Přeji hezký den, rád bych si nechal zkontrolovat log, hlavně bych chtěl smazat s internetu exploreru mail.ru.....zde je můj log, prosím Vás, poraďtě mi co dál udělat, případně jaký program nainstalovat, děkuji
Logfile of random's system information tool 1.09 (written by random/random)
Run by Jirka at 2013-05-13 16:10:06
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 32 GB (50%) free of 65 GB
Total RAM: 1919 MB (44% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:10:10, on 13.5.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16476)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe
C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Users\Jirka\AppData\Roaming\DRPSu\DrvUpdater.exe
C:\Users\Jirka\AppData\Roaming\Google\Google Talk\googletalk.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\prevhost.exe
C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe
C:\PROGRA~1\MICROS~2\Office14\WINWORD.EXE
C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe
C:\Windows\helppane.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\Macromed\Flash\FlashUtil32_11_6_602_180_ActiveX.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Users\Jirka\Downloads\RSIT.exe
C:\Program Files\trend micro\Jirka.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Wajam IE BHO - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files\Wajam\IE\priam_bho.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [HControlUser] C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKCU\..\Run: [DrvUpdater] C:\Users\Jirka\AppData\Roaming\DRPSu\DrvUpdater.exe
O4 - HKCU\..\Run: [googletalk] C:\Users\Jirka\AppData\Roaming\Google\Google Talk\googletalk.exe /autostart
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file)
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file)
O9 - Extra button: &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - (no file)
O9 - Extra 'Tools' menuitem: &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - (no file)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com.tw/common/asusTek_sys_ctrl.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Syntek AVStream USB2.0 WebCam Service (StkSSrv) - Syntek America Inc. - C:\Windows\System32\StkCSrv.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe
O23 - Service: WajamUpdater - Wajam - C:\Program Files\Wajam\Updater\WajamUpdater.exe
--
End of file - 6243 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\AutoKMS.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\g84udhg2.default
prefs.js - "browser.startup.homepage" - "www.seznam.cz"
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.6.602.180 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.17.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\system32\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
StartWeb.xml
wikipedia-cz.xml
C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\g84udhg2.default\extensions\
ooa_7e@uui-nosze.com
sy3uv@iyoailck.net
{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\g84udhg2.default\searchplugins\
WebSearch.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 4171424]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-04-08 461216]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}]
Wajam - C:\Program Files\Wajam\IE\priam_bho.dll [2013-03-06 297056]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-04-08 170912]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HControlUser"=C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2013-01-27 947152]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-12-06 1029416]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DrvUpdater"=C:\Users\Jirka\AppData\Roaming\DRPSu\DrvUpdater.exe [2011-04-28 192856]
"googletalk"=C:\Users\Jirka\AppData\Roaming\Google\Google Talk\googletalk.exe [2007-01-01 3739648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SafeQ Client]
C:\Program Files\Y Soft\SafeQ Client\Client\SafeQ Client.exe [2012-07-20 259072]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2012-06-05 17344176]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SMSERIAL]
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [2012-02-03 1466368]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 4171424]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\accicons.exe]
"Debugger=""C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\excel.exe]
"Debugger=""C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\misc.exe]
"Debugger=""C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msaccess.exe]
"Debugger=""C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msoxmled.exe]
"Debugger=""C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ois.exe]
"Debugger=""C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\powerpnt.exe]
"Debugger=""C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pptico.exe]
"Debugger=""C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Winword.exe]
"Debugger=""C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2013-05-13 16:05:20 ----D---- C:\Program Files\trend micro
2013-05-13 16:05:19 ----D---- C:\rsit
2013-05-05 12:33:21 ----D---- C:\Program Files\Common Files\Adobe
2013-05-05 12:33:21 ----D---- C:\Program Files\Adobe
2013-04-24 03:42:41 ----A---- C:\Windows\system32\drivers\ntfs.sys
======List of files/folders modified in the last 1 month======
2013-05-13 16:09:31 ----D---- C:\Windows\Temp
2013-05-13 16:05:20 ----RD---- C:\Program Files
2013-05-13 15:41:54 ----D---- C:\Windows\system32\NDF
2013-05-13 15:24:00 ----D---- C:\Windows\system32\config
2013-05-13 15:09:19 ----D---- C:\Windows\tracing
2013-05-13 15:06:56 ----D---- C:\Windows\System32
2013-05-13 15:06:56 ----D---- C:\Windows\inf
2013-05-13 15:06:56 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-05-13 15:02:37 ----D---- C:\Windows\Tasks
