 15:52:35 ----D---- C:\Documents and Settings\Diego\Data aplikací\vlc
2016-11-16 15:38:01 ----D---- C:\Program Files
2016-11-16 15:23:51 ----SD---- C:\WINDOWS\Tasks
2016-11-16 15:01:47 ----D---- C:\WINDOWS\Temp
2016-11-16 12:29:53 ----D---- C:\Program Files\Hi-Rez Studios
2016-11-15 21:43:00 ----A---- C:\WINDOWS\SchedLgU.Txt
2016-11-15 20:08:17 ----D---- C:\WINDOWS\Prefetch
2016-11-15 18:50:46 ----D---- C:\WINDOWS\system32\CatRoot2
2016-11-15 17:33:57 ----D---- C:\WINDOWS\system32\drivers
2016-11-14 14:03:32 ----SD---- C:\WINDOWS\system32\Microsoft
2016-11-12 20:40:57 ----D---- C:\WINDOWS
2016-11-12 20:24:37 ----RASH---- C:\boot.ini
2016-11-12 20:24:36 ----AC---- C:\WINDOWS\win.ini
2016-11-12 20:24:36 ----A---- C:\WINDOWS\system.ini
2016-10-30 15:06:06 ----D---- C:\WINDOWS\system32
2016-10-30 15:05:56 ----SHD---- C:\WINDOWS\Installer
2016-10-30 15:05:56 ----D---- C:\Config.Msi
2016-10-30 15:00:53 ----HD---- C:\WINDOWS\inf
2016-10-30 13:07:49 ----D---- C:\WINDOWS\WinSxS
2016-10-30 11:16:39 ----D---- C:\WINDOWS\system32\config
2016-10-30 11:16:08 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2016-10-30 11:15:53 ----D---- C:\WINDOWS\system32\Macromed
2016-10-30 11:11:07 ----SD---- C:\Documents and Settings\Diego\Data aplikací\Microsoft
2016-10-30 08:38:58 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-10-27 18:19:13 ----D---- C:\Documents and Settings\All Users\Data aplikací\Avery
2016-10-20 18:26:51 ----D---- C:\Program Files\Common Files

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2016-07-12 60424]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2016-08-08 224616]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2011-11-29 45648]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2016-07-12 35096]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2016-07-12 64272]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2016-07-12 816304]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2016-07-14 438296]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-18 12032]
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2016-07-12 34008]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2016-07-12 91680]
R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2002-04-01 4816]
R3 aswStmXP;Avast StreamFilter Driver; C:\WINDOWS\system32\drivers\aswStmXP.sys [2016-07-12 184592]
R3 E100B;Intel(R) PRO Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2007-11-16 165496]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-06-21 807998]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2003-05-27 578304]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S0 cercsr6;cercsr6; C:\WINDOWS\system32\drivers\cercsr6.sys [2005-04-06 39904]
S3 aswTdi;aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [2016-07-12 66688]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S4 exFat;exFat; C:\WINDOWS\system32\drivers\exFat.sys [2008-09-29 133632]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-07-12 197128]
R2 ByteFenceService;ByteFence Anti-Malware Service; C:\Program Files\ByteFence\ByteFenceService.exe [2016-10-05 145888]
R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service; C:\Program Files\Hi-Rez Studios\HiPatchService.exe [2016-09-19 9728]
R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service; C:\WINDOWS\system32\IProsetMonitor.exe [2013-04-05 121600]
R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2010-03-10 189728]
R2 rtop;ByteFence Security Real-time Protection; C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe [2016-10-30 254280]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 DownSpeedTest_dqService;DownSpeedTestService; C:\PROGRA~1\DOWNSP~1\bar\1.bin\dqbarsvc.exe [2015-11-02 89424]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-02-04 107848]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-10-30 270016]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-02-04 107848]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.11.334\McCHSvc.exe [2016-05-31 239880]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

#2 Příspěvek od **Rudy** » 16 lis 2016 17:00

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

Diego_Smith · #3 Příspěvek od **Diego_Smith** » 16 lis 2016 17:18

# AdwCleaner v6.030 - Log soubor vytvořen 16/11/2016 na 17:12:41
# Aktualizováno dne 19/10/2016 z Malwarebytes
# Databáze : 2016-11-15.1 [Server]
# Operační systém : Microsoft Windows XP Service Pack 3 (X86)
# Uživatelské jméno : Diego - X
# Beží od : C:\Documents and Settings\Diego\Dokumenty\Stažené soubory\adwcleaner_6.030.exe
# Mod: Skenování
# Podpora : https://www.malwarebytes.com/support

***** [ Služby ] *****

SLužba nalezena: DownSpeedTest_dqService
SLužba nalezena: rtop
SLužba nalezena: ByteFenceService

