VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Prosím o kontrolu logu. Děkuji

https://forum.viry.cz:443/viewtopic.php?t=128721

Stránka 1 z 1

Prosím o kontrolu logu. Děkuji

Napsal: 11 bře 2013 12:36
od daymaker
Logfile of random's system information tool 1.06 (written by random/random)
Run by Marek at 2013-03-11 12:34:22
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 6 GB (2%) free of 297 GB
Total RAM: 3582 MB (62% free)

HijackThis download failed

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\HP Photo Creations Messager.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 66280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office12\GrooveShellExtensions.dll [2006-10-26 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-02-28 461216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3}]
ZoneAlarm Security Engine Registrar - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll [2011-11-03 599680]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-02-28 170912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2008-07-17 691656]
{2C688203-7EB3-4327-9995-1CB417BA23F9}
{91da5e8a-3318-4f8c-b67e-5964de3ab546} - ZoneAlarm Security Toolbar - C:\Program Files\ZoneAlarm_Security\tbZone.dll [2010-12-01 2735200]
{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - ZoneAlarm Security Engine - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll [2011-11-03 599680]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-03-26 5369856]
"hpsysdrv"=c:\hp\support\hpsysdrv.exe [2007-04-18 65536]
"KBD"=C:\HP\KBD\KbdStub.EXE [2006-12-08 65536]
"OsdMaestro"=C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe [2007-02-15 118784]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [2007-07-12 178712]
"PaperPort PTD"=C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [2005-03-17 57393]
"IndexSearch"=C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [2005-03-17 40960]
"NeroFilterCheck"=C:\Windows\system32\NeroCheck.exe [2001-07-09 155648]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-26 31016]
"B2C_AGENT"=C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe [2010-08-23 329656]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2010-06-09 49208]
"WinampAgent"=C:\newprogramfiles\Winamp\winampa.exe [2010-07-12 74752]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-09-08 421888]
"iTunesHelper"=C:\newprogramfiles\itunes\iTunesHelper.exe [2010-09-24 421160]
"ISW"=C:\Program Files\CheckPoint\ZAForceField\ForceField.exe [2011-11-03 738944]
"ZoneAlarm"=C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe [2011-11-09 73360]
"KiesTrayAgent"=C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [2013-02-13 310128]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2012-07-18 348664]
""= []
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 125952]
"Advanced SystemCare 5"=C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe [2011-12-29 620376]
"SmartRAM"=C:\Program Files\IObit\Advanced SystemCare 5\Suo10_SmartRAM.exe [2011-12-31 421208]
"BitTorrent DNA"=C:\Users\Marek\Program Files\DNA\btdna.exe [2009-11-07 323392]
"KiesPDLR"=C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2013-02-13 844144]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2013-01-08 18705664]
"KiesPreload"=C:\Program Files\Samsung\Kies\Kies.exe [2013-02-13 1509232]
""=C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2013-02-13 844144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office12\GrooveShellExtensions.dll [2006-10-26 2210608]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=153

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=
"NoDriveTypeAutoRun"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1b9c6750-693f-11dd-bee7-001fc62ac679}]
shell\AutoRun\command - J:\autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4e35de59-ea27-11dd-bce2-806e6f6e6963}]
shell\AutoRun\command - E:\Autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4e35de6c-ea27-11dd-bce2-001fc62ac679}]
shell\AutoRun\command - J:\SETUP.EXE

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{83e767bd-3800-11df-9e91-001fc62ac679}]
shell\AutoRun\command - K:\USBAutoRun.exe


======List of files/folders created in the last 1 months======

2013-03-11 12:22:31 ----D---- C:\Windows\LastGood
2013-02-28 12:15:45 ----A---- C:\Windows\system32\javaws.exe
2013-02-28 12:15:36 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2013-02-28 12:15:36 ----A---- C:\Windows\system32\javaw.exe
2013-02-28 12:15:36 ----A---- C:\Windows\system32\java.exe
2013-02-25 12:14:41 ----D---- C:\Program Files\MyFree Codec
2013-02-25 12:08:25 ----A---- C:\Windows\system32\FsUsbExService.Exe
2013-02-25 12:08:25 ----A---- C:\Windows\system32\FsUsbExDevice.Dll
2013-02-14 08:20:51 ----A---- C:\Windows\system32\urlmon.dll
2013-02-14 08:20:51 ----A---- C:\Windows\system32\mshtmled.dll
2013-02-14 08:20:51 ----A---- C:\Windows\system32\mshtml.dll
2013-02-14 08:20:51 ----A---- C:\Windows\system32\ieframe.dll
2013-02-14 08:20:50 ----A---- C:\Windows\system32\wininet.dll
2013-02-14 08:20:50 ----A---- C:\Windows\system32\url.dll
2013-02-14 08:20:50 ----A---- C:\Windows\system32\mstime.dll
2013-02-14 08:20:50 ----A---- C:\Windows\system32\msfeeds.dll
2013-02-14 08:20:50 ----A---- C:\Windows\system32\jsproxy.dll
2013-02-14 08:20:50 ----A---- C:\Windows\system32\ieui.dll
2013-02-14 08:20:50 ----A---- C:\Windows\system32\iertutil.dll
2013-02-14 08:20:50 ----A---- C:\Windows\system32\iepeers.dll
2013-02-14 08:20:50 ----A---- C:\Windows\system32\ieapfltr.dll
2013-02-14 08:20:49 ----A---- C:\Windows\system32\quartz.dll
2013-02-14 08:20:47 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-02-14 08:20:47 ----A---- C:\Windows\system32\ntkrnlpa.exe

======List of files/folders modified in the last 1 months======

2013-03-11 12:34:28 ----D---- C:\Windows\Temp
2013-03-11 12:34:28 ----D---- C:\Program Files\trend micro
2013-03-11 12:34:25 ----D---- C:\Users\Marek\AppData\Roaming\DNA
2013-03-11 12:22:38 ----SHD---- C:\System Volume Information
2013-03-11 12:22:31 ----D---- C:\Windows\system32\catroot
2013-03-11 12:22:31 ----D---- C:\Windows\inf
2013-03-11 12:22:31 ----D---- C:\Windows
2013-03-11 12:13:23 ----D---- C:\Windows\system32\Tasks
2013-03-11 12:12:47 ----D---- C:\ProgramData\NVIDIA
2013-03-11 11:34:41 ----D---- C:\Users\Marek\AppData\Roaming\Skype
2013-03-11 10:17:10 ----D---- C:\Windows\Tasks
2013-03-11 10:17:09 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2013-03-03 09:23:41 ----D---- C:\ProgramData\VideoViewer
2013-03-02 13:26:09 ----D---- C:\Windows\Prefetch
2013-02-28 12:15:55 ----SHD---- C:\Windows\Installer
2013-02-28 12:15:55 ----SHD---- C:\Config.Msi
2013-02-28 12:15:55 ----D---- C:\Program Files\Common Files\Java
2013-02-28 12:15:45 ----D---- C:\Windows\System32
2013-02-28 12:15:25 ----A---- C:\Windows\system32\npdeployJava1.dll
2013-02-28 12:15:25 ----A---- C:\Windows\system32\deployJava1.dll
2013-02-28 12:15:20 ----D---- C:\Program Files\Java
2013-02-25 16:00:06 ----RSD---- C:\Windows\assembly
2013-02-25 16:00:06 ----D---- C:\Windows\Microsoft.NET
2013-02-25 12:15:57 ----D---- C:\Windows\system32\drivers
2013-02-25 12:14:41 ----RD---- C:\Program Files
2013-02-25 12:12:57 ----D---- C:\Windows\system32\catroot2
2013-02-24 08:38:31 ----D---- C:\Program Files\Origin
2013-02-19 19:18:33 ----D---- C:\Windows\Debug
2013-02-19 19:17:34 ----D---- C:\Program Files\CCleaner
2013-02-18 12:30:17 ----D---- C:\Windows\system32\migration
2013-02-18 12:30:17 ----D---- C:\Program Files\Internet Explorer
2013-02-14 21:50:09 ----A---- C:\Windows\system32\mrt.exe
2013-02-14 21:49:47 ----D---- C:\Windows\winsxs
2013-02-14 21:47:15 ----A---- C:\Windows\system32\PerfStringBackup.INI