2013-05-12 23:48:39 ----SHD---- C:\Windows\Installer
2013-05-12 23:48:39 ----D---- C:\Windows\system32\Tasks
2013-05-12 23:48:37 ----D---- C:\ProgramData\Skype
2013-05-12 23:48:06 ----SHD---- C:\System Volume Information
2013-05-12 23:32:15 ----D---- C:\Users\Jirka\AppData\Roaming\Skype
2013-05-10 15:26:49 ----D---- C:\Users\Jirka\AppData\Roaming\LangSoft
2013-05-10 00:02:58 ----D---- C:\Users\Jirka\AppData\Roaming\MiniLyrics
2013-05-09 22:12:29 ----D---- C:\Windows\system32\wdi
2013-05-07 17:01:14 ----D---- C:\Windows\system32\catroot2
2013-05-05 13:53:08 ----RSD---- C:\Windows\Fonts
2013-05-05 12:33:51 ----D---- C:\ProgramData\Adobe
2013-05-05 12:33:21 ----D---- C:\Program Files\Common Files
2013-05-02 17:28:50 ----N---- C:\Windows\system32\MpSigStub.exe
2013-04-27 21:19:27 ----D---- C:\Users\Jirka\AppData\Roaming\vlc
2013-04-24 14:22:38 ----D---- C:\Windows\winsxs
2013-04-24 14:21:17 ----D---- C:\Windows\system32\drivers
2013-04-24 03:41:08 ----D---- C:\Windows\system32\catroot
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2013-01-20 195296]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 ISODrive;ISO DVD/CD-ROM Device Driver; \??\C:\Program Files\UltraISO\drivers\ISODrive.sys [2010-01-29 82320]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2013-01-20 100328]
R2 RMCAST;@%SystemRoot%\system32\wshrm.dll,-102; C:\Windows\system32\DRIVERS\RMCAST.sys [2010-11-20 117760]
R3 Atc002;NDIS Miniport Driver for Atheros L2 Fast Ethernet Controller; C:\Windows\system32\DRIVERS\l260x86.sys [2009-07-14 29184]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2011-03-07 1801216]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-12-01 4179968]
R3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 13880]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATKACPI.sys [2007-07-31 7680]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2012-02-03 197224]
R3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2012-02-03 1095808]
R3 StkCMini;Syntek AVStream USB2.0 1.3M WebCam; C:\Windows\System32\Drivers\StkCMini.sys [2007-06-06 1260672]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-12-06 196400]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys [2012-08-29 10088]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2011-05-13 30312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 pwdrvio;pwdrvio; \??\C:\Windows\system32\pwdrvio.sys [2012-06-18 15576]
S3 pwdspio;pwdspio; \??\C:\Windows\system32\pwdspio.sys [2012-06-18 10200]
S3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-12-01 4179968]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 15872]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-05-13 121064]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 136808]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-05-13 114280]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 usb_rndisx;USB RNDIS Adapter; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 15872]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-09-23 65192]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2008-12-01 720896]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-01-27 20456]
R2 StkSSrv;Syntek AVStream USB2.0 WebCam Service; C:\Windows\System32\StkCSrv.exe [2007-04-19 24576]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe [2012-09-19 1699168]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 WajamUpdater;WajamUpdater; C:\Program Files\Wajam\Updater\WajamUpdater.exe [2012-07-26 109064]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-01-27 295232]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-06-05 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-14 253656]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2012-09-20 30785672]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-04-12 115608]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-05-20 1343400]
S4 ASLDRService;ASLDR Service; C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe [2009-06-15 84536]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosil bych o kontrolu logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosil bych o kontrolu logu
Zdravim 
Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
- Ulozte nejlepe na plochu
- Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
- Probehne vytvoreni zalohy a nasledne prohledavani
- Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
- Ulozte nejlepe na plochu
- Ukoncete vsechny programy
- Kliknete na Prohledat
- Probehne skenovani a pak se objevi log, pripadne bude ulozen na systemovem disku jako AdwCleaner[R?].txt, ten sem vlozte
Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
- Ukoncete vsechny programy
- Pokud pouzivate Win Vista ci W7, kliknete na RogueKiller pravym a dejte Run As Administrator ci Spustit jako spravce
- Pockejte na dokonceni PreScanu
- Zvolte moznost Prohledat (scan)
- Po dokonceni skenu kliknete na Zpráva (Report)- otevre se log, ten sem vlozte
- Detailni postup vc. obrazku mate zde http://forum.viry.cz/viewtopic.php?f=24&t=120452
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: Prosil bych o kontrolu logu
Děkuji, tady jsou všechny tři logy
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Windows 7 Ultimate x86
Ran by Jirka on po 13.05.2013 at 17:23:19,87
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
Successfully stopped: [Service] wajamupdater
Successfully deleted: [Service] wajamupdater
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\systweak
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\wajam
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\wajam
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\yourfiledownloader
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\Software\smartbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\priam_bho.dll