***** [ Adresáře ] *****

Složka nalezena: C:\Program Files\DownSpeedTest_dq
Složka nalezena: C:\Documents and Settings\All Users\Data aplikací\ByteFence
Složka nalezena: C:\Documents and Settings\All Users\Data aplikací\Nico Mak Computing\WinZip Malware Protector
Složka nalezena: C:\Documents and Settings\All Users\Data aplikací\ICQ\ICQNewTab
Složka nalezena: C:\Documents and Settings\All Users\Nabídka Start\Programy\WinZip Malware Protector
Složka nalezena: C:\Program Files\ByteFence
Složka nalezena: C:\Program Files\WinZip Malware Protector
Složka nalezena: C:\Program Files\DownSpeedTest_dq

***** [ Soubory ] *****

Soubor nalezen: C:\Documents and Settings\All Users\Nabídka Start\Programy\HowToRemove.html.lnk

***** [ DLL ] *****

Nebyly nalezeny žádné škodlivé DLL soubory.

***** [ WMI ] *****

Nebyly nalezeny žádné škodlivé klíče.

***** [ Zástupce ] *****

Žádné infikovaný zástupce nenalezen.

***** [ Plánovač úloh ] *****

Žádný nebezpečná úloha nenalezena.

***** [ Registry ] *****

Klíč nalezen: HKU\S-1-5-21-1390067357-2147094087-725345543-1210\Software\DownSpeedTest_dq
Klíč nalezen: HKU\S-1-5-21-1390067357-2147094087-725345543-1210\Software\DownSpeedTest_dq_is1
Klíč nalezen: HKCU\Software\DownSpeedTest_dq
Klíč nalezen: HKCU\Software\DownSpeedTest_dq_is1
Klíč nalezen: HKLM\SOFTWARE\DownSpeedTest_dq
Klíč nalezen: HKLM\SOFTWARE\DownSpeedTest_dq_is1
Klíč nalezen: HKLM\SOFTWARE\Classes\DownSpeedTest_dq.HTMLMenu
Klíč nalezen: HKLM\SOFTWARE\Classes\DownSpeedTest_dq.HTMLMenu.1
Klíč nalezen: HKLM\SOFTWARE\Classes\DownSpeedTest_dq.HTMLPanel
Klíč nalezen: HKLM\SOFTWARE\Classes\DownSpeedTest_dq.HTMLPanel.1
Klíč nalezen: HKLM\SOFTWARE\Classes\DownSpeedTest_dq.PseudoTransparentPlugin
Klíč nalezen: HKLM\SOFTWARE\Classes\DownSpeedTest_dq.PseudoTransparentPlugin.1
Klíč nalezen: HKLM\SOFTWARE\Classes\DownSpeedTest_dq.SettingsPlugin
Klíč nalezen: HKLM\SOFTWARE\Classes\DownSpeedTest_dq.SettingsPlugin.1
Klíč nalezen: HKLM\SOFTWARE\Classes\DownSpeedTest_dq.ToolbarProtector
Klíč nalezen: HKLM\SOFTWARE\Classes\DownSpeedTest_dq.ToolbarProtector.1
Klíč nalezen: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DownSpeedTest_dqbar Uninstall Internet Explorer
Klíč nalezen: HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{191e1ff6-1591-48c4-9466-97786f77c59c}
Klíč nalezen: HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{38a47c43-6519-421e-a7c3-ade7b2620300}
Klíč nalezen: HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{81b4e4a2-5055-4ff0-aafb-4da22e82a029}
Klíč nalezen: HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{df1dccf9-c65b-4058-b242-9c49915b2b16}
Klíč nalezen: HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e8afd79b-ec57-4e25-8f7b-e4fc4c6cc1a2}
Klíč nalezen: HKLM\SOFTWARE\Classes\CLSID\{07b2ca6f-4265-445d-9ef8-deab736437c1}
Klíč nalezen: HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{07b2ca6f-4265-445d-9ef8-deab736437c1}
Klíč nalezen: HKLM\SOFTWARE\Classes\CLSID\{269dccde-3fc0-40a6-b68f-9b26994b4174}
Klíč nalezen: HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{269dccde-3fc0-40a6-b68f-9b26994b4174}
Klíč nalezen: HKLM\SOFTWARE\Classes\CLSID\{2cea2c56-5de8-4ff3-9749-37b280602a6a}
Klíč nalezen: HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{2cea2c56-5de8-4ff3-9749-37b280602a6a}
Klíč nalezen: HKLM\SOFTWARE\Classes\DownSpeedTest_dq.PseudoTransparentPlugin.DownSpeedTest_dq.PseudoTransparentPlugin