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2012-07-18 137928]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2012-07-18 36000]
R1 prodrv06;StarForce Protection Environment Driver v6; C:\Windows\System32\drivers\prodrv06.sys [2004-08-09 53920]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2010-06-17 28520]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2012-07-18 83392]
R2 ISWKL;ZoneAlarm Toolbar ISWKL; \??\C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys [2011-11-03 27016]
R2 Vsdatant;Zone Alarm Firewall Driver; C:\Windows\system32\DRIVERS\vsdatant.sys [2011-05-07 451160]
R3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\system32\FsUsbExDisk.SYS [2013-02-05 37344]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HCW85BDA;Hauppauge WinTV 885 Video Capture; C:\Windows\system32\drivers\HCW85BDA.sys [2008-03-19 1176064]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-03-26 2103512]
R3 LgBttPort;LGE Bluetooth TransPort; C:\Windows\system32\DRIVERS\lgbtport.sys [2009-09-29 12160]
R3 lgbusenum;LG Bluetooth Bus Enumerator; C:\Windows\system32\DRIVERS\lgbtbus.sys [2009-09-29 10496]
R3 LGVMODEM;LGE Virtual Modem; C:\Windows\system32\DRIVERS\lgvmodem.sys [2009-09-29 12928]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2012-07-03 149352]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2012-10-02 10837352]
R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2008-08-25 47360]
R3 Ps2;PS2; C:\Windows\system32\DRIVERS\PS2.sys [2005-12-12 19072]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2007-10-03 99840]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]
S3 a3mrwdov;a3mrwdov; C:\Windows\system32\drivers\a3mrwdov.sys []
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2013-01-31 83168]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]
S3 hidkmdf;Filter Driver Service for HID-KMDF Interface layer; C:\Windows\system32\DRIVERS\hidkmdf.sys [2012-02-15 9664]
S3 Lavasoft Kernexplorer;Lavasoft helper driver; \??\C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys [2011-02-04 15232]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 Ser2pl;Prolific2 Serial port driver; C:\Windows\system32\DRIVERS\ser2pl.sys [2005-11-04 48640]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-10-27 121064]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-10-27 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-10-27 136808]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-10-27 114280]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2013-01-31 181344]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys []
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
S3 vhidmini;VJoy Virtual Joystick; C:\Windows\system32\DRIVERS\vjoy.sys [2009-10-06 11168]
S3 vjoy;vJoy Device; C:\Windows\system32\DRIVERS\vjoy.sys [2009-10-06 11168]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192]
R2 AdvancedSystemCareService5;Advanced SystemCare Service 5; C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe [2011-12-29 497496]
R2 AntiVirService;Avira Realtime Protection; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2012-07-18 110032]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2012-07-18 86224]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-08-13 144672]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2010-07-27 345376]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 FsUsbExService;FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [2013-02-05 233472]
R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2007-09-19 65536]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [2007-07-12 354840]
R2 IswSvc;ZoneAlarm Toolbar IswSvc; C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe [2011-11-03 497280]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2012-09-21 1737728]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; c:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-11-19 79136]
R2 NVSvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2012-10-02 645992]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-10-02 1258856]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2010-07-23 66872]
R2 PnkBstrB;PnkBstrB; C:\Windows\system32\PnkBstrB.exe [2010-07-23 107832]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-02 382824]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2009-12-18 1044808]
R2 vsmon;TrueVector Internet Monitor; C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe [2011-11-09 2420616]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2010-09-24 820008]
R3 WPFFontCache_v0400;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate1c98d36ee05a985;Služba Google Update (gupdate1c98d36ee05a985); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-02-12 133104]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-01-08 161536]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-02-12 133104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-26 65824]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-19 113120]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2007-03-26 292864]

-----------------EOF-----------------

Re: Prosím o kontrolu logu. Děkuji

Napsal: 11 bře 2013 13:31
od vyosek
Zdravim :)

:arrow: Odinstalujte Advanced SystemCare 5 a nasledne i vse od IOBit - jsou to cinske smejdy a spise jen skodi nez jsou uzitkem. Hledaji nesmyslne a neexistujici problemy, databazi haveti ukradli jine renomovane spolecnosti

:arrow: Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
  • Ulozte nejlepe na plochu
  • Ukoncete vsechny programy
  • Kliknete na Search
  • Probehne skenovani a pak se objevi log, pripadne bude ulozen na systemovem disku jako AdwCleaner[R?].txt, ten sem vlozte
:arrow: Zapojte do PC vsechny USB klice (flashky, ext. disky apod.)

Re: Prosím o kontrolu logu. Děkuji

Napsal: 12 bře 2013 13:02
od daymaker
log z AdwCleaner

# AdwCleaner v2.114 - Logfile created 03/12/2013 at 13:01:24
# Updated 05/03/2013 by Xplode
# Operating system : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# User : Marek - MAREK-PC
# Boot Mode : Normal
# Running from : C:\Users\Marek\Desktop\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

File Found : C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\nfq0j01v.default\searchplugins\icqplugin.xml
File Found : C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\nfq0j01v.default\searchplugins\icqplugin-1.xml
File Found : C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\nfq0j01v.default\searchplugins\icqplugin-2.xml
File Found : C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\nfq0j01v.default\searchplugins\icqplugin-3.xml
Folder Found : C:\Program Files\Conduit
Folder Found : C:\Program Files\DAEMON Tools Toolbar
Folder Found : C:\Program Files\Trymedia
Folder Found : C:\ProgramData\ICQ\ICQToolbar
Folder Found : C:\Users\Marek\AppData\LocalLow\Conduit
Folder Found : C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\nfq0j01v.default\Conduit
Folder Found : C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\nfq0j01v.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
Folder Found : C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\nfq0j01v.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}

***** [Registry] *****

Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ICQToolbar
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Found : HKLM\SOFTWARE\Classes\AppID\{5D723752-5899-47E8-99B4-62C824EF9E13}
Key Found : HKLM\SOFTWARE\Classes\AppID\ICQ Service.exe
Key Found : HKLM\SOFTWARE\Classes\CLSID\{20E1481B-E285-4ABC-ADC7-AE24842B81CD}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Found : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj
Key Found : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj.1
Key Found : HKLM\SOFTWARE\Classes\Interface\{0194532A-A99C-4337-937E-2A452C8957BE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{92E5039E-FF1E-4AFB-8F24-87592D20C383}
Key Found : HKLM\Software\Conduit
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Key Found : HKU\S-1-5-21-3280843659-960139286-2346093338-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Found : HKU\S-1-5-21-3280843659-960139286-2346093338-1000\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]

***** [Internet Browsers] *****

-\\ Internet Explorer v7.0.6002.18005

[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://start.icq.com/
[HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd

-\\ Mozilla Firefox v13.0.1 (cs)

File : C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\nfq0j01v.default\prefs.js