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wajam.wajambho
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wajam.wajambho.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wajam.wajamdownloader
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wajam.wajamdownloader.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\wajam_install_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\wajam_install_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\wajamupdater_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\wajamupdater_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
~~~ Files
Successfully deleted: [File] "C:\Windows\system32\roboot.exe"
Successfully deleted: [File] "C:\Windows\system32\turegopt.exe"
Successfully deleted: [File] "C:\end"
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\iminent"
Successfully deleted: [Folder] "C:\ProgramData\installmate"
Successfully deleted: [Folder] "C:\ProgramData\softsafe"
Successfully deleted: [Folder] "C:\Users\Jirka\AppData\Roaming\iminent"
Successfully deleted: [Folder] "C:\Users\Jirka\AppData\Roaming\systweak"
Successfully deleted: [Folder] "C:\Users\Jirka\AppData\Roaming\yourfiledownloader"
Successfully deleted: [Folder] "C:\Program Files\iminent"
Successfully deleted: [Folder] "C:\Program Files\iminent toolbar"
Successfully deleted: [Folder] "C:\Program Files\wajam"
Successfully deleted: [Folder] "C:\Program Files\websearch"
Successfully deleted: [Folder] "C:\Users\Jirka\AppData\Roaming\microsoft\windows\start menu\programs\wajam"
~~~ FireFox
Successfully deleted: [File] C:\Users\Jirka\AppData\Roaming\mozilla\firefox\profiles\g84udhg2.default\user.js
Successfully deleted: [File] C:\Users\Jirka\AppData\Roaming\mozilla\firefox\profiles\g84udhg2.default\searchplugins\websearch.xml
Successfully deleted the following from C:\Users\Jirka\AppData\Roaming\mozilla\firefox\profiles\g84udhg2.default\prefs.js
user_pref("extensions.wajam.affiliate_id", "6457");
user_pref("extensions.wajam.firstrun", "false");
user_pref("extensions.wajam.log_send_info", "false");
user_pref("extensions.wajam.mappingListJsonString", "{\"version\":\"0.21086\",\"supported_sites\":{\"google\":{\"patterns\":[\"^hxxp\\\\:\\/\\/www\\\\.google\\\\..{2,3}(|\\\\\
user_pref("extensions.wajam.no_trace", "false");
user_pref("extensions.wajam.server_current_mapping_version", "0.21086");
user_pref("extensions.wajam.supported_sites.encryptedgoogle.wajam_google_js", "try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM
user_pref("extensions.wajam.supported_sites.google.wajam_google_se_js", "try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_L
user_pref("extensions.wajam.supported_sites.imdb.wajam_se_js", "try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_LABEL_NAME
user_pref("extensions.wajam.supported_sites.wikipedia.wajam_se_js", "try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_LABEL
user_pref("extensions.wajam.supported_sites.youtubesearch.wajam_se_js", "try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_L
user_pref("extensions.wajam.trace_log", "1365960095779 - onFlagInfoReceived - Server mapping version: 0.21086\n1365960095780 - onFlagInfoReceived - Server mapping version (cli
user_pref("extensions.wajam.unique_id", "9E03DE7BA74B4D832D53F45FAC6A36C5");
user_pref("extensions.wajam.user_current_mapping_version", "0");
user_pref("extensions.wajam.version", "1.26");
user_pref("extensions.wajam.website_version", "1.00267.0");
Emptied folder: C:\Users\Jirka\AppData\Roaming\mozilla\firefox\profiles\g84udhg2.default\minidumps [202 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on po 13.05.2013 at 17:25:30,37
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# AdwCleaner v2.300 - Logfile created 05/13/2013 at 17:27:34
# Updated 28/04/2013 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (32 bits)
# User : Jirka - JIRKA-PC
# Boot Mode : Normal
# Running from : C:\Users\Jirka\Downloads\adwcleaner.exe
# Option [Search]
***** [Services] *****
***** [Files / Folders] *****
File Found : C:\Program Files\Mozilla Firefox\searchplugins\StartWeb.xml
Folder Found : C:\Users\Jirka\AppData\Local\PackageAware
Folder Found : C:\Users\Jirka\AppData\Local\Temp\Iminent
***** [Registry] *****
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Found : HKLM\SOFTWARE\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}
Key Found : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5D64294B-1341-4FE7-B6D8-7C36828D4DD5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Key Found : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wajam
Key Found : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater
Value Found : HKCU\Software\Mozilla\Firefox\Extensions [{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}]
***** [Internet Browsers] *****
-\\ Internet Explorer v9.0.8112.16476
[OK] Registry is clean.
-\\ Mozilla Firefox v20.0.1 (cs)
File : C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\g84udhg2.default\prefs.js
Found : user_pref("extensions.wajam.mappingListJsonString", "{\"version\":\"0.21086\",\"supported_sites\":{\[...]
Found : user_pref("extensions.wajam.supported_sites.encryptedgoogle.wajam_google_js", "try {window['APP_LABE[...]
Found : user_pref("extensions.wajam.supported_sites.google.wajam_google_se_js", "try {window['APP_LABEL_NAME[...]
Found : user_pref("extensions.wajam.supported_sites.imdb.wajam_se_js", "try {window['APP_LABEL_NAME'] = 'waj[...]
Found : user_pref("extensions.wajam.supported_sites.wikipedia.wajam_se_js", "try {window['APP_LABEL_NAME'] =[...]
Found : user_pref("extensions.wajam.supported_sites.youtubesearch.wajam_se_js", "try {window['APP_LABEL_NAME[...]
Found : user_pref("extensions.wajam.trace_log", "1365960095779 - onFlagInfoReceived - Server mapping version[...]