Klíč nalezen: HKLM\SOFTWARE\Classes\DownSpeedTest_dq.PseudoTransparentPlugin.DownSpeedTest_dq.PseudoTransparentPlugin.1
Klíč nalezen: HKLM\SOFTWARE\Classes\CLSID\{481f6b47-2ad8-4c6a-8554-a2897e6cf900}
Klíč nalezen: HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{481f6b47-2ad8-4c6a-8554-a2897e6cf900}
Klíč nalezen: HKLM\SOFTWARE\Classes\CLSID\{5818cea7-889d-459a-9a75-889e1298a892}
Klíč nalezen: HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{5818cea7-889d-459a-9a75-889e1298a892}
Klíč nalezen: HKLM\SOFTWARE\Classes\CLSID\{74e32eb6-7aa7-4f33-a9b2-dc6a0465c399}
Klíč nalezen: HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{74e32eb6-7aa7-4f33-a9b2-dc6a0465c399}
Klíč nalezen: HKLM\SOFTWARE\Classes\CLSID\{81b4e4a2-5055-4ff0-aafb-4da22e82a029}
Klíč nalezen: HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{81b4e4a2-5055-4ff0-aafb-4da22e82a029}
Klíč nalezen: HKLM\SOFTWARE\Classes\CLSID\{B193B121-E4C0-41AC-96A3-CEA6C6C06FFA}
Klíč nalezen: HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{B193B121-E4C0-41AC-96A3-CEA6C6C06FFA}
Klíč nalezen: HKLM\SOFTWARE\Classes\DownSpeedTest_dq.HTMLMenu.DownSpeedTest_dq.HTMLMenu
Klíč nalezen: HKLM\SOFTWARE\Classes\DownSpeedTest_dq.HTMLMenu.DownSpeedTest_dq.HTMLMenu.1
Klíč nalezen: HKLM\SOFTWARE\Classes\CLSID\{b533ae56-ea28-440f-ae2b-e0b813c3b8a5}
Klíč nalezen: HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{b533ae56-ea28-440f-ae2b-e0b813c3b8a5}
Klíč nalezen: HKLM\SOFTWARE\Classes\DownSpeedTest_dq.ToolbarProtector.DownSpeedTest_dq.ToolbarProtector
Klíč nalezen: HKLM\SOFTWARE\Classes\DownSpeedTest_dq.ToolbarProtector.DownSpeedTest_dq.ToolbarProtector.1
Klíč nalezen: HKLM\SOFTWARE\Classes\CLSID\{bcad9ea7-7173-4c4c-a10b-9e725b429dda}
Klíč nalezen: HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{bcad9ea7-7173-4c4c-a10b-9e725b429dda}
Klíč nalezen: HKLM\SOFTWARE\Classes\DownSpeedTest_dq.SettingsPlugin.DownSpeedTest_dq.SettingsPlugin
Klíč nalezen: HKLM\SOFTWARE\Classes\DownSpeedTest_dq.SettingsPlugin.DownSpeedTest_dq.SettingsPlugin.1
Klíč nalezen: HKLM\SOFTWARE\Classes\CLSID\{c001e666-78b9-4c4b-9d64-37d3564a2feb}
Klíč nalezen: HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{c001e666-78b9-4c4b-9d64-37d3564a2feb}
Klíč nalezen: HKLM\SOFTWARE\Classes\DownSpeedTest_dq.HTMLPanel.DownSpeedTest_dq.HTMLPanel
Klíč nalezen: HKLM\SOFTWARE\Classes\DownSpeedTest_dq.HTMLPanel.DownSpeedTest_dq.HTMLPanel.1
Klíč nalezen: {0CF338F8-2FFE-48F7-9435-F3ACD7E52F22}
Klíč nalezen: {4113CBE6-2D25-4003-BFDD-996EA30A6D13}
Klíč nalezen: {5335A810-9319-4B24-9728-A080DB9ADDFD}
Klíč nalezen: {5D6A8850-CAAD-437B-85D4-7B9906EE2675}
Klíč nalezen: {64B72870-0439-4769-A7B1-392E889A06F2}
Klíč nalezen: {8B28D8A9-B446-4C20-9398-1E8EA8F1E828}
Klíč nalezen: {FF1DF36C-E7D4-4036-8510-BB533455A901}
Klíč nalezen: HKLM\SOFTWARE\Classes\Interface\{01B4B293-C519-46B6-AB62-22C7BA9D99DB}
Klíč nalezen: HKLM\SOFTWARE\Classes\Interface\{0309E3C3-3C32-4502-9A9B-44B6E6BFC6EF}
Klíč nalezen: HKLM\SOFTWARE\Classes\Interface\{14F31740-A490-4821-9B6F-F0C75E98C930}
Klíč nalezen: HKLM\SOFTWARE\Classes\Interface\{191E1FF6-1591-48C4-9466-97786F77C59C}
Klíč nalezen: HKLM\SOFTWARE\Classes\Interface\{2A531181-0EFE-48C4-BFA6-7E26811D7D63}
Klíč nalezen: HKLM\SOFTWARE\Classes\Interface\{38A47C43-6519-421E-A7C3-ADE7B2620300}
Klíč nalezen: HKLM\SOFTWARE\Classes\Interface\{61073ADC-DD2E-43B1-8759-80684188EBD2}
Klíč nalezen: HKLM\SOFTWARE\Classes\Interface\{6430C9D6-B45D-468E-9F3B-A1BF46921849}