Found : user_pref("CT2645238.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Found : user_pref("CT2645238.CTID", "ct2645238");
Found : user_pref("CT2645238.CurrentServerDate", "18-2-2011");
Found : user_pref("CT2645238.DialogsAlignMode", "LTR");
Found : user_pref("CT2645238.DownloadReferralCookieData", "");
Found : user_pref("CT2645238.EMailNotifierPollDate", "Fri Feb 18 2011 13:18:04 GMT+0100");
Found : user_pref("CT2645238.FirstServerDate", "18-2-2011");
Found : user_pref("CT2645238.FirstTime", true);
Found : user_pref("CT2645238.FirstTimeFF3", true);
Found : user_pref("CT2645238.FirstTimeSettingsDone", true);
Found : user_pref("CT2645238.FixPageNotFoundErrors", true);
Found : user_pref("CT2645238.GroupingServerCheckInterval", 1440);
Found : user_pref("CT2645238.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Found : user_pref("CT2645238.Initialize", true);
Found : user_pref("CT2645238.InitializeCommonPrefs", true);
Found : user_pref("CT2645238.InstallationAndCookieDataSentCount", 2);
Found : user_pref("CT2645238.InstallationType", "UnknownIntegration");
Found : user_pref("CT2645238.InstalledDate", "Fri Feb 18 2011 13:17:50 GMT+0100");
Found : user_pref("CT2645238.IsGrouping", false);
Found : user_pref("CT2645238.IsOpenThankYouPage", false);
Found : user_pref("CT2645238.IsOpenUninstallPage", true);
Found : user_pref("CT2645238.LanguagePackLastCheckTime", "Fri Feb 18 2011 13:18:06 GMT+0100");
Found : user_pref("CT2645238.LanguagePackReloadIntervalMM", 1440);
Found : user_pref("CT2645238.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Found : user_pref("CT2645238.LastLogin_2.6.0.15", "Fri Feb 18 2011 13:18:02 GMT+0100");
Found : user_pref("CT2645238.LatestVersion", "2.6.0.15");
Found : user_pref("CT2645238.Locale", "en");
Found : user_pref("CT2645238.LoginCache", 4);
Found : user_pref("CT2645238.MCDetectTooltipHeight", "83");
Found : user_pref("CT2645238.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Found : user_pref("CT2645238.MCDetectTooltipWidth", "295");
Found : user_pref("CT2645238.SHRINK_TOOLBAR", 1);
Found : user_pref("CT2645238.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER[...]
Found : user_pref("CT2645238.SearchFromAddressBarIsInit", true);
Found : user_pref("CT2645238.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT264[...]
Found : user_pref("CT2645238.SearchInNewTabEnabled", true);
Found : user_pref("CT2645238.SearchInNewTabIntervalMM", 1440);
Found : user_pref("CT2645238.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Found : user_pref("CT2645238.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Found : user_pref("CT2645238.SettingsCheckIntervalMin", 120);
Found : user_pref("CT2645238.SettingsLastCheckTime", "Fri Feb 18 2011 13:17:49 GMT+0100");
Found : user_pref("CT2645238.SettingsLastUpdate", "1297883733");
Found : user_pref("CT2645238.ThirdPartyComponentsInterval", 504);
Found : user_pref("CT2645238.ThirdPartyComponentsLastCheck", "Fri Feb 18 2011 13:17:47 GMT+0100");
Found : user_pref("CT2645238.ThirdPartyComponentsLastUpdate", "1246790578");
Found : user_pref("CT2645238.TrusteLinkUrl", "hxxp://trust.conduit.com/EB_ORIGINAL_CTID");
Found : user_pref("CT2645238.UserID", "UN34920240032640293");
Found : user_pref("CT2645238.alertChannelId", "1037922");
Found : user_pref("CT2645238.clientLogIsEnabled", true);
Found : user_pref("CT2645238.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...]
Found : user_pref("CT2645238.components.1000082", false);
Found : user_pref("CT2645238.components.1000234", false);
Found : user_pref("CT2645238.ct2645238.DialogsAlignMode", "LTR");
Found : user_pref("CT2645238.ct2645238.FirstTimeSettingsDone", true);
Found : user_pref("CT2645238.ct2645238.LanguagePackLastCheckTime", "Fri Feb 18 2011 13:18:06 GMT+0100");
Found : user_pref("CT2645238.ct2645238.Locale", "en");
Found : user_pref("CT2645238.ct2645238.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_[...]
Found : user_pref("CT2645238.ct2645238.SearchInNewTabLastCheckTime", "Fri Feb 18 2011 13:18:02 GMT+0100");
Found : user_pref("CT2645238.ct2645238.SettingsCheckIntervalMin", 120);
Found : user_pref("CT2645238.ct2645238.SettingsLastCheckTime", "Fri Feb 18 2011 13:18:02 GMT+0100");
Found : user_pref("CT2645238.ct2645238.SettingsLastUpdate", "1297883733");
Found : user_pref("CT2645238.ct2645238.ThirdPartyComponentsLastCheck", "Fri Feb 18 2011 13:18:02 GMT+0100");
Found : user_pref("CT2645238.ct2645238.ThirdPartyComponentsLastUpdate", "1246790578");
Found : user_pref("CT2645238.myStuffEnabled", true);
Found : user_pref("CT2645238.myStuffPublihserMinWidth", 400);
Found : user_pref("CT2645238.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Found : user_pref("CT2645238.myStuffServiceIntervalMM", 1440);
Found : user_pref("CT2645238.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Found : user_pref("CT2645238.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...]
Found : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://search.icq.com/search/afe_results[...]
Found : user_pref("CommunityToolbar.ToolbarsList", "CT2645238");
Found : user_pref("CommunityToolbar.ToolbarsList2", "CT2645238");
Found : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Fri Feb 18 2011 13:18:04 GMT+0100");
Found : user_pref("icqtoolbar.allowSendURL", false);
Found : user_pref("icqtoolbar.defSearchChange", true);
Found : user_pref("icqtoolbar.engineVerified", true);
Found : user_pref("icqtoolbar.facebookSmilesAddonShowedPopup", true);
Found : user_pref("icqtoolbar.firstTbRun", false);
Found : user_pref("icqtoolbar.geolastmodified", 1362937520);
Found : user_pref("icqtoolbar.history", "ko%C5%A1nar%20mont%C3%A1%C5%BEe%20s.r.o.||ko%C5%A1nar%20mark%C3%ADz[...]
Found : user_pref("icqtoolbar.hpChange", true);
Found : user_pref("icqtoolbar.icqgeo", 42);
Found : user_pref("icqtoolbar.installTime", "1343312516");
Found : user_pref("icqtoolbar.installsource", "1");
Found : user_pref("icqtoolbar.newtab_most_visited_state", "1");
Found : user_pref("icqtoolbar.newtab_recently_closed_state", "1");
Found : user_pref("icqtoolbar.newtab_state", "1");
Found : user_pref("icqtoolbar.numberOfSearches", 0);
Found : user_pref("icqtoolbar.previousFFVersion", "16.0.2");
Found : user_pref("icqtoolbar.skip_default_search", "no");
Found : user_pref("icqtoolbar.suggestions", false);
Found : user_pref("icqtoolbar.uniqueID", "123721218012372121801237228838313");
Found : user_pref("icqtoolbar.usageStatstTimestamp", 1363025908);
Found : user_pref("icqtoolbar.userEngineApproved", true);
Found : user_pref("icqtoolbar.userHpApproved", true);
Found : user_pref("icqtoolbar.version", "1.5.3");
Found : user_pref("icqtoolbar.voucherHideClicks", 0);
Found : user_pref("icqtoolbar.voucherMoreLinkClicks", 0);
Found : user_pref("icqtoolbar.voucherRedeemClicks", 0);
Found : user_pref("icqtoolbar.voucherWasShown", 0);
Found : user_pref("icqtoolbar.xmlEnableHomePageDsGuard", false);
Found : user_pref("icqtoolbar.xmlEnableSuggestions", false);
Found : user_pref("icqtoolbar.xmlLanguage", "cs");
Found : user_pref("keyword.URL", "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.5.3&q=");

*************************

AdwCleaner[R1].txt - [12449 octets] - [12/03/2013 13:01:24]

########## EOF - C:\AdwCleaner[R1].txt - [12510 octets] ##########

Re: Prosím o kontrolu logu. Děkuji

Napsal: 12 bře 2013 13:12
od vyosek
:arrow: Spustte znovu AdwCleaner
  • Pokud pouzivate Win Vista ci W7, kliknete na AdwCleaner pravym a dejte Run As Administrator ci Spustit jako spravce
  • Kliknete na Delete
  • PC provede opravu, restartuje se a da Vam log (C:\AdwCleaner [S1].txt) , jeho obsah vlozte sem

Re: Prosím o kontrolu logu. Děkuji

Napsal: 12 bře 2013 13:16
od daymaker
log z USBfix... vkládám pouze flash disk, nebo mobil.. toto je s flash diskem

############################## | UsbFix V 7.096 | [Deletion]

User: Marek (Administrator) # MAREK-PC
Updated 15/08/2012 by El Desaparecido
Started at 13:08:19 | 12/03/2013

Website: http://eldesaparecido.com
Forum: http://forum.eldesaparecido.com
Suspicious file ? : http://eldesaparecido.com/upload.php
Contact: contact@eldesaparecido.com

PC: HP-Pavilion (KN449AA-AKB a6430.cs) (X86-based PC) # Desktop Computer
CPU: Intel(R) Core(TM)2 Duo CPU E4600 @ 2.40GHz (2400)
RAM -> [Total : 3582 | Free : 2174]
BIOS: BIOS Date: 04/21/08 11:00:40 Ver: 5.23
BOOT: Normal boot

OS: Microsoft® Windows Vista™ Home Premium (6.0.6002 32-Bit) # Service Pack 2
WB: Windows Internet Explorer 7.0.6002.18005

SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AV: Lavasoft Ad-Watch Live! Anti-Virus [(!) Disabled | Updated]
FW: Windows FireWall Service [Enabled]