-\\ Google Chrome v [Unable to get version]
File : C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Preferences
Found [l.246] : homepage = "hxxp://websearch.pu-results.info/?pid=708&r=2013/04/03&hid=469812558&lg=EN&cc=IT",
*************************
AdwCleaner[R1].txt - [3141 octets] - [13/05/2013 17:27:05]
AdwCleaner[R2].txt - [3072 octets] - [13/05/2013 17:27:34]
########## EOF - C:\AdwCleaner[R2].txt - [3132 octets] ##########
RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo.com/forum/files/fi ... guekiller/
Website : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/
Operating System : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Started in : Normal mode
User : Jirka [Admin rights]
Mode : Scan -- Date : 05/13/2013 17:33:57
| ARK || FAK || MBR |
¤¤¤ Bad processes : 1 ¤¤¤
[SUSP PATH] DrvUpdater.exe -- C:\Users\Jirka\AppData\Roaming\DRPSu\DrvUpdater.exe [7] -> KILLED [TermProc]
¤¤¤ Registry Entries : 6 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : DrvUpdater (C:\Users\Jirka\AppData\Roaming\DRPSu\DrvUpdater.exe) [7] -> FOUND
[RUN][SUSP PATH] HKUS\S-1-5-21-442309386-900267318-3414561060-1000[...]\Run : DrvUpdater (C:\Users\Jirka\AppData\Roaming\DRPSu\DrvUpdater.exe) [7] -> FOUND
[HJPOL] HKCU\[...]\System : DisableTaskMgr (0) -> FOUND
[HJPOL] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
¤¤¤ Particular Files / Folders: ¤¤¤
¤¤¤ Driver : [LOADED] ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts
¤¤¤ MBR Check: ¤¤¤
+++++ PhysicalDrive0: WDC WD1600BEVS-22RST0 ATA Device +++++
--- User ---
[MBR] ec2eb0d769aff1387bdc4f51f1e6f8d6
[BSP] 68d4a9c11b7634b8c90f00d29ae1637e : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 64903 Mo
1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 132921810 | Size: 87714 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Finished : << RKreport[1]_S_05132013_02d1733.txt >>
RKreport[1]_S_05132013_02d1733.txt
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Windows 7 Ultimate x86
Ran by Jirka on po 13.05.2013 at 17:23:19,87
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
Successfully stopped: [Service] wajamupdater
Successfully deleted: [Service] wajamupdater
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\systweak
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\wajam
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\wajam
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\yourfiledownloader
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\Software\smartbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\priam_bho.dll
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wajam.wajambho
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wajam.wajambho.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wajam.wajamdownloader
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wajam.wajamdownloader.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\wajam_install_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\wajam_install_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\wajamupdater_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\wajamupdater_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
~~~ Files
Successfully deleted: [File] "C:\Windows\system32\roboot.exe"
Successfully deleted: [File] "C:\Windows\system32\turegopt.exe"
Successfully deleted: [File] "C:\end"
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\iminent"
Successfully deleted: [Folder] "C:\ProgramData\installmate"
Successfully deleted: [Folder] "C:\ProgramData\softsafe"
Successfully deleted: [Folder] "C:\Users\Jirka\AppData\Roaming\iminent"
Successfully deleted: [Folder] "C:\Users\Jirka\AppData\Roaming\systweak"
Successfully deleted: [Folder] "C:\Users\Jirka\AppData\Roaming\yourfiledownloader"
Successfully deleted: [Folder] "C:\Program Files\iminent"
Successfully deleted: [Folder] "C:\Program Files\iminent toolbar"
Successfully deleted: [Folder] "C:\Program Files\wajam"
Successfully deleted: [Folder] "C:\Program Files\websearch"
Successfully deleted: [Folder] "C:\Users\Jirka\AppData\Roaming\microsoft\windows\start menu\programs\wajam"
~~~ FireFox
Successfully deleted: [File] C:\Users\Jirka\AppData\Roaming\mozilla\firefox\profiles\g84udhg2.default\user.js
Successfully deleted: [File] C:\Users\Jirka\AppData\Roaming\mozilla\firefox\profiles\g84udhg2.default\searchplugins\websearch.xml
Successfully deleted the following from C:\Users\Jirka\AppData\Roaming\mozilla\firefox\profiles\g84udhg2.default\prefs.js
user_pref("extensions.wajam.affiliate_id", "6457");
user_pref("extensions.wajam.firstrun", "false");
user_pref("extensions.wajam.log_send_info", "false");
user_pref("extensions.wajam.mappingListJsonString", "{\"version\":\"0.21086\",\"supported_sites\":{\"google\":{\"patterns\":[\"^hxxp\\\\:\\/\\/www\\\\.google\\\\..{2,3}(|\\\\\
user_pref("extensions.wajam.no_trace", "false");
user_pref("extensions.wajam.server_current_mapping_version", "0.21086");
user_pref("extensions.wajam.supported_sites.encryptedgoogle.wajam_google_js", "try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM
user_pref("extensions.wajam.supported_sites.google.wajam_google_se_js", "try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_L
user_pref("extensions.wajam.supported_sites.imdb.wajam_se_js", "try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_LABEL_NAME
user_pref("extensions.wajam.supported_sites.wikipedia.wajam_se_js", "try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_LABEL
user_pref("extensions.wajam.supported_sites.youtubesearch.wajam_se_js", "try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_L
user_pref("extensions.wajam.trace_log", "1365960095779 - onFlagInfoReceived - Server mapping version: 0.21086\n1365960095780 - onFlagInfoReceived - Server mapping version (cli
user_pref("extensions.wajam.unique_id", "9E03DE7BA74B4D832D53F45FAC6A36C5");
user_pref("extensions.wajam.user_current_mapping_version", "0");
user_pref("extensions.wajam.version", "1.26");
user_pref("extensions.wajam.website_version", "1.00267.0");
Emptied folder: C:\Users\Jirka\AppData\Roaming\mozilla\firefox\profiles\g84udhg2.default\minidumps [202 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on po 13.05.2013 at 17:25:30,37
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# AdwCleaner v2.300 - Logfile created 05/13/2013 at 17:27:34
# Updated 28/04/2013 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (32 bits)
# User : Jirka - JIRKA-PC
# Boot Mode : Normal
# Running from : C:\Users\Jirka\Downloads\adwcleaner.exe
# Option [Search]
***** [Services] *****
***** [Files / Folders] *****
File Found : C:\Program Files\Mozilla Firefox\searchplugins\StartWeb.xml
Folder Found : C:\Users\Jirka\AppData\Local\PackageAware
Folder Found : C:\Users\Jirka\AppData\Local\Temp\Iminent
***** [Registry] *****
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Found : HKLM\SOFTWARE\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}
Key Found : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5D64294B-1341-4FE7-B6D8-7C36828D4DD5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Key Found : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wajam
Key Found : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater
Value Found : HKCU\Software\Mozilla\Firefox\Extensions [{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}]
***** [Internet Browsers] *****
-\\ Internet Explorer v9.0.8112.16476
[OK] Registry is clean.