Klíč nalezen: HKLM\SOFTWARE\Classes\Interface\{92C5BA9B-B131-4128-8AB3-300AD6497DE2}
Klíč nalezen: HKLM\SOFTWARE\Classes\Interface\{96677294-8210-418F-97E6-FF077200B211}
Klíč nalezen: HKLM\SOFTWARE\Classes\Interface\{A6E67369-D550-4615-AAA4-EC59FFB18CF0}
Klíč nalezen: HKLM\SOFTWARE\Classes\Interface\{B24D5055-7F1D-458A-8295-41600355DED9}
Klíč nalezen: HKLM\SOFTWARE\Classes\Interface\{CFC3195C-9DEE-4E6E-81A8-15E0E386CA39}
Klíč nalezen: HKLM\SOFTWARE\Classes\Interface\{EEED3DC6-6D95-4392-B9CD-B971FE06A768}
Klíč nalezen: HKLM\SOFTWARE\Classes\Interface\{F3C69F5B-9A6D-4A3F-B30A-AD81A0452998}
Klíč nalezen: HKLM\SOFTWARE\Classes\Interface\{F8CE8CEA-E6B6-448E-9DAB-4C4C35D23431}
Klíč nalezen: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\ByteFenceService
Klíč nalezen: HKLM\SOFTWARE\Classes\OCComSDK.ComSDK
Klíč nalezen: HKLM\SOFTWARE\Classes\OCComSDK.ComSDK.1
Klíč nalezen: HKLM\SOFTWARE\Classes\CLSID\{0757C9D8-D8A3-33F5-CEE2-11D09918BA8F}
Klíč nalezen: HKLM\SOFTWARE\Classes\CLSID\{B9D64D3B-BE75-4FA2-B94A-C4AE772A0146}
Klíč nalezen: HKLM\SOFTWARE\Classes\CLSID\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}
Klíč nalezen: HKLM\SOFTWARE\Classes\Interface\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270}
Klíč nalezen: HKLM\SOFTWARE\Classes\Interface\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}
Klíč nalezen: HKLM\SOFTWARE\Classes\TypeLib\{1112F282-7099-4624-A439-DB29D6551552}
Klíč nalezen: HKU\S-1-5-21-1390067357-2147094087-725345543-1210\Software\ByteFence
Klíč nalezen: HKU\S-1-5-21-1390067357-2147094087-725345543-1210\Software\PRODUCTSETUP
Klíč nalezen: HKU\S-1-5-21-1390067357-2147094087-725345543-1210\Software\csastats
Klíč nalezen: HKU\S-1-5-21-1390067357-2147094087-725345543-1210\Software\NICO MAK COMPUTING\WINZIP MALWARE PROTECTOR
Klíč nalezen: HKCU\Software\ByteFence
Klíč nalezen: HKCU\Software\PRODUCTSETUP
Klíč nalezen: HKCU\Software\csastats
Klíč nalezen: HKCU\Software\NICO MAK COMPUTING\WINZIP MALWARE PROTECTOR
Klíč nalezen: HKLM\SOFTWARE\ByteFence
Klíč nalezen: HKLM\SOFTWARE\Reg\Clean
Klíč nalezen: HKLM\SOFTWARE\Mail.Ru
Klíč nalezen: HKLM\SOFTWARE\NICO MAK COMPUTING\WINZIP MALWARE PROTECTOR
Klíč nalezen: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ByteFence
Klíč nalezen: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WinZip Malware Protector_is1
Data nalezena: HKU\S-1-5-21-1390067357-2147094087-725345543-1210\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxps://de.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_tchfld_16_4
Data nalezena: HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxps://de.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_tchfld_16_43&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dde%26
Data nalezena: HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxps://de.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_tchfld_16_43&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dde%26
Data nalezena: HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs] - hxxps://de.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_tchfld_16_43&param1=1&param2=f%3D2%26b%3DIE%26cc%3Dde%26p
Klíč nalezen: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Data nalezena: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope] -
Klíč nalezen: HKCU\Software\Google\Chrome\Extensions\pilplloabdedfmialnfchjomjmpjcoej
Klíč nalezen: HKLM\SOFTWARE\Google\Chrome\Extensions\pilplloabdedfmialnfchjomjmpjcoej