C:\ (%systemdrive%) -> Fixed drive # 290 Gb (9 Mb free - 3%) [HP] # NTFS
D:\ -> Fixed drive # 8 Gb (2 Mb free - 20%) [FACTORY_IMAGE] # NTFS
E:\ -> CD-ROM
J:\ -> CD-ROM
K:\ -> Removable drive # 7 Gb (2 Mb free - 22%) [Transcend] # FAT32

################## | Active Processes |

C:\Windows\system32\csrss.exe (652)
C:\Windows\system32\wininit.exe (708)
C:\Windows\system32\csrss.exe (716)
C:\Windows\system32\services.exe (752)
C:\Windows\system32\lsass.exe (776)
C:\Windows\system32\lsm.exe (784)
C:\Windows\system32\winlogon.exe (892)
C:\Windows\system32\svchost.exe (964)
C:\Windows\system32\nvvsvc.exe (1044)
C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (1056)
C:\Windows\system32\svchost.exe (1092)
C:\Windows\System32\svchost.exe (1224)
C:\Windows\System32\svchost.exe (1272)
C:\Windows\system32\svchost.exe (1284)
C:\Windows\system32\SLsvc.exe (1432)
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (1488)
C:\Windows\system32\nvvsvc.exe (1504)
C:\Windows\system32\svchost.exe (1536)
C:\Windows\system32\Dwm.exe (1868)
C:\Windows\Explorer.EXE (1920)
C:\Windows\system32\svchost.exe (1960)
C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe (124)
C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe (720)
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (952)
C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (1200)
C:\Windows\System32\spoolsv.exe (1952)
C:\Windows\system32\taskeng.exe (2016)
C:\Program Files\Avira\AntiVir Desktop\sched.exe (1936)
C:\Windows\system32\svchost.exe (772)
C:\Windows\system32\taskeng.exe (2280)
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (2356)
C:\Program Files\Avira\AntiVir Desktop\avguard.exe (2428)
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (2464)
C:\Program Files\Bonjour\mDNSResponder.exe (2484)
C:\Windows\system32\FsUsbExService.Exe (2512)
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe (2564)
c:\Program Files\Common Files\LightScribe\LSSrvc.exe (2640)
C:\Windows\system32\PnkBstrA.exe (2684)
C:\Windows\system32\PnkBstrB.exe (2704)
C:\Windows\system32\svchost.exe (2776)
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe (2824)
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe (2984)
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (3228)
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (3536)
C:\Windows\system32\wbem\unsecapp.exe (3644)
C:\Windows\system32\wbem\wmiprvse.exe (3812)
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe (3980)
C:\Windows\RtHDVCpl.exe (3064)
C:\hp\support\hpsysdrv.exe (2736)
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe (1664)
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (1724)
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe (1440)
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (1364)
C:\Program Files\HP\HP Software Update\hpwuschd2.exe (1208)
C:\newprogramfiles\Winamp\winampa.exe (404)
C:\newprogramfiles\itunes\iTunesHelper.exe (3616)
C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe (3880)
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (3600)
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (3752)
C:\Windows\ehome\ehtray.exe (2248)
C:\Windows\ehome\ehmsas.exe (2800)
C:\Users\Marek\Program Files\DNA\btdna.exe (904)
C:\Program Files\Samsung\Kies\Kies.exe (2336)
C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (1908)
C:\Windows\system32\svchost.exe (1476)
c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe (2156)
C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (1352)
C:\Program Files\iPod\bin\iPodService.exe (4364)
C:\hp\kbd\kbd.exe (4752)
C:\Windows\system32\NOTEPAD.EXE (5416)
C:\newprogramfiles\firefox\firefox.exe (3320)
C:\Windows\system32\taskeng.exe (4412)
C:\UsbFix\Go.exe (4816)
C:\Windows\system32\wbem\wmiprvse.exe (6008)
C:\Windows\System32\mobsync.exe (3924)

################## | Stopped processes |

Stopped! C:\Windows\system32\nvvsvc.exe (1044)
Stopped! C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (1056)
Stopped! C:\Windows\system32\SLsvc.exe (1432)
Stopped! C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (1488)
Stopped! C:\Windows\system32\nvvsvc.exe (1504)
Stopped! C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe (124)
Stopped! C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe (720)
Stopped! C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (952)
Stopped! C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (1200)
Stopped! C:\Windows\System32\spoolsv.exe (1952)
Stopped! C:\Windows\system32\taskeng.exe (2016)
Stopped! C:\Program Files\Avira\AntiVir Desktop\sched.exe (1936)
Stopped! C:\Windows\system32\taskeng.exe (2280)
Stopped! C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (2356)
Stopped! C:\Program Files\Avira\AntiVir Desktop\avguard.exe (2428)
Stopped! C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (2464)
Stopped! C:\Program Files\Bonjour\mDNSResponder.exe (2484)
Stopped! C:\Windows\system32\FsUsbExService.Exe (2512)
Stopped! C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe (2564)
Stopped! c:\Program Files\Common Files\LightScribe\LSSrvc.exe (2640)
Stopped! C:\Windows\system32\PnkBstrA.exe (2684)
Stopped! C:\Windows\system32\PnkBstrB.exe (2704)
Stopped! C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe (2824)
Stopped! C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe (2984)
Stopped! C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (3228)
Stopped! C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (3536)
Stopped! C:\Windows\RtHDVCpl.exe (3064)
Stopped! C:\hp\support\hpsysdrv.exe (2736)
Stopped! C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe (1664)
Stopped! C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (1724)
Stopped! C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe (1440)
Stopped! C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (1364)
Stopped! C:\Program Files\HP\HP Software Update\hpwuschd2.exe (1208)
Stopped! C:\newprogramfiles\Winamp\winampa.exe (404)
Stopped! C:\newprogramfiles\itunes\iTunesHelper.exe (3616)
Stopped! C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe (3880)
Stopped! C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (3600)
Stopped! C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (3752)
Stopped! C:\Windows\ehome\ehtray.exe (2248)
Stopped! C:\Windows\ehome\ehmsas.exe (2800)
Stopped! C:\Users\Marek\Program Files\DNA\btdna.exe (904)
Stopped! C:\Program Files\Samsung\Kies\Kies.exe (2336)
Stopped! C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (1908)
Stopped! c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe (2156)
Stopped! C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (1352)
Stopped! C:\Program Files\iPod\bin\iPodService.exe (4364)
Stopped! C:\hp\kbd\kbd.exe (4752)
Stopped! C:\Windows\system32\NOTEPAD.EXE (5416)
Stopped! C:\newprogramfiles\firefox\firefox.exe (3320)
Stopped! C:\Windows\system32\taskeng.exe (4412)

################## | Files # Infected Folders |

Deleted ! C:\Users\Marek\AppData\Roaming\ezpinst.exe
Deleted ! C:\Users\Marek\AppData\Roaming\inst.exe
Deleted ! C:\Users\Marek\AppData\Roaming\MafiaSetup.exe
Deleted ! C:\Windows\rundl132.exe
Not deleted ! E:\Autorun.exe
Deleted ! C:\$RECYCLE.BIN\S-1-5-21-2152478756-3922319563-605102323-500
Deleted ! C:\$RECYCLE.BIN\S-1-5-21-3219041693-1732208804-1766792807-1000
Deleted ! C:\$RECYCLE.BIN\S-1-5-21-3280843659-960139286-2346093338-1000
Deleted ! C:\$RECYCLE.BIN\S-1-5-21-3280843659-960139286-2346093338-500
Deleted ! C:\$RECYCLE.BIN\S-1-5-21-4277012163-1952498102-2957651438-500
Deleted ! D:\$RECYCLE.BIN\S-1-5-21-3219041693-1732208804-1766792807-1000
Deleted ! D:\$RECYCLE.BIN\S-1-5-21-3280843659-960139286-2346093338-1000
Deleted ! D:\$RECYCLE.BIN\S-1-5-21-3280843659-960139286-2346093338-500
Not deleted ! E:\autorun.inf

(!) Temporary files deleted.