-\\ Mozilla Firefox v20.0.1 (cs)
File : C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\g84udhg2.default\prefs.js
Found : user_pref("extensions.wajam.mappingListJsonString", "{\"version\":\"0.21086\",\"supported_sites\":{\[...]
Found : user_pref("extensions.wajam.supported_sites.encryptedgoogle.wajam_google_js", "try {window['APP_LABE[...]
Found : user_pref("extensions.wajam.supported_sites.google.wajam_google_se_js", "try {window['APP_LABEL_NAME[...]
Found : user_pref("extensions.wajam.supported_sites.imdb.wajam_se_js", "try {window['APP_LABEL_NAME'] = 'waj[...]
Found : user_pref("extensions.wajam.supported_sites.wikipedia.wajam_se_js", "try {window['APP_LABEL_NAME'] =[...]
Found : user_pref("extensions.wajam.supported_sites.youtubesearch.wajam_se_js", "try {window['APP_LABEL_NAME[...]
Found : user_pref("extensions.wajam.trace_log", "1365960095779 - onFlagInfoReceived - Server mapping version[...]
-\\ Google Chrome v [Unable to get version]
File : C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Preferences
Found [l.246] : homepage = "hxxp://websearch.pu-results.info/?pid=708&r=2013/04/03&hid=469812558&lg=EN&cc=IT",
*************************
AdwCleaner[R1].txt - [3141 octets] - [13/05/2013 17:27:05]
AdwCleaner[R2].txt - [3072 octets] - [13/05/2013 17:27:34]
########## EOF - C:\AdwCleaner[R2].txt - [3132 octets] ##########
RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo.com/forum/files/fi ... guekiller/
Website : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/
Operating System : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Started in : Normal mode
User : Jirka [Admin rights]
Mode : Scan -- Date : 05/13/2013 17:33:57
| ARK || FAK || MBR |
¤¤¤ Bad processes : 1 ¤¤¤
[SUSP PATH] DrvUpdater.exe -- C:\Users\Jirka\AppData\Roaming\DRPSu\DrvUpdater.exe [7] -> KILLED [TermProc]
¤¤¤ Registry Entries : 6 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : DrvUpdater (C:\Users\Jirka\AppData\Roaming\DRPSu\DrvUpdater.exe) [7] -> FOUND
[RUN][SUSP PATH] HKUS\S-1-5-21-442309386-900267318-3414561060-1000[...]\Run : DrvUpdater (C:\Users\Jirka\AppData\Roaming\DRPSu\DrvUpdater.exe) [7] -> FOUND
[HJPOL] HKCU\[...]\System : DisableTaskMgr (0) -> FOUND
[HJPOL] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
¤¤¤ Particular Files / Folders: ¤¤¤
¤¤¤ Driver : [LOADED] ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts
¤¤¤ MBR Check: ¤¤¤
+++++ PhysicalDrive0: WDC WD1600BEVS-22RST0 ATA Device +++++
--- User ---
[MBR] ec2eb0d769aff1387bdc4f51f1e6f8d6
[BSP] 68d4a9c11b7634b8c90f00d29ae1637e : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 64903 Mo
1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 132921810 | Size: 87714 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Finished : << RKreport[1]_S_05132013_02d1733.txt >>
RKreport[1]_S_05132013_02d1733.txt
Re: Prosil bych o kontrolu logu
Spustte znovu RogueKiller
- Pokud pouzivate Win Vista ci W7, kliknete na RogueKiller pravym a dejte Run As Administrator ci Spustit jako spravce
- Zvolte moznost Prohledat a pote Smazat a nasledne Zprava - otevre se log, ten sem vlozte
- Pak kliknete na Oprava Host a Zprava - otevre se log, ten sem vlozte
Spustte znovu AdwCleaner
- Pokud pouzivate Win Vista ci W7, kliknete na AdwCleaner pravym a dejte Run As Administrator ci Spustit jako spravce
- Kliknete na Smazat
- PC provede opravu, restartuje se a da Vam log (C:\AdwCleaner [S1].txt) , jeho obsah vlozte sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosil bych o kontrolu logu
omlouvám se, ale u RogueKilleru jsem zapomněl uložit log, před Oprava Host(ale to už jsem posílal před tím, viz nahoře),,,takže tady je Oprava Host
RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/
Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno v : Normální režim
Uživatel : Jirka [Práva správce]
Mód : Oprava HOSTS -- Datum : 05/13/2013 21:37:31
| ARK || FAK || MBR |
¤¤¤ Škodlivé procesy: : 0 ¤¤¤
¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤
¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost
¤¤¤ Resetovaný HOSTS: ¤¤¤
127.0.0.1 localhost
Dokončeno : << RKreport[6]_H_05132013_02d2137.txt >>
RKreport[1]_S_05132013_02d1733.txt ; RKreport[2]_S_05132013_02d1801.txt ; RKreport[3]_D_05132013_02d1817.txt ; RKreport[4]_H_05132013_02d1817.txt ; RKreport[5]_S_05132013_02d2048.txt ;
RKreport[6]_H_05132013_02d2137.txt
dále posílám Adw cleaner, před vymazáním