***** [ Internetové prohlížeče ] *****

Nebyly nalezeny žádné škodlivé položky prohlížeče Firefox báze.
Nebyly nalezeny žádné škodlivé položky prohlížeče Chromium báze.

*************************

C:\AdwCleaner\AdwCleaner[S0].txt - [11779 Bajtů] - [16/11/2016 17:12:41]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [11854 Bajtů] ##########

#4 Příspěvek od **Rudy** » 16 lis 2016 18:05

Neklikl jste na mazání, ADW nemazal. Zkuste to ještě jednou.

Diego_Smith · #5 Příspěvek od **Diego_Smith** » 16 lis 2016 18:42

# AdwCleaner v6.030 - Log soubor vytvořen 16/11/2016 na 18:34:19
# Aktualizováno dne 19/10/2016 z Malwarebytes
# Databáze : 2016-11-15.1 [Server]
# Operační systém : Microsoft Windows XP Service Pack 3 (X86)
# Uživatelské jméno : Diego - X
# Beží od : C:\Documents and Settings\Diego\Dokumenty\Stažené soubory\adwcleaner_6.030.exe
# Mod: Čištění
# Podpora : hxxps://www.malwarebytes.com/support

***** [ Služby ] *****

***** [ Adresáře ] *****

***** [ Soubory ] *****

***** [ DLL ] *****

***** [ WMI ] *****

***** [ Zástupce ] *****

***** [ Plánovač úloh ] *****

***** [ Registry ] *****

[-] Klíč smazán:HKLM\SOFTWARE\Reg\Clean
[-] Klíč smazán:HKLM\SOFTWARE\Mail.Ru
[-] Klíč smazán:HKLM\SOFTWARE\NICO MAK COMPUTING\WINZIP MALWARE PROTECTOR
[-] Klíč smazán:HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ByteFence
[-] Klíč smazán:HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WinZip Malware Protector_is1
[-] Data obnovena:HKU\S-1-5-21-1390067357-2147094087-725345543-1003\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data obnovena:HKU\S-1-5-21-1390067357-2147094087-725345543-1210\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data obnovena:HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data obnovena:HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Data obnovena:HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]
[-] Klíč smazán:HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Data obnovena:HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Klíč smazán:HKCU\Software\Google\Chrome\Extensions\pilplloabdedfmialnfchjomjmpjcoej
[-] Klíč smazán:HKLM\SOFTWARE\Google\Chrome\Extensions\pilplloabdedfmialnfchjomjmpjcoej

***** [ Prohlížeče ] *****

*************************

:: "Tracing" klíč smazán
:: Winsock nastavení vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [2115 Bajtů] - [16/11/2016 18:34:19]
C:\AdwCleaner\AdwCleaner[S0].txt - [11935 Bajtů] - [16/11/2016 17:12:41]
C:\AdwCleaner\AdwCleaner[S1].txt - [5557 Bajtů] - [16/11/2016 18:20:26]
C:\AdwCleaner\AdwCleaner[S2].txt - [3337 Bajtů] - [16/11/2016 18:33:00]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [2412 Bajtů] ##########

#6 Příspěvek od **Rudy** » 16 lis 2016 19:29

Teď je to OK. Dejte nový log RSIT.

Diego_Smith · #7 Příspěvek od **Diego_Smith** » 16 lis 2016 19:48

Logfile of random's system information tool 1.10 (written by random/random)
Run by Diego at 2016-11-16 19:47:29
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 3 GB (7%) free of 38 GB
Total RAM: 2046 MB (66% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:47:35, on 16.11.2016
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Hi-Rez Studios\HiPatchService.exe
C:\WINDOWS\system32\IProsetMonitor.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\McAfee Security Scan\3.11.334\SSScheduler.exe
c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\Diego\Dokumenty\Stažené soubory\RSIT(2).exe
C:\Program Files\trend micro\Diego.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - {0740f3dd-e1f0-4ec6-8855-04f999d071fa} - (no file)
O1 - Hosts: 0.0.0.1 mssplus.mcafee.com
O2 - BHO: Search Assistant BHO - {481f6b47-2ad8-4c6a-8554-a2897e6cf900} - C:\Program Files\DownSpeedTest_dq\bar\1.bin\dqSrcAs.dll (file missing)
O2 - BHO: Toolbar BHO - {5818cea7-889d-459a-9a75-889e1298a892} - C:\PROGRA~1\DOWNSP~1\bar\1.bin\dqbar.dll (file missing)
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [WinZip Malware Protector_startup] "C:\Program Files\WinZip Malware Protector\WinZipMalwareProtector.exe" autolaunch
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [ByteFence] "C:\Program Files\ByteFence\ByteFence.exe" /a
O4 - HKUS\S-1-5-18\..\Run: [ByteFence] "C:\Program Files\ByteFence\ByteFence.exe" /a (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ByteFence] "C:\Program Files\ByteFence\ByteFence.exe" /a (User 'Default user')
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.11.334\SSScheduler.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - C:\Program Files\Hi-Rez Studios\HiPatchService.exe
O23 - Service: Intel(R) PROSet Monitoring Service - Intel Corporation - C:\WINDOWS\system32\IProsetMonitor.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.11.334\McCHSvc.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe

--
End of file - 4918 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\avast! Emergency Update.job - C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\SafeZone scheduled Autoupdate 1468479553.job - C:\Program Files\AVAST Software\SZBrowser\launcher.exe --scheduledautoupdate $(Arg0)

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Diego\Data aplikací\Mozilla\Firefox\Profiles\fjmy7zn9.default

prefs.js - "browser.startup.homepage" - "http://hp.myway.com/downspeedtest/ttab0 ... =undefined"

"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"{23fcfd51-4958-4f00-80a3-ae97e717ed8b}"=C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
"sp@avast.com"=C:\Program Files\AVAST Software\Avast\SafePrice\FF

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 23.0.0.205 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_23_0_0_205.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw_1225195.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Plus Web Player Plug-In,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\plugins\
nppdf32.dll

C:\Documents and Settings\Diego\Data aplikací\Mozilla\Firefox\Profiles\fjmy7zn9.default\extensions\
_dqMembers_@www.downspeedtest.com
_dzMembers_@www.pconverter.com
_fsMembers_@free.pdfconverterhq.com

C:\Documents and Settings\Diego\Data aplikací\Mozilla\Firefox\Profiles\fjmy7zn9.default\searchplugins\
yahoo! powered.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{481f6b47-2ad8-4c6a-8554-a2897e6cf900}]
Search Assistant BHO - C:\Program Files\DownSpeedTest_dq\bar\1.bin\dqSrcAs.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5818cea7-889d-459a-9a75-889e1298a892}]
Toolbar BHO - C:\PROGRA~1\DOWNSP~1\bar\1.bin\dqbar.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-07-12 716632]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-08-09 8900328]
"WinZip Malware Protector_startup"=C:\Program Files\WinZip Malware Protector\WinZipMalwareProtector.exe autolaunch []
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2005-06-21 155648]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2005-06-21 126976]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19 1022152]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Steam"=C:\Program Files\Steam\steam.exe -silent []
"ByteFence"=C:\Program Files\ByteFence\ByteFence.exe /a []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Reader Speed Launch.lnk]
C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE []

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.11.334\SSScheduler.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxsrvc.dll [2005-06-21 348160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ7.7\ICQ.exe"="C:\Program Files\ICQ7.7\ICQ.exe:*:Enabled:ICQ7.7"
"C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player"
"C:\Program Files\Maxthon\Bin\MxUp.exe"="C:\Program Files\Maxthon\Bin\MxUp.exe:*:Enabled:MxUp"
"C:\Program Files\Maxthon\Bin\Maxthon.exe"="C:\Program Files\Maxthon\Bin\Maxthon.exe:*:Enabled:Maxthon"
"C:\Program Files\Google\Chrome\Application\chrome.exe"="C:\Program Files\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome"
"C:\Program Files\Java\jre7\bin\java.exe"="C:\Program Files\Java\jre7\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Sportingbet\ParadisePoker.exe"="C:\Sportingbet\ParadisePoker.exe:*:Enabled:ParadisePoker"
"C:\Documents and Settings\Master\Data aplikací\uTorrent\uTorrent.exe"="C:\Documents and Settings\Master\Data aplikací\uTorrent\uTorrent.exe:*:Enabled:µTorrent (Master)"
"C:\Documents and Settings\Master\Counter-Strike 1.6\hl.exe"="C:\Documents and Settings\Master\Counter-Strike 1.6\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"C:\Program Files\Steam\bin\steamwebhelper.exe"="C:\Program Files\Steam\bin\steamwebhelper.exe:*:Enabled:Steam Web Helper"
"C:\Documents and Settings\Diego\Plocha\eminem2\Stranded Multiplayer English\StrandedII.exe"="C:\Documents and Settings\Diego\Plocha\eminem2\Stranded Multiplayer English\StrandedII.exe:*:Disabled:StrandedII"
"C:\Documents and Settings\Diego\Counter-Strike 1.6\hl.exe"="C:\Documents and Settings\Diego\Counter-Strike 1.6\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox (C:\Program Files\Mozilla Firefox)"
"C:\Program Files\Microsoft Games\Halo\halo.exe"="C:\Program Files\Microsoft Games\Halo\halo.exe:*:Enabled:Halo"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ7.7\ICQ.exe"="C:\Program Files\ICQ7.7\ICQ.exe:*:Enabled:ICQ7.7"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"vidc.DIVX"=DivX.dll
"vidc.yv12"=DivX.dll

======List of files/folders created in the last 1 month======

2016-11-16 17:10:30 ----DC---- C:\AdwCleaner
2016-11-10 18:56:57 ----A---- C:\WINDOWS\d3dx.dat
2016-11-06 21:36:15 ----D---- C:\Documents and Settings\Diego\Data aplikací\WinRAR
2016-10-30 13:07:57 ----D---- C:\Program Files\GameSpy Arcade
2016-10-30 13:07:45 ----D---- C:\Program Files\MSXML 4.0
2016-10-30 12:36:05 ----D---- C:\Documents and Settings\Diego\Data aplikací\OpenOffice
2016-10-30 11:06:47 ----D---- C:\Documents and Settings\All Users\Data aplikací\{E259273A-681B-ADFC-EEDD-33BE749FB870}
2016-10-30 11:05:41 ----D---- C:\Documents and Settings\Diego\Data aplikací\Nico Mak Computing
2016-10-30 11:04:46 ----HD---- C:\WINDOWS\system32\GroupPolicy
2016-10-30 11:04:31 ----D---- C:\Documents and Settings\All Users\Data aplikací\Nico Mak Computing
2016-10-30 11:04:29 ----A---- C:\WINDOWS\system32\wsusnative32.exe
2016-10-30 11:03:52 ----D---- C:\Program Files\Offers Olymp
2016-10-28 10:02:08 ----D---- C:\Documents and Settings\Diego\Data aplikací\Seznam.cz
2016-10-28 09:45:40 ----D---- C:\Program Files\Mozilla Firefox
2016-10-28 09:21:41 ----D---- C:\Documents and Settings\All Users\Data aplikací\McAfee Security Scan
2016-10-28 09:21:38 ----D---- C:\Program Files\McAfee Security Scan
2016-10-20 18:26:51 ----D---- C:\Program Files\Common Files\DirectX
2016-10-20 18:13:13 ----D---- C:\Documents and Settings\Diego\Data aplikací\InstalujDownloader

======List of files/folders modified in the last 1 month======

2016-11-16 19:47:34 ----D---- C:\Program Files\trend micro
2016-11-16 18:44:28 ----D---- C:\Program Files
2016-11-16 18:37:02 ----D---- C:\WINDOWS\Temp
2016-11-16 18:36:29 ----D---- C:\Program Files\Hi-Rez Studios
2016-11-16 18:35:02 ----A---- C:\WINDOWS\SchedLgU.Txt
2016-11-16 18:15:11 ----D---- C:\WINDOWS\system32\CatRoot2
2016-11-16 17:40:23 ----D---- C:\WINDOWS\system32\drivers
2016-11-16 17:23:52 ----D---- C:\WINDOWS\Prefetch
2016-11-16 17:23:40 ----D---- C:\Documents and Settings\All Users\Data aplikací\ICQ
2016-11-16 15:52:35 ----D---- C:\Documents and Settings\Diego\Data aplikací\vlc
2016-11-16 15:23:51 ----SD---- C:\WINDOWS\Tasks
2016-11-14 14:03:32 ----SD---- C:\WINDOWS\system32\Microsoft
2016-11-12 20:40:57 ----D---- C:\WINDOWS
2016-11-12 20:24:37 ----RASH---- C:\boot.ini
2016-11-12 20:24:36 ----AC---- C:\WINDOWS\win.ini
2016-11-12 20:24:36 ----A---- C:\WINDOWS\system.ini
2016-10-30 15:06:06 ----D---- C:\WINDOWS\system32
2016-10-30 15:05:56 ----SHD---- C:\WINDOWS\Installer
2016-10-30 15:05:56 ----D---- C:\Config.Msi
2016-10-30 15:00:53 ----HD---- C:\WINDOWS\inf
2016-10-30 13:07:49 ----D---- C:\WINDOWS\WinSxS
2016-10-30 11:16:39 ----D---- C:\WINDOWS\system32\config
2016-10-30 11:16:08 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2016-10-30 11:15:53 ----D---- C:\WINDOWS\system32\Macromed
2016-10-30 11:11:07 ----SD---- C:\Documents and Settings\Diego\Data aplikací\Microsoft
2016-10-30 08:38:58 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-10-27 18:19:13 ----D---- C:\Documents and Settings\All Users\Data aplikací\Avery
2016-10-20 18:26:51 ----D---- C:\Program Files\Common Files

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2016-07-12 60424]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2016-08-08 224616]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2011-11-29 45648]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2016-07-12 35096]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2016-07-12 64272]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2016-07-12 816304]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2016-07-14 438296]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-18 12032]
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2016-07-12 34008]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2016-07-12 91680]
R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2002-04-01 4816]
R3 aswStmXP;Avast StreamFilter Driver; C:\WINDOWS\system32\drivers\aswStmXP.sys [2016-07-12 184592]
R3 E100B;Intel(R) PRO Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2007-11-16 165496]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-06-21 807998]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2003-05-27 578304]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S0 cercsr6;cercsr6; C:\WINDOWS\system32\drivers\cercsr6.sys [2005-04-06 39904]
S3 aswTdi;aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [2016-07-12 66688]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S4 exFat;exFat; C:\WINDOWS\system32\drivers\exFat.sys [2008-09-29 133632]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-07-12 197128]
R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service; C:\Program Files\Hi-Rez Studios\HiPatchService.exe [2016-09-19 9728]
R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service; C:\WINDOWS\system32\IProsetMonitor.exe [2013-04-05 121600]
R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2010-03-10 189728]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-02-04 107848]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-10-30 270016]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-02-04 107848]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.11.334\McCHSvc.exe [2016-05-31 239880]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

#8 Příspěvek od **Rudy** » 16 lis 2016 20:14

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\Program Files\DownSpeedTest_dq
C:\Program Files\McAfee Security Scan
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\McAfee Security Scan Plus.lnk

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{481f6b47-2ad8-4c6a-8554-a2897e6cf900}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5818cea7-889d-459a-9a75-889e1298a892}]

:services
McComponentHostService

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.

Diego_Smith · #9 Příspěvek od **Diego_Smith** » 16 lis 2016 21:30

All processes killed
========== FILES ==========
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
File/Folder C:\Program Files\DownSpeedTest_dq not found.
C:\Program Files\McAfee Security Scan\3.11.334\sacoredata folder moved successfully.
C:\Program Files\McAfee Security Scan\3.11.334 folder moved successfully.
C:\Program Files\McAfee Security Scan folder moved successfully.
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\McAfee Security Scan Plus.lnk moved successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{481f6b47-2ad8-4c6a-8554-a2897e6cf900}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{481f6b47-2ad8-4c6a-8554-a2897e6cf900}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5818cea7-889d-459a-9a75-889e1298a892}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5818cea7-889d-459a-9a75-889e1298a892}\ deleted successfully.
========== SERVICES/DRIVERS ==========
Service McComponentHostService stopped successfully!
Service McComponentHostService deleted successfully!
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Diego
->Temp folder emptied: 33866184 bytes
->Temporary Internet Files folder emptied: 16202950 bytes
->FireFox cache emptied: 261032270 bytes
->Google Chrome cache emptied: 10653111 bytes
->Flash cache emptied: 5753 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 10195802 bytes

User: Master
->Temp folder emptied: 5015873 bytes
->Temporary Internet Files folder emptied: 6539131 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 115045295 bytes
->Google Chrome cache emptied: 22292288 bytes
->Flash cache emptied: 844 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 613206 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 5484 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 30350365 bytes

Total Files Cleaned = 488,00 mb

[EMPTYFLASH]

User: Administrator
->Flash cache emptied: 0 bytes

User: All Users

User: Default User

User: Diego
->Flash cache emptied: 0 bytes

User: LocalService

User: Master
->Flash cache emptied: 0 bytes

User: NetworkService

Total Flash Files Cleaned = 0,00 mb

OTM by OldTimer - Version 3.1.21.0 log created on 11162016_205000

Files moved on Reboot...
File move failed. C:\WINDOWS\temp\_avast_\AvastLock.txt scheduled to be moved on reboot.
File move failed. C:\WINDOWS\temp\SafeZone Installer\safezone_installer_20160714085811.log scheduled to be moved on reboot.
File move failed. C:\WINDOWS\temp\SafeZone Installer\safezone_installer_20160714085913.log scheduled to be moved on reboot.

Registry entries deleted on Reboot...

#10 Příspěvek od **Rudy** » 16 lis 2016 22:28

Kolik máte teď po mazání volného místa na systémovém disku? Mělo by tam být minimálně 5GB, aby systém mohl být normálně funkční. Pokud tam nejsou, přesuňte některá svá data na jiné úložiště. Jinak smazáno.

VIRY.CZ

Zpomalený počítač

Zpomalený počítač

Re: Zpomalený počítač

Re: Zpomalený počítač

Re: Zpomalený počítač

Re: Zpomalený počítač

Re: Zpomalený počítač

Re: Zpomalený počítač

Re: Zpomalený počítač

Re: Zpomalený počítač

Re: Zpomalený počítač