################## | Registry |


################## | Mountpoints2 |

Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{1b9c6750-693f-11dd-bee7-001fc62ac679}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{4e35de59-ea27-11dd-bce2-806e6f6e6963}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{4e35de6c-ea27-11dd-bce2-001fc62ac679}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{83e767bd-3800-11df-9e91-001fc62ac679}

################## | Listing |

[12/03/2013 - 13:12:03 | SHD ] C:\$Recycle.Bin
[12/03/2013 - 09:21:44 | N | 371384] C:\aaw7boot.log
[12/03/2013 - 13:01:32 | N | 12580] C:\AdwCleaner[R1].txt
[25/04/2008 - 20:42:28 | N | 74] C:\autoexec.bat
[31/01/2012 - 10:26:57 | SHD ] C:\Boot
[11/04/2009 - 07:36:36 | RASH | 333257] C:\bootmgr
[28/02/2013 - 12:15:55 | D ] C:\Config.Msi
[18/09/2006 - 22:43:37 | N | 10] C:\config.sys
[11/03/2013 - 13:27:51 | N | 0] C:\DebugTraceNormal.log
[02/11/2006 - 14:02:03 | SHD ] C:\Documents and Settings
[30/09/2012 - 08:34:00 | D ] C:\filmy
[19/12/2010 - 11:22:04 | D ] C:\Garmin
[18/11/2012 - 18:03:00 | D ] C:\Garmin extra
[22/04/2010 - 15:45:09 | D ] C:\GD510
[30/09/2008 - 09:02:04 | D ] C:\hp
[13/12/2008 - 19:52:06 | N | 0] C:\IO.SYS
[22/04/2010 - 15:58:21 | D ] C:\LG_USB
[13/12/2008 - 19:52:06 | N | 0] C:\MSDOS.SYS
[26/08/2008 - 15:26:31 | RHD ] C:\MSOCache
[29/10/2012 - 12:53:09 | D ] C:\newprogramfiles
[27/10/2012 - 16:42:37 | D ] C:\NVIDIA
[24/02/2010 - 19:50:15 | D ] C:\OfficialCnCTiberianSun
[24/02/2010 - 17:44:48 | | 1334180630] C:\OfficialCnCTiberianSun.rar
[12/03/2013 - 09:21:44 | ASH | 4070981632] C:\pagefile.sys
[13/11/2011 - 15:55:39 | D ] C:\panzer2
[19/08/2008 - 13:29:29 | D ] C:\PerfLogs
[25/02/2013 - 12:14:41 | RD ] C:\Program Files
[13/09/2012 - 12:02:32 | HD ] C:\ProgramData
[25/04/2011 - 14:28:44 | N | 17408] C:\psapi.dll
[04/02/2012 - 19:16:07 | D ] C:\rsit
[21/11/2010 - 19:50:26 | D ] C:\sh
[10/03/2012 - 12:59:38 | N | 4720] C:\shared.log
[12/03/2013 - 09:32:56 | SHD ] C:\System Volume Information
[27/10/2012 - 16:46:29 | D ] C:\Temp
[26/08/2008 - 21:11:46 | D ] C:\trash
[12/03/2013 - 13:12:04 | D ] C:\UsbFix
[12/03/2013 - 13:08:30 | A | 11231] C:\UsbFix.txt
[27/10/2012 - 16:48:01 | D ] C:\Users
[27/08/2008 - 19:59:45 | D ] C:\videodvdmaker
[12/03/2013 - 13:12:03 | D ] C:\Windows
[11/03/2011 - 12:35:11 | D ] C:\zdroje
[04/02/2012 - 19:49:46 | D ] C:\_OTM
[12/03/2013 - 13:12:04 | SHD ] D:\$RECYCLE.BIN
[22/06/2007 - 16:44:20 | ASH | 438328] D:\boo.mgr
[13/08/2008 - 14:57:44 | SHD ] D:\boot
[02/11/2006 - 00:53:58 | SH | 438840] D:\bootmgr
[19/06/2007 - 15:22:02 | ASH | 1322] D:\Desktop.ini
[13/08/2008 - 14:57:44 | D ] D:\hp
[08/10/2008 - 16:07:51 | ASH | 22] D:\HPCD.sys
[08/10/2008 - 14:43:42 | N | 296] D:\MASTER.LOG
[13/08/2008 - 14:07:10 | D ] D:\PC-Doctor 5 for Win PE
[13/08/2008 - 14:07:10 | SH | 428] D:\pcdr.ini
[08/10/2008 - 16:07:51 | SHD ] D:\PRELOAD
[04/07/2007 - 11:31:50 | N | 181735] D:\Protect.ed
[08/10/2008 - 14:10:35 | RSH | 26] D:\RCBoot.sys
[13/08/2008 - 14:57:44 | RD ] D:\RECOVERY
[26/04/2008 - 07:44:10 | SH | 43] D:\RESTORE.INI
[13/08/2008 - 14:57:44 | SHD ] D:\SOURCES
[04/06/2008 - 06:02:29 | SHD ] D:\System Volume Information
[31/08/2012 - 08:39:28 | RA | 8110472] E:\AutoRun.exe
[05/09/2012 - 04:18:38 | RAD ] E:\Autorun
[31/08/2012 - 08:41:57 | RA | 48902] E:\Autorun.ico
[05/09/2012 - 04:41:54 | RA | 7317792143] E:\FIFA13.zip
[31/08/2012 - 08:39:28 | RA | 8110472] E:\Setup.exe
[05/09/2012 - 04:18:38 | RAD ] E:\Support
[05/09/2012 - 04:18:36 | RA | 124] E:\autorun.inf

################## | Vaccin |

C:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
D:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)

################## | Upload |

Please send the file: C:\UsbFix_Upload_Me_MAREK-PC.zip
http://eldesaparecido.com/upload.php
Thank you for your contribution.

################## | E.O.F |

Re: Prosím o kontrolu logu. Děkuji

Napsal: 12 bře 2013 13:22
od daymaker
nový log z AdwCleaner

# AdwCleaner v2.114 - Logfile created 03/12/2013 at 13:17:37
# Updated 05/03/2013 by Xplode
# Operating system : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# User : Marek - MAREK-PC
# Boot Mode : Normal
# Running from : C:\Users\Marek\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\nfq0j01v.default\searchplugins\icqplugin.xml
File Deleted : C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\nfq0j01v.default\searchplugins\icqplugin-1.xml
File Deleted : C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\nfq0j01v.default\searchplugins\icqplugin-2.xml
File Deleted : C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\nfq0j01v.default\searchplugins\icqplugin-3.xml
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Program Files\DAEMON Tools Toolbar
Folder Deleted : C:\Program Files\Trymedia
Folder Deleted : C:\ProgramData\ICQ\ICQToolbar
Folder Deleted : C:\Users\Marek\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\nfq0j01v.default\Conduit
Folder Deleted : C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\nfq0j01v.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ICQToolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5D723752-5899-47E8-99B4-62C824EF9E13}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ICQ Service.exe
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{20E1481B-E285-4ABC-ADC7-AE24842B81CD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Deleted : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj
Key Deleted : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj.1
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0194532A-A99C-4337-937E-2A452C8957BE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{92E5039E-FF1E-4AFB-8F24-87592D20C383}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]

***** [Internet Browsers] *****

-\\ Internet Explorer v7.0.6002.18005

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd --> hxxp://www.google.com

-\\ Mozilla Firefox v13.0.1 (cs)

File : C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\nfq0j01v.default\prefs.js

C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\nfq0j01v.default\user.js ... Deleted !