# AdwCleaner v2.300 - Logfile created 05/13/2013 at 21:42:22
# Updated 28/04/2013 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (32 bits)
# User : Jirka - JIRKA-PC
# Boot Mode : Normal
# Running from : C:\Users\Jirka\Downloads\adwcleaner.exe
# Option [Search]
***** [Services] *****
***** [Files / Folders] *****
File Found : C:\Program Files\Mozilla Firefox\searchplugins\StartWeb.xml
Folder Found : C:\Users\Jirka\AppData\Local\PackageAware
Folder Found : C:\Users\Jirka\AppData\Local\Temp\Iminent
***** [Registry] *****
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Found : HKLM\SOFTWARE\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}
Key Found : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5D64294B-1341-4FE7-B6D8-7C36828D4DD5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Key Found : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wajam
Key Found : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater
Value Found : HKCU\Software\Mozilla\Firefox\Extensions [{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}]
***** [Internet Browsers] *****
-\\ Internet Explorer v9.0.8112.16476
[OK] Registry is clean.
-\\ Mozilla Firefox v20.0.1 (cs)
File : C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\g84udhg2.default\prefs.js
Found : user_pref("extensions.wajam.mappingListJsonString", "{\"version\":\"0.21086\",\"supported_sites\":{\[...]
Found : user_pref("extensions.wajam.supported_sites.encryptedgoogle.wajam_google_js", "try {window['APP_LABE[...]
Found : user_pref("extensions.wajam.supported_sites.google.wajam_google_se_js", "try {window['APP_LABEL_NAME[...]
Found : user_pref("extensions.wajam.supported_sites.imdb.wajam_se_js", "try {window['APP_LABEL_NAME'] = 'waj[...]
Found : user_pref("extensions.wajam.supported_sites.wikipedia.wajam_se_js", "try {window['APP_LABEL_NAME'] =[...]
Found : user_pref("extensions.wajam.supported_sites.youtubesearch.wajam_se_js", "try {window['APP_LABEL_NAME[...]
Found : user_pref("extensions.wajam.trace_log", "1365960095779 - onFlagInfoReceived - Server mapping version[...]
-\\ Google Chrome v [Unable to get version]
File : C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Preferences
Found [l.246] : homepage = "hxxp://websearch.pu-results.info/?pid=708&r=2013/04/03&hid=469812558&lg=EN&cc=IT",
*************************
AdwCleaner[R1].txt - [3141 octets] - [13/05/2013 17:27:05]
AdwCleaner[R2].txt - [3201 octets] - [13/05/2013 17:27:34]
AdwCleaner[R3].txt - [3132 octets] - [13/05/2013 21:42:22]
########## EOF - C:\AdwCleaner[R3].txt - [3192 octets] ##########
RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/
Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno v : Normální režim
Uživatel : Jirka [Práva správce]
Mód : Oprava HOSTS -- Datum : 05/13/2013 21:37:31
| ARK || FAK || MBR |
¤¤¤ Škodlivé procesy: : 0 ¤¤¤
¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤
¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost
¤¤¤ Resetovaný HOSTS: ¤¤¤
127.0.0.1 localhost
Dokončeno : << RKreport[6]_H_05132013_02d2137.txt >>
RKreport[1]_S_05132013_02d1733.txt ; RKreport[2]_S_05132013_02d1801.txt ; RKreport[3]_D_05132013_02d1817.txt ; RKreport[4]_H_05132013_02d1817.txt ; RKreport[5]_S_05132013_02d2048.txt ;
RKreport[6]_H_05132013_02d2137.txt
dále posílám Adw cleaner, před vymazáním
# AdwCleaner v2.300 - Logfile created 05/13/2013 at 21:42:22
# Updated 28/04/2013 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (32 bits)
# User : Jirka - JIRKA-PC
# Boot Mode : Normal
# Running from : C:\Users\Jirka\Downloads\adwcleaner.exe
# Option [Search]
***** [Services] *****
***** [Files / Folders] *****
File Found : C:\Program Files\Mozilla Firefox\searchplugins\StartWeb.xml
Folder Found : C:\Users\Jirka\AppData\Local\PackageAware
Folder Found : C:\Users\Jirka\AppData\Local\Temp\Iminent
***** [Registry] *****
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Found : HKLM\SOFTWARE\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}
Key Found : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5D64294B-1341-4FE7-B6D8-7C36828D4DD5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Key Found : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wajam
Key Found : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater
Value Found : HKCU\Software\Mozilla\Firefox\Extensions [{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}]
***** [Internet Browsers] *****
-\\ Internet Explorer v9.0.8112.16476
[OK] Registry is clean.