Deleted : user_pref("CT2645238.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT2645238.CTID", "ct2645238");
Deleted : user_pref("CT2645238.CurrentServerDate", "18-2-2011");
Deleted : user_pref("CT2645238.DialogsAlignMode", "LTR");
Deleted : user_pref("CT2645238.DownloadReferralCookieData", "");
Deleted : user_pref("CT2645238.EMailNotifierPollDate", "Fri Feb 18 2011 13:18:04 GMT+0100");
Deleted : user_pref("CT2645238.FirstServerDate", "18-2-2011");
Deleted : user_pref("CT2645238.FirstTime", true);
Deleted : user_pref("CT2645238.FirstTimeFF3", true);
Deleted : user_pref("CT2645238.FirstTimeSettingsDone", true);
Deleted : user_pref("CT2645238.FixPageNotFoundErrors", true);
Deleted : user_pref("CT2645238.GroupingServerCheckInterval", 1440);
Deleted : user_pref("CT2645238.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT2645238.Initialize", true);
Deleted : user_pref("CT2645238.InitializeCommonPrefs", true);
Deleted : user_pref("CT2645238.InstallationAndCookieDataSentCount", 2);
Deleted : user_pref("CT2645238.InstallationType", "UnknownIntegration");
Deleted : user_pref("CT2645238.InstalledDate", "Fri Feb 18 2011 13:17:50 GMT+0100");
Deleted : user_pref("CT2645238.IsGrouping", false);
Deleted : user_pref("CT2645238.IsOpenThankYouPage", false);
Deleted : user_pref("CT2645238.IsOpenUninstallPage", true);
Deleted : user_pref("CT2645238.LanguagePackLastCheckTime", "Fri Feb 18 2011 13:18:06 GMT+0100");
Deleted : user_pref("CT2645238.LanguagePackReloadIntervalMM", 1440);
Deleted : user_pref("CT2645238.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Deleted : user_pref("CT2645238.LastLogin_2.6.0.15", "Fri Feb 18 2011 13:18:02 GMT+0100");
Deleted : user_pref("CT2645238.LatestVersion", "2.6.0.15");
Deleted : user_pref("CT2645238.Locale", "en");
Deleted : user_pref("CT2645238.LoginCache", 4);
Deleted : user_pref("CT2645238.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT2645238.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Deleted : user_pref("CT2645238.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT2645238.SHRINK_TOOLBAR", 1);
Deleted : user_pref("CT2645238.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER[...]
Deleted : user_pref("CT2645238.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT2645238.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT264[...]
Deleted : user_pref("CT2645238.SearchInNewTabEnabled", true);
Deleted : user_pref("CT2645238.SearchInNewTabIntervalMM", 1440);
Deleted : user_pref("CT2645238.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Deleted : user_pref("CT2645238.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Deleted : user_pref("CT2645238.SettingsCheckIntervalMin", 120);
Deleted : user_pref("CT2645238.SettingsLastCheckTime", "Fri Feb 18 2011 13:17:49 GMT+0100");
Deleted : user_pref("CT2645238.SettingsLastUpdate", "1297883733");
Deleted : user_pref("CT2645238.ThirdPartyComponentsInterval", 504);
Deleted : user_pref("CT2645238.ThirdPartyComponentsLastCheck", "Fri Feb 18 2011 13:17:47 GMT+0100");
Deleted : user_pref("CT2645238.ThirdPartyComponentsLastUpdate", "1246790578");
Deleted : user_pref("CT2645238.TrusteLinkUrl", "hxxp://trust.conduit.com/EB_ORIGINAL_CTID");
Deleted : user_pref("CT2645238.UserID", "UN34920240032640293");
Deleted : user_pref("CT2645238.alertChannelId", "1037922");
Deleted : user_pref("CT2645238.clientLogIsEnabled", true);
Deleted : user_pref("CT2645238.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...]
Deleted : user_pref("CT2645238.components.1000082", false);
Deleted : user_pref("CT2645238.components.1000234", false);
Deleted : user_pref("CT2645238.ct2645238.DialogsAlignMode", "LTR");
Deleted : user_pref("CT2645238.ct2645238.FirstTimeSettingsDone", true);
Deleted : user_pref("CT2645238.ct2645238.LanguagePackLastCheckTime", "Fri Feb 18 2011 13:18:06 GMT+0100");
Deleted : user_pref("CT2645238.ct2645238.Locale", "en");
Deleted : user_pref("CT2645238.ct2645238.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_[...]
Deleted : user_pref("CT2645238.ct2645238.SearchInNewTabLastCheckTime", "Fri Feb 18 2011 13:18:02 GMT+0100");
Deleted : user_pref("CT2645238.ct2645238.SettingsCheckIntervalMin", 120);
Deleted : user_pref("CT2645238.ct2645238.SettingsLastCheckTime", "Fri Feb 18 2011 13:18:02 GMT+0100");
Deleted : user_pref("CT2645238.ct2645238.SettingsLastUpdate", "1297883733");
Deleted : user_pref("CT2645238.ct2645238.ThirdPartyComponentsLastCheck", "Fri Feb 18 2011 13:18:02 GMT+0100");
Deleted : user_pref("CT2645238.ct2645238.ThirdPartyComponentsLastUpdate", "1246790578");
Deleted : user_pref("CT2645238.myStuffEnabled", true);
Deleted : user_pref("CT2645238.myStuffPublihserMinWidth", 400);
Deleted : user_pref("CT2645238.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Deleted : user_pref("CT2645238.myStuffServiceIntervalMM", 1440);
Deleted : user_pref("CT2645238.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Deleted : user_pref("CT2645238.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...]
Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://search.icq.com/search/afe_results[...]
Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT2645238");
Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT2645238");
Deleted : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Fri Feb 18 2011 13:18:04 GMT+0100");
Deleted : user_pref("icqtoolbar.allowSendURL", false);
Deleted : user_pref("icqtoolbar.defSearchChange", true);
Deleted : user_pref("icqtoolbar.engineVerified", true);
Deleted : user_pref("icqtoolbar.facebookSmilesAddonShowedPopup", true);
Deleted : user_pref("icqtoolbar.firstTbRun", false);
Deleted : user_pref("icqtoolbar.geolastmodified", 1362937520);
Deleted : user_pref("icqtoolbar.history", "ko%C5%A1nar%20mont%C3%A1%C5%BEe%20s.r.o.||ko%C5%A1nar%20mark%C3%ADz[...]
Deleted : user_pref("icqtoolbar.hpChange", true);
Deleted : user_pref("icqtoolbar.icqgeo", 42);
Deleted : user_pref("icqtoolbar.installTime", "1343312516");
Deleted : user_pref("icqtoolbar.installsource", "1");
Deleted : user_pref("icqtoolbar.newtab_most_visited_state", "1");
Deleted : user_pref("icqtoolbar.newtab_recently_closed_state", "1");
Deleted : user_pref("icqtoolbar.newtab_state", "1");
Deleted : user_pref("icqtoolbar.numberOfSearches", 0);
Deleted : user_pref("icqtoolbar.previousFFVersion", "16.0.2");
Deleted : user_pref("icqtoolbar.skip_default_search", "no");
Deleted : user_pref("icqtoolbar.suggestions", false);
Deleted : user_pref("icqtoolbar.uniqueID", "123721218012372121801237228838313");
Deleted : user_pref("icqtoolbar.usageStatstTimestamp", 1363025908);
Deleted : user_pref("icqtoolbar.userEngineApproved", true);
Deleted : user_pref("icqtoolbar.userHpApproved", true);
Deleted : user_pref("icqtoolbar.version", "1.5.3");
Deleted : user_pref("icqtoolbar.voucherHideClicks", 0);
Deleted : user_pref("icqtoolbar.voucherMoreLinkClicks", 0);
Deleted : user_pref("icqtoolbar.voucherRedeemClicks", 0);
Deleted : user_pref("icqtoolbar.voucherWasShown", 0);
Deleted : user_pref("icqtoolbar.xmlEnableHomePageDsGuard", false);
Deleted : user_pref("icqtoolbar.xmlEnableSuggestions", false);
Deleted : user_pref("icqtoolbar.xmlLanguage", "cs");
Deleted : user_pref("keyword.URL", "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.5.3&q=");

*************************

AdwCleaner[R1].txt - [12580 octets] - [12/03/2013 13:01:24]
AdwCleaner[S1].txt - [12407 octets] - [12/03/2013 13:17:37]

########## EOF - C:\AdwCleaner[S1].txt - [12468 octets] ##########

Re: Prosím o kontrolu logu. Děkuji

Napsal: 12 bře 2013 21:50
od vyosek
:arrow: Stahnete Malwarebytes' Anti-Malware (zkracene MBAM) http://forum.viry.cz/viewtopic.php?f=29&t=115222
  • Provedte aktualizaci
  • Provedte uplny sken - nic nemazte :!:
  • MBAM miva obcas falesne detekce, proto vlozte log do prispevku a pockejte na posouzeni

Re: Prosím o kontrolu logu. Děkuji

Napsal: 13 bře 2013 11:26
od daymaker
Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Verze: v2013.03.13.05

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 7.0.6002.18005
Marek :: MAREK-PC [administrátor]

13.3.2013 8:41:05
mbam-log-2013-03-13 (08-41-05).txt

Typ: Kompletní kontrola (C:\|D:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 457613
Uplynulý čas: 1 hodin, 57 minut, 26 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

Re: Prosím o kontrolu logu. Děkuji

Napsal: 14 bře 2013 15:37
od vyosek
Poprosim o novy log z RSIT

Re: Prosím o kontrolu logu. Děkuji

Napsal: 16 bře 2013 10:59
od daymaker
tady je, díky...

Logfile of random's system information tool 1.06 (written by random/random)
Run by Marek at 2013-03-16 10:58:24
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 7 GB (2%) free of 297 GB
Total RAM: 3582 MB (55% free)

HijackThis download failed

======Scheduled tasks folder======

C:\Windows\tasks\Ad-Aware Update (Weekly).job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\HP Photo Creations Messager.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 66280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office12\GrooveShellExtensions.dll [2006-10-26 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-02-28 461216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3}]
ZoneAlarm Security Engine Registrar - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll [2011-11-03 599680]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-02-28 170912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2C688203-7EB3-4327-9995-1CB417BA23F9}
{91da5e8a-3318-4f8c-b67e-5964de3ab546} - ZoneAlarm Security Toolbar - C:\Program Files\ZoneAlarm_Security\tbZone.dll [2010-12-01 2735200]
{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - ZoneAlarm Security Engine - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll [2011-11-03 599680]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-03-26 5369856]
"hpsysdrv"=c:\hp\support\hpsysdrv.exe [2007-04-18 65536]
"KBD"=C:\HP\KBD\KbdStub.EXE [2006-12-08 65536]
"OsdMaestro"=C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe [2007-02-15 118784]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [2007-07-12 178712]
"PaperPort PTD"=C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [2005-03-17 57393]
"IndexSearch"=C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [2005-03-17 40960]
"NeroFilterCheck"=C:\Windows\system32\NeroCheck.exe [2001-07-09 155648]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-26 31016]
"B2C_AGENT"=C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe [2010-08-23 329656]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2010-06-09 49208]
"WinampAgent"=C:\newprogramfiles\Winamp\winampa.exe [2010-07-12 74752]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-09-08 421888]
"iTunesHelper"=C:\newprogramfiles\itunes\iTunesHelper.exe [2010-09-24 421160]
"ISW"=C:\Program Files\CheckPoint\ZAForceField\ForceField.exe [2011-11-03 738944]
"ZoneAlarm"=C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe [2011-11-09 73360]
"KiesTrayAgent"=C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [2013-02-13 310128]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2012-07-18 348664]
""= []
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 125952]
"BitTorrent DNA"=C:\Users\Marek\Program Files\DNA\btdna.exe [2009-11-07 323392]
"KiesPDLR"=C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2013-02-13 844144]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2013-01-08 18705664]
"KiesPreload"=C:\Program Files\Samsung\Kies\Kies.exe [2013-02-13 1509232]
""=C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2013-02-13 844144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office12\GrooveShellExtensions.dll [2006-10-26 2210608]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=0
"NoDriveAutoRun"=3

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=
"NoDriveTypeAutoRun"=
"NoDriveAutoRun"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======List of files/folders created in the last 1 months======

2013-03-13 08:39:50 ----D---- C:\Users\Marek\AppData\Roaming\Malwarebytes
2013-03-13 08:39:24 ----D---- C:\ProgramData\Malwarebytes
2013-03-13 08:39:23 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2013-03-13 08:24:59 ----A---- C:\Windows\system32\mshtmled.dll
2013-03-13 08:24:59 ----A---- C:\Windows\system32\mshtml.dll
2013-03-13 08:24:58 ----A---- C:\Windows\system32\wininet.dll
2013-03-13 08:24:58 ----A---- C:\Windows\system32\urlmon.dll
2013-03-13 08:24:58 ----A---- C:\Windows\system32\url.dll
2013-03-13 08:24:58 ----A---- C:\Windows\system32\mstime.dll
2013-03-13 08:24:58 ----A---- C:\Windows\system32\msfeeds.dll
2013-03-13 08:24:58 ----A---- C:\Windows\system32\jsproxy.dll
2013-03-13 08:24:58 ----A---- C:\Windows\system32\ieui.dll
2013-03-13 08:24:58 ----A---- C:\Windows\system32\iertutil.dll
2013-03-13 08:24:58 ----A---- C:\Windows\system32\iepeers.dll
2013-03-13 08:24:58 ----A---- C:\Windows\system32\ieframe.dll
2013-03-13 08:24:58 ----A---- C:\Windows\system32\ieapfltr.dll
2013-03-12 13:17:37 ----A---- C:\AdwCleaner[S1].txt
2013-03-12 13:13:04 ----RASHD---- C:\Autorun.inf
2013-03-12 13:07:00 ----A---- C:\UsbFix.txt
2013-03-12 13:06:51 ----D---- C:\UsbFix
2013-03-12 13:01:24 ----N---- C:\AdwCleaner[R1].txt
2013-02-28 12:15:45 ----A---- C:\Windows\system32\javaws.exe
2013-02-28 12:15:36 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2013-02-28 12:15:36 ----A---- C:\Windows\system32\javaw.exe
2013-02-28 12:15:36 ----A---- C:\Windows\system32\java.exe
2013-02-25 12:14:41 ----D---- C:\Program Files\MyFree Codec
2013-02-25 12:08:25 ----A---- C:\Windows\system32\FsUsbExService.Exe
2013-02-25 12:08:25 ----A---- C:\Windows\system32\FsUsbExDevice.Dll

======List of files/folders modified in the last 1 months======

2013-03-16 10:58:31 ----D---- C:\Program Files\trend micro
2013-03-16 10:58:19 ----D---- C:\Windows\Temp
2013-03-16 10:56:06 ----D---- C:\ProgramData\VideoViewer
2013-03-16 10:55:17 ----D---- C:\Users\Marek\AppData\Roaming\Skype
2013-03-16 10:55:04 ----D---- C:\Users\Marek\AppData\Roaming\DNA
2013-03-16 07:34:08 ----D---- C:\Windows\Tasks
2013-03-16 07:33:36 ----D---- C:\ProgramData\NVIDIA
2013-03-15 07:34:36 ----D---- C:\Windows\system32\Tasks
2013-03-14 16:42:10 ----D---- C:\Windows\System32
2013-03-14 16:42:10 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-03-14 16:42:09 ----D---- C:\Windows\inf
2013-03-14 07:25:47 ----D---- C:\Windows\system32\migration
2013-03-14 07:25:47 ----D---- C:\Program Files\Internet Explorer
2013-03-13 20:22:49 ----D---- C:\Windows\Debug
2013-03-13 20:22:46 ----A---- C:\Windows\system32\mrt.exe
2013-03-13 20:22:38 ----D---- C:\Windows\winsxs
2013-03-13 20:22:04 ----SHD---- C:\System Volume Information
2013-03-13 20:21:25 ----D---- C:\Windows\system32\drivers
2013-03-13 08:39:24 ----HD---- C:\ProgramData
2013-03-13 08:39:23 ----RD---- C:\Program Files
2013-03-13 08:23:05 ----D---- C:\Windows\system32\catroot
2013-03-13 08:23:04 ----D---- C:\Windows\system32\catroot2
2013-03-12 13:19:05 ----D---- C:\Windows
2013-03-12 13:12:03 ----SHD---- C:\$Recycle.Bin
2013-03-11 10:17:09 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2013-03-02 13:26:09 ----D---- C:\Windows\Prefetch
2013-02-28 12:15:55 ----SHD---- C:\Windows\Installer
2013-02-28 12:15:55 ----D---- C:\Program Files\Common Files\Java
2013-02-28 12:15:55 ----D---- C:\Config.Msi
2013-02-28 12:15:25 ----A---- C:\Windows\system32\npdeployJava1.dll
2013-02-28 12:15:25 ----A---- C:\Windows\system32\deployJava1.dll
2013-02-28 12:15:20 ----D---- C:\Program Files\Java
2013-02-25 16:00:06 ----RSD---- C:\Windows\assembly
2013-02-25 16:00:06 ----D---- C:\Windows\Microsoft.NET
2013-02-24 08:38:31 ----D---- C:\Program Files\Origin
2013-02-19 19:17:34 ----D---- C:\Program Files\CCleaner