-\\ Mozilla Firefox v20.0.1 (cs)
File : C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\g84udhg2.default\prefs.js
Found : user_pref("extensions.wajam.mappingListJsonString", "{\"version\":\"0.21086\",\"supported_sites\":{\[...]
Found : user_pref("extensions.wajam.supported_sites.encryptedgoogle.wajam_google_js", "try {window['APP_LABE[...]
Found : user_pref("extensions.wajam.supported_sites.google.wajam_google_se_js", "try {window['APP_LABEL_NAME[...]
Found : user_pref("extensions.wajam.supported_sites.imdb.wajam_se_js", "try {window['APP_LABEL_NAME'] = 'waj[...]
Found : user_pref("extensions.wajam.supported_sites.wikipedia.wajam_se_js", "try {window['APP_LABEL_NAME'] =[...]
Found : user_pref("extensions.wajam.supported_sites.youtubesearch.wajam_se_js", "try {window['APP_LABEL_NAME[...]
Found : user_pref("extensions.wajam.trace_log", "1365960095779 - onFlagInfoReceived - Server mapping version[...]
-\\ Google Chrome v [Unable to get version]
File : C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Preferences
Found [l.246] : homepage = "hxxp://websearch.pu-results.info/?pid=708&r=2013/04/03&hid=469812558&lg=EN&cc=IT",
*************************
AdwCleaner[R1].txt - [3141 octets] - [13/05/2013 17:27:05]
AdwCleaner[R2].txt - [3201 octets] - [13/05/2013 17:27:34]
AdwCleaner[R3].txt - [3132 octets] - [13/05/2013 21:42:22]
########## EOF - C:\AdwCleaner[R3].txt - [3192 octets] ##########
Re: Prosil bych o kontrolu logu
na závěr ADW cleaner po vymazání
# AdwCleaner v2.300 - Logfile created 05/13/2013 at 21:47:35
# Updated 28/04/2013 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (32 bits)
# User : Jirka - JIRKA-PC
# Boot Mode : Normal
# Running from : C:\Users\Jirka\Downloads\adwcleaner.exe
# Option [Delete]
***** [Services] *****
***** [Files / Folders] *****
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\StartWeb.xml
Folder Deleted : C:\Users\Jirka\AppData\Local\PackageAware
Folder Deleted : C:\Users\Jirka\AppData\Local\Temp\Iminent
***** [Registry] *****
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5D64294B-1341-4FE7-B6D8-7C36828D4DD5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wajam
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater
Value Deleted : HKCU\Software\Mozilla\Firefox\Extensions [{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}]
***** [Internet Browsers] *****
-\\ Internet Explorer v9.0.8112.16476
[OK] Registry is clean.
-\\ Mozilla Firefox v20.0.1 (cs)
File : C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\g84udhg2.default\prefs.js
Deleted : user_pref("extensions.wajam.mappingListJsonString", "{\"version\":\"0.21086\",\"supported_sites\":{\[...]
Deleted : user_pref("extensions.wajam.supported_sites.encryptedgoogle.wajam_google_js", "try {window['APP_LABE[...]
Deleted : user_pref("extensions.wajam.supported_sites.google.wajam_google_se_js", "try {window['APP_LABEL_NAME[...]
Deleted : user_pref("extensions.wajam.supported_sites.imdb.wajam_se_js", "try {window['APP_LABEL_NAME'] = 'waj[...]
Deleted : user_pref("extensions.wajam.supported_sites.wikipedia.wajam_se_js", "try {window['APP_LABEL_NAME'] =[...]
Deleted : user_pref("extensions.wajam.supported_sites.youtubesearch.wajam_se_js", "try {window['APP_LABEL_NAME[...]
Deleted : user_pref("extensions.wajam.trace_log", "1365960095779 - onFlagInfoReceived - Server mapping version[...]
-\\ Google Chrome v [Unable to get version]
File : C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Preferences
Deleted [l.246] : homepage = "hxxp://websearch.pu-results.info/?pid=708&r=2013/04/03&hid=469812558&lg=EN&cc=IT",
*************************
AdwCleaner[R1].txt - [3141 octets] - [13/05/2013 17:27:05]
AdwCleaner[R2].txt - [3201 octets] - [13/05/2013 17:27:34]
AdwCleaner[R3].txt - [3261 octets] - [13/05/2013 21:42:22]
AdwCleaner[R4].txt - [3321 octets] - [13/05/2013 21:43:53]
AdwCleaner[R5].txt - [3440 octets] - [13/05/2013 21:47:23]
AdwCleaner[S1].txt - [316 octets] - [13/05/2013 21:44:06]
AdwCleaner[S2].txt - [3419 octets] - [13/05/2013 21:47:35]
########## EOF - C:\AdwCleaner[S2].txt - [3479 octets] ##########
# AdwCleaner v2.300 - Logfile created 05/13/2013 at 21:47:35
# Updated 28/04/2013 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (32 bits)
# User : Jirka - JIRKA-PC
# Boot Mode : Normal
# Running from : C:\Users\Jirka\Downloads\adwcleaner.exe
# Option [Delete]
***** [Services] *****
***** [Files / Folders] *****
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\StartWeb.xml
Folder Deleted : C:\Users\Jirka\AppData\Local\PackageAware
Folder Deleted : C:\Users\Jirka\AppData\Local\Temp\Iminent
***** [Registry] *****
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5D64294B-1341-4FE7-B6D8-7C36828D4DD5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wajam
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater
Value Deleted : HKCU\Software\Mozilla\Firefox\Extensions [{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}]
***** [Internet Browsers] *****
-\\ Internet Explorer v9.0.8112.16476
[OK] Registry is clean.
-\\ Mozilla Firefox v20.0.1 (cs)
File : C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\g84udhg2.default\prefs.js
Deleted : user_pref("extensions.wajam.mappingListJsonString", "{\"version\":\"0.21086\",\"supported_sites\":{\[...]
Deleted : user_pref("extensions.wajam.supported_sites.encryptedgoogle.wajam_google_js", "try {window['APP_LABE[...]
Deleted : user_pref("extensions.wajam.supported_sites.google.wajam_google_se_js", "try {window['APP_LABEL_NAME[...]
Deleted : user_pref("extensions.wajam.supported_sites.imdb.wajam_se_js", "try {window['APP_LABEL_NAME'] = 'waj[...]
Deleted : user_pref("extensions.wajam.supported_sites.wikipedia.wajam_se_js", "try {window['APP_LABEL_NAME'] =[...]
Deleted : user_pref("extensions.wajam.supported_sites.youtubesearch.wajam_se_js", "try {window['APP_LABEL_NAME[...]
Deleted : user_pref("extensions.wajam.trace_log", "1365960095779 - onFlagInfoReceived - Server mapping version[...]
-\\ Google Chrome v [Unable to get version]
File : C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Preferences
Deleted [l.246] : homepage = "hxxp://websearch.pu-results.info/?pid=708&r=2013/04/03&hid=469812558&lg=EN&cc=IT",
*************************
AdwCleaner[R1].txt - [3141 octets] - [13/05/2013 17:27:05]
AdwCleaner[R2].txt - [3201 octets] - [13/05/2013 17:27:34]
AdwCleaner[R3].txt - [3261 octets] - [13/05/2013 21:42:22]
AdwCleaner[R4].txt - [3321 octets] - [13/05/2013 21:43:53]
AdwCleaner[R5].txt - [3440 octets] - [13/05/2013 21:47:23]
AdwCleaner[S1].txt - [316 octets] - [13/05/2013 21:44:06]
AdwCleaner[S2].txt - [3419 octets] - [13/05/2013 21:47:35]
########## EOF - C:\AdwCleaner[S2].txt - [3479 octets] ##########
Re: Prosil bych o kontrolu logu
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu
- Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
- Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
- Zaskrtnete okenko Pro vsechny uzivatele
- Zaskrtnete okenko Kontrola na havet "LOP"
- Zaskrtnete okenko Kontrola na havet "Purity"
- Stari souboru zmente z 30 dnu na 7 dnu
- Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize
Kód: Vybrat vše
CREATERESTOREPOINT netsvcs drivers32 savembr:0 /md5start atapi.sys autochk.exe cdrom.sys explorer.exe hal.dll scecli.dll services.exe svchost.exe tcpip.sys userinit.exe winlogon.exe /md5stop %systemroot%*.* /U /s %SYSTEMDRIVE%\*.exe %ALLUSERSPROFILE%\Application Data\*. %ALLUSERSPROFILE%\Application Data\*.exe /s %APPDATA%\*. %APPDATA%\*.exe /s %systemroot%\*. /mp /s %systemroot%\system32\*.dll /lockedfiles %systemroot%\Tasks\*.job %systemroot%\system32\drivers\*.sys /lockedfiles %systemroot%\System32\config\*.sav %systemroot%\system32\*.dll /lockedfiles %systemroot%\system32\drivers\*.sys /3 %systemroot%\system32\*.* /3 %SYSTEMDRIVE%\*.exe HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 %PROGRAMFILES%\Opera\opera.exe /md5 %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 %SystemDrive%\PhysicalMBR.bin /md5 *crack* /s *keygen* /s *loader* /s- Kliknete na tlacitko Prohledat
- Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
- Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.
Přispějete na provoz fóra?