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2012-07-18 137928]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2012-07-18 36000]
R1 prodrv06;StarForce Protection Environment Driver v6; C:\Windows\System32\drivers\prodrv06.sys [2004-08-09 53920]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2010-06-17 28520]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2012-07-18 83392]
R2 ISWKL;ZoneAlarm Toolbar ISWKL; \??\C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys [2011-11-03 27016]
R2 Vsdatant;Zone Alarm Firewall Driver; C:\Windows\system32\DRIVERS\vsdatant.sys [2011-05-07 451160]
R3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\system32\FsUsbExDisk.SYS [2013-02-05 37344]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HCW85BDA;Hauppauge WinTV 885 Video Capture; C:\Windows\system32\drivers\HCW85BDA.sys [2008-03-19 1176064]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-03-26 2103512]
R3 LgBttPort;LGE Bluetooth TransPort; C:\Windows\system32\DRIVERS\lgbtport.sys [2009-09-29 12160]
R3 lgbusenum;LG Bluetooth Bus Enumerator; C:\Windows\system32\DRIVERS\lgbtbus.sys [2009-09-29 10496]
R3 LGVMODEM;LGE Virtual Modem; C:\Windows\system32\DRIVERS\lgvmodem.sys [2009-09-29 12928]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2012-07-03 149352]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2012-10-02 10837352]
R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2008-08-25 47360]
R3 Ps2;PS2; C:\Windows\system32\DRIVERS\PS2.sys [2005-12-12 19072]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2007-10-03 99840]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]
S3 aikslg7d;aikslg7d; C:\Windows\system32\drivers\aikslg7d.sys []
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2013-01-31 83168]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]
S3 hidkmdf;Filter Driver Service for HID-KMDF Interface layer; C:\Windows\system32\DRIVERS\hidkmdf.sys [2012-02-15 9664]
S3 Lavasoft Kernexplorer;Lavasoft helper driver; \??\C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys [2011-02-04 15232]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 Ser2pl;Prolific2 Serial port driver; C:\Windows\system32\DRIVERS\ser2pl.sys [2005-11-04 48640]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-10-27 121064]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-10-27 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-10-27 136808]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-10-27 114280]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2013-01-31 181344]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys []
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
S3 vhidmini;VJoy Virtual Joystick; C:\Windows\system32\DRIVERS\vjoy.sys [2009-10-06 11168]
S3 vjoy;vJoy Device; C:\Windows\system32\DRIVERS\vjoy.sys [2009-10-06 11168]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192]
R2 AntiVirService;Avira Realtime Protection; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2012-07-18 110032]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2012-07-18 86224]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-08-13 144672]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2010-07-27 345376]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 FsUsbExService;FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [2013-02-05 233472]
R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2007-09-19 65536]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [2007-07-12 354840]
R2 IswSvc;ZoneAlarm Toolbar IswSvc; C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe [2011-11-03 497280]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2012-09-21 1737728]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; c:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-11-19 79136]
R2 NVSvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2012-10-02 645992]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-10-02 1258856]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2010-07-23 66872]
R2 PnkBstrB;PnkBstrB; C:\Windows\system32\PnkBstrB.exe [2010-07-23 107832]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-02 382824]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2009-12-18 1044808]
R2 vsmon;TrueVector Internet Monitor; C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe [2011-11-09 2420616]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2010-09-24 820008]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate1c98d36ee05a985;Služba Google Update (gupdate1c98d36ee05a985); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-02-12 133104]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-01-08 161536]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-02-12 133104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-26 65824]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-19 113120]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2007-03-26 292864]
S3 WPFFontCache_v0400;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]

-----------------EOF-----------------

Re: Prosím o kontrolu logu. Děkuji

Napsal: 17 bře 2013 15:58
od vyosek
:arrow: Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu
  • Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
  • Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

  • Kód: Vybrat vše

    :reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{2C688203-7EB3-4327-9995-1CB417BA23F9}"=-
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"=-
"GrooveMonitor"=C-
"HP Software Update"=-
"WinampAgent"=-
"QuickTime Task"=-
"iTunesHelper"=-
""=-
"Adobe ARM"=-
"SunJavaUpdateSched"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BitTorrent DNA"=-
"KiesPDLR"=-
"Skype"=-
"KiesPreload"=-
""=-

:files
C:\Windows\tasks\Ad-Aware Update (Weekly).job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\HP Photo Creations Messager.job
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]
[EMPTYJAVA]
  • Nasledne kliknete na Opravit
  • PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Re: Prosím o kontrolu logu. Děkuji

Napsal: 17 bře 2013 18:55
od daymaker
zde je, díky

All processes killed
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{2C688203-7EB3-4327-9995-1CB417BA23F9} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2C688203-7EB3-4327-9995-1CB417BA23F9}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NeroFilterCheck deleted successfully.
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\"GrooveMonitor"|C- /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HP Software Update deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\WinampAgent deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\iTunesHelper deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\BitTorrent DNA deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\KiesPDLR deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Skype deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\KiesPreload deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
========== FILES ==========
File\Folder C:\Windows\tasks\Ad-Aware Update (Weekly).job not found.
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Windows\tasks\HP Photo Creations Messager.job moved successfully.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
File move failed. C:\Windows\System32\drivers\etc\Hosts scheduled to be moved on reboot.
Error: Unble to create default HOSTS file!

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Marek
->Temp folder emptied: 414261758 bytes
->Temporary Internet Files folder emptied: 3944216 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 221633746 bytes
->Flash cache emptied: 1308 bytes

User: Public

User: UpdatusUser
->Temp folder emptied: 896376 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1141614 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 1673893069 bytes

Total Files Cleaned = 2 209,00 mb


[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Marek
->Flash cache emptied: 0 bytes

User: Public

User: UpdatusUser
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb


[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: Marek
->Java cache emptied: 0 bytes

User: Public

User: UpdatusUser

Total Java Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 03172013_184631

Files\Folders moved on Reboot...
File move failed. C:\Windows\System32\drivers\etc\Hosts scheduled to be moved on reboot.
C:\Users\Marek\AppData\Local\Temp\~DF4221.tmp moved successfully.
C:\Users\Marek\AppData\Local\Mozilla\Firefox\Profiles\nfq0j01v.default\startupCache\startupCache.4.little moved successfully.
C:\Users\Marek\AppData\Local\Mozilla\Firefox\Profiles\nfq0j01v.default\Cache\_CACHE_001_ moved successfully.
C:\Users\Marek\AppData\Local\Mozilla\Firefox\Profiles\nfq0j01v.default\Cache\_CACHE_002_ moved successfully.
C:\Users\Marek\AppData\Local\Mozilla\Firefox\Profiles\nfq0j01v.default\Cache\_CACHE_003_ moved successfully.
C:\Users\Marek\AppData\Local\Mozilla\Firefox\Profiles\nfq0j01v.default\Cache\_CACHE_MAP_ moved successfully.
C:\Users\Marek\AppData\Local\Mozilla\Firefox\Profiles\nfq0j01v.default\urlclassifier3.sqlite moved successfully.
File\Folder C:\Windows\temp\ZLT06c93.TMP not found!

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Re: Prosím o kontrolu logu. Děkuji

Napsal: 18 bře 2013 07:46
od vyosek
Tak jeste uklidime :James008:

:arrow: T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe
  • Stahnete a spustte
  • Pro potvrzeni volby mackejte A, Enter
  • Po pouziti utilitu smazte
  • Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)
:arrow: OTC http://oldtimer.geekstogo.com/OTC.exe
  • Stahnete a spustte
  • Kliknete na CleanUp a potvrdte YES
  • Program uklidi a restartuje PC

:arrow: TFC http://oldtimer.geekstogo.com/TFC.exe
  • Stahnete a spustte
  • Kliknete na Start a potvrdte OK
  • Program uklidi a restartuje pc
  • Po pouziti utilitu smazte
:arrow: Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič
  • Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
Panel registry
  • dejte Hledej problémy
  • nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
  • postup opakujte dokud nebude bez problemu - vetsinou cca 3x
Panel nástroje
  • Zde muzete odinstalovat nepotrebne programy
CCleaner doporucuji pouzivat cca jednou za tyden

:arrow: A pokud nejsou problemy ci dotazy, je to z me strany vse :|

Re: Prosím o kontrolu logu. Děkuji

Napsal: 18 bře 2013 09:12
od daymaker
super, díky moc... provedeno... snad to není sugesce, ale už teď mám pocit, že min. startup systému je rychlejší... vše provedeno, ccleaner používám pravidelně i několikrát týdně... ještě jednou díky!

Re: Prosím o kontrolu logu. Děkuji

Napsal: 18 bře 2013 17:08
od vyosek
Nemate zac, rad jsem pomohl :worship: Zase nekdy Obrázek

A na zaklade Pravidla o zamykani temat :lock:
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz