VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Prosím o kontrolu PC

https://forum.viry.cz:443/viewtopic.php?t=132216

Stránka 1 z 1

Prosím o kontrolu PC

Napsal: 20 srp 2013 11:09
od zlochar
Ve slozce windows se objevila slozka "winsxs",kdy jeji velikost neumerne roste a vzdy je trochu jina. Od nejakych 10GB az po 20 GB, kdy je disk skoro plny.
Cim to muze byt? Dekuji.

Logfile of random's system information tool 1.09 (written by random/random)
Run by modl at 2013-08-20 11:55:25
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 6 GB (8%) free of 80 GB
Total RAM: 4008 MB (60% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:55:30, on 20.8.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16660)
Boot mode: Normal

Running processes:
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
C:\Program Files (x86)\Samsung\Easy Printer Manager\ScrPrint.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\modl.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [ApnTBMon] "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Ask Update Service (APNMCP) - APN LLC. - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Inkjet Printer/Scanner Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7597 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe"
"taskhost.exe"
"C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 1488
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-4354c48a-1c62-4e3f-878d-6108d2caac55 -SystemEventPortName:HostProcess-077ea17f-c0c8-43fc-a106-ebc400167b21 -IoCancelEventPortName:HostProcess-8f258830-9313-44b7-a442-460229767071 -NonStateChangingEventPortName:HostProcess-461a772d-aff9-46a8-ab4b-8d82b418de46 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:c34e7943-174f-479a-a6f1-bf5cf24e2348 -DeviceGroupId:WpdFsGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\Windows\system32\svchost.exe -k SDRSVC
"C:\Program Files (x86)\Samsung\Easy Printer Manager\ScrPrint.exe" -Embedding
C:\Windows\system32\msiexec.exe /V
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Users\modl\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\modl\AppData\Roaming\Mozilla\Firefox\Profiles\38zw17yq.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.224 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\SysWOW64\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.224 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll


C:\Users\modl\AppData\Roaming\Mozilla\Firefox\Profiles\38zw17yq.default\searchplugins\
ask-search.xml
askcom.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-05-09 242496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-08-20 463272]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-05-09 198688]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-08-20 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-05-09 242496]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-05-09 198688]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-06-28 11905128]
"CDAServer"=C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [2012-02-20 456704]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-12-14 172144]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-12-14 399984]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-12-14 441968]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-05-09 4858968]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"ApnTBMon"=C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [2013-08-06 1601488]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-12-14 442880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-08-20 11:55:26 ----D---- C:\Program Files\trend micro
2013-08-20 11:55:25 ----D---- C:\rsit
2013-08-20 11:46:04 ----A---- C:\Windows\SYSWOW64\javaws.exe
2013-08-20 11:46:01 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2013-08-20 11:46:01 ----A---- C:\Windows\SYSWOW64\javaw.exe
2013-08-20 11:46:01 ----A---- C:\Windows\SYSWOW64\java.exe
2013-08-20 11:45:54 ----D---- C:\Program Files (x86)\Java
2013-08-19 08:51:24 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-08-15 17:02:56 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-08-15 17:02:55 ----A---- C:\Windows\system32\ieui.dll
2013-08-15 17:02:54 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-08-15 17:02:54 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-08-15 17:02:54 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-08-15 17:02:54 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-08-15 17:02:54 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-08-15 17:02:54 ----A---- C:\Windows\system32\iesetup.dll
2013-08-15 17:02:54 ----A---- C:\Windows\system32\iernonce.dll
2013-08-15 17:02:54 ----A---- C:\Windows\system32\ie4uinit.exe
2013-08-15 17:02:53 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-08-15 17:02:53 ----A---- C:\Windows\system32\iesysprep.dll
2013-08-15 17:02:53 ----A---- C:\Windows\system32\iertutil.dll
2013-08-15 17:02:51 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-08-15 17:02:51 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-08-15 17:02:51 ----A---- C:\Windows\system32\msfeeds.dll
2013-08-15 17:02:51 ----A---- C:\Windows\system32\jscript.dll
2013-08-15 17:02:50 ----A---- C:\Windows\system32\jscript9.dll
2013-08-15 17:02:49 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-08-15 17:02:49 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-08-15 17:02:49 ----A---- C:\Windows\system32\urlmon.dll
2013-08-15 17:02:48 ----A---- C:\Windows\system32\jsproxy.dll
2013-08-15 17:02:47 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-08-15 17:02:47 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-08-15 17:02:46 ----A---- C:\Windows\system32\wininet.dll
2013-08-15 17:02:45 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-08-15 17:02:44 ----A---- C:\Windows\system32\ieframe.dll
2013-08-15 17:02:43 ----A---- C:\Windows\system32\mshtml.dll
2013-08-15 17:02:40 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-08-15 16:58:36 ----D---- C:\Windows\system32\MRT
2013-08-15 08:03:06 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2013-08-15 08:03:06 ----A---- C:\Windows\system32\wintrust.dll
2013-08-15 08:03:06 ----A---- C:\Windows\system32\crypt32.dll
2013-08-15 08:03:05 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2013-08-15 08:03:05 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2013-08-15 08:03:05 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2013-08-15 08:03:05 ----A---- C:\Windows\system32\cryptsvc.dll
2013-08-15 08:03:05 ----A---- C:\Windows\system32\cryptnet.dll
2013-08-15 08:02:59 ----A---- C:\Windows\SYSWOW64\tzres.dll
2013-08-15 08:02:59 ----A---- C:\Windows\system32\tzres.dll
2013-08-15 08:02:55 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2013-08-15 08:02:55 ----A---- C:\Windows\system32\WMVDECOD.DLL
2013-08-15 08:02:54 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2013-08-15 08:02:54 ----A---- C:\Windows\system32\rpcrt4.dll
2013-08-15 08:02:52 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2013-08-15 08:02:51 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2013-08-15 08:02:50 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2013-08-15 08:02:50 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-08-15 08:02:50 ----A---- C:\Windows\system32\ntdll.dll
2013-08-15 08:02:49 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2013-08-15 08:02:49 ----A---- C:\Windows\system32\wow64.dll
2013-08-15 08:02:48 ----A---- C:\Windows\SYSWOW64\wow32.dll
2013-08-15 08:02:47 ----A---- C:\Windows\SYSWOW64\user.exe
2013-08-15 08:02:47 ----A---- C:\Windows\SYSWOW64\setup16.exe
2013-08-15 08:02:47 ----A---- C:\Windows\SYSWOW64\instnm.exe
2013-08-15 08:02:45 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2013-08-15 08:02:44 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-08-08 10:53:44 ----D---- C:\ProgramData\AskPartnerNetwork
2013-08-08 10:53:44 ----D---- C:\Program Files (x86)\AskPartnerNetwork
2013-08-08 10:53:40 ----D---- C:\ProgramData\APN

======List of files/folders modified in the last 1 month======

2013-08-20 11:55:28 ----D---- C:\Windows\Temp
2013-08-20 11:55:26 ----RD---- C:\Program Files
2013-08-20 11:46:16 ----SHD---- C:\Windows\Installer
2013-08-20 11:46:15 ----D---- C:\Program Files (x86)\Common Files
2013-08-20 11:46:04 ----D---- C:\Windows\SysWOW64
2013-08-20 11:45:55 ----A---- C:\Windows\SYSWOW64\npdeployJava1.dll
2013-08-20 11:45:55 ----A---- C:\Windows\SYSWOW64\deployJava1.dll
2013-08-20 11:45:54 ----RD---- C:\Program Files (x86)
2013-08-20 11:45:48 ----SHD---- C:\System Volume Information
2013-08-20 11:39:07 ----D---- C:\Windows\Prefetch
2013-08-20 08:09:40 ----D---- C:\Windows\system32\config
2013-08-20 07:57:20 ----A---- C:\Windows\SYSWOW64\log.txt
2013-08-20 07:54:50 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-19 08:40:19 ----D---- C:\Windows\System32
2013-08-19 08:40:19 ----D---- C:\Windows\inf
2013-08-19 08:40:19 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-08-16 12:48:22 ----D---- C:\Windows
2013-08-16 12:08:05 ----D---- C:\Windows\Microsoft.NET
2013-08-16 12:08:04 ----RSD---- C:\Windows\assembly
2013-08-16 07:59:42 ----D---- C:\Windows\winsxs
2013-08-16 07:59:13 ----D---- C:\Windows\Panther
2013-08-16 07:57:56 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-08-16 07:57:56 ----D---- C:\Windows\system32\cs-CZ
2013-08-16 07:57:55 ----D---- C:\Program Files (x86)\Internet Explorer
2013-08-16 07:57:54 ----D---- C:\Program Files\Internet Explorer
2013-08-16 07:57:52 ----D---- C:\Windows\system32\drivers
2013-08-16 07:57:52 ----D---- C:\Windows\AppPatch
2013-08-15 17:03:24 ----D---- C:\Windows\system32\catroot
2013-08-15 17:03:23 ----D---- C:\Windows\system32\catroot2
2013-08-15 16:58:36 ----D---- C:\Windows\debug
2013-08-15 16:58:32 ----A---- C:\Windows\system32\MRT.exe
2013-08-08 10:53:44 ----HD---- C:\ProgramData
2013-08-01 07:59:54 ----D---- C:\Windows\system32\Tasks

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2013-05-09 65336]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2013-08-01 189936]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2012-10-31 21136]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2013-05-09 72016]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2013-08-01 1030952]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2013-08-01 378944]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-05-09 64288]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2013-05-09 33400]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-05-09 80816]
R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [2012-02-15 11576]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-12-14 5353888]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-06-28 2905832]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
R3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-11 65640]
R2 APNMCP;Ask Update Service; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [2013-08-06 164816]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-05-09 46808]
R2 IJPLMSVC;Inkjet Printer/Scanner Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2008-01-22 103808]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-12-20 325656]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-20 2656280]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-04-24 136176]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-12 256904]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-12-14 277616]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-04-24 136176]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-08-19 117656]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-04-24 1255736]

-----------------EOF-----------------

Re: Prosím o kontrolu PC

Napsal: 20 srp 2013 18:20
od Márty84
Zdravim :)

Slozku winsxs vytvoril sam windows. Je to v poradku, patri tam.


:arrow: Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Prohledat a program zacne pracovat.
Az skonci, vyplivne na vas log (pokud ne, najdete ho zde C:\AdwCleaner[R?].txt ), ten mi sem zkopirujte.

Re: Prosím o kontrolu PC

Napsal: 21 srp 2013 08:49
od zlochar
# AdwCleaner v3.000 - Report created 21/08/2013 at 09:24:47
# Updated 20/08/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : modl - MODL-PC
# Running from : C:\Users\modl\Desktop\adwcleaner.exe
# Option : Scan

***** [ Services ] *****

Service Found : APNMCP

***** [ Files / Folders ] *****

File Found : C:\Users\modl\AppData\Roaming\Mozilla\Firefox\Profiles\38zw17yq.default\searchplugins\Askcom.xml
File Found : C:\Users\modl\AppData\Roaming\Mozilla\Firefox\Profiles\38zw17yq.default\searchplugins\ask-search.xml
Folder Found C:\Program Files (x86)\AskPartnerNetwork
Folder Found C:\ProgramData\APN
Folder Found C:\ProgramData\Ask
Folder Found C:\ProgramData\AskPartnerNetwork
Folder Found C:\Users\modl\AppData\Local\Temp\APN

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\AskPartnerNetwork
Key Found : [x64] HKCU\Software\AskPartnerNetwork
Key Found : HKLM\Software\AskPartnerNetwork
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon]

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16660


-\\ Mozilla Firefox v23.0.1 (cs)

[ File : C:\Users\modl\AppData\Roaming\Mozilla\Firefox\Profiles\38zw17yq.default\prefs.js ]

Line Found : user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"wrc@avast.com\":{\"descriptor\":\"C:\\\\Program Files\\\\AVAST Software\\\\Avast\\\\WebRep\\\\FF\",\"mtime\":137533[...]

-\\ Google Chrome v28.0.1500.95

[ File : C:\Users\modl\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Found : icon_url
Found : search_url
Found : suggest_url
Found : keyword
Found : search_url
Found : suggest_url

*************************

AdwCleaner[R0].txt - [2032 octets] - [21/08/2013 09:21:37]
AdwCleaner[R1].txt - [1948 octets] - [21/08/2013 09:24:47]

########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [2008 octets] ##########

Re: Prosím o kontrolu PC

Napsal: 21 srp 2013 15:40
od Márty84
:arrow: Znovu spustte ADWCleaner jako spravce a kliknete na Clean (nebo Delete - ted se zkousi nova verze a je v tom trosku chaos). Log zase zkopiujte sem

Re: Prosím o kontrolu PC

Napsal: 21 srp 2013 15:52
od zlochar
# AdwCleaner v3.000 - Report created 21/08/2013 at 16:50:14
# Updated 20/08/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : modl - MODL-PC
# Running from : C:\Users\modl\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : APNMCP

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\APN
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\AskPartnerNetwork
Folder Deleted : C:\Program Files (x86)\AskPartnerNetwork
Folder Deleted : C:\Users\modl\AppData\Local\Temp\APN
File Deleted : C:\Users\modl\AppData\Roaming\Mozilla\Firefox\Profiles\38zw17yq.default\searchplugins\Askcom.xml
File Deleted : C:\Users\modl\AppData\Roaming\Mozilla\Firefox\Profiles\38zw17yq.default\searchplugins\ask-search.xml

***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Key Deleted : HKCU\Software\AskPartnerNetwork
Key Deleted : HKLM\Software\AskPartnerNetwork

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16660


-\\ Mozilla Firefox v23.0.1 (cs)

[ File : C:\Users\modl\AppData\Roaming\Mozilla\Firefox\Profiles\38zw17yq.default\prefs.js ]

Line Deleted : user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"wrc@avast.com\":{\"descriptor\":\"C:\\\\Program Files\\\\AVAST Software\\\\Avast\\\\WebRep\\\\FF\",\"mtime\":137533[...]

-\\ Google Chrome v28.0.1500.95

[ File : C:\Users\modl\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : icon_url
Deleted : search_url
Deleted : suggest_url
Deleted : keyword

*************************

AdwCleaner[R0].txt - [2032 octets] - [21/08/2013 09:21:37]
AdwCleaner[R1].txt - [2092 octets] - [21/08/2013 09:24:47]
AdwCleaner[R2].txt - [2152 octets] - [21/08/2013 16:49:42]
AdwCleaner[S0].txt - [2025 octets] - [21/08/2013 16:50:14]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2085 octets] ##########

Re: Prosím o kontrolu PC

Napsal: 21 srp 2013 17:00
od Márty84
:arrow: Udelejte !!!kompletni!!! kontrolu s MBAM http://forum.viry.cz/viewtopic.php?f=29&t=115222 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

Re: Prosím o kontrolu PC

Napsal: 23 srp 2013 15:20
od zlochar
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Verze: v2013.08.23.02

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16660
modl :: MODL-PC [administrátor]

23.8.2013 15:06:26
MBAM-log-2013-08-23 (16-18-56).txt

Typ: Kompletní kontrola (C:\|D:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 364404
Uplynulý čas: 37 minut, 48 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 18
HKCR\CLSID\{18DBB6CE-3148-4FEC-B481-103CB3290427} (PUP.Optional.SpeedAnalysis.A) -> Nebyla provedena žádná instrukce.
HKCR\TypeLib\{0BDCB0B7-26EE-4B62-B240-1260CD6930E0} (PUP.Optional.SpeedAnalysis.A) -> Nebyla provedena žádná instrukce.
HKCR\Speed Analysis 2.ScriptHostObject.1 (PUP.Optional.SpeedAnalysis.A) -> Nebyla provedena žádná instrukce.
HKCR\Speed Analysis 2.ScriptHostObject (PUP.Optional.SpeedAnalysis.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DBB6CE-3148-4FEC-B481-103CB3290427} (PUP.Optional.SpeedAnalysis.A) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{18DBB6CE-3148-4FEC-B481-103CB3290427} (PUP.Optional.SpeedAnalysis.A) -> Nebyla provedena žádná instrukce.
HKCR\CLSID\{EB93AADE-9884-47F0-AA9D-0920E1D1203F} (PUP.Optional.SpeedAnalysis2.A) -> Nebyla provedena žádná instrukce.
HKCR\TypeLib\{BB30FEA7-5866-406A-B47D-FB69E1AF8FD7} (PUP.Optional.SpeedAnalysis2.A) -> Nebyla provedena žádná instrukce.
HKCR\Speed Analysis 2.BackgroundHostObject.1 (PUP.Optional.SpeedAnalysis2.A) -> Nebyla provedena žádná instrukce.
HKCR\Speed Analysis 2.BackgroundHostObject (PUP.Optional.SpeedAnalysis2.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\7go (PUP.Optional.InstallBrain) -> Nebyla provedena žádná instrukce.
HKCR\TypeLib\{4B8AECDD-D9FF-499E-8E9F-F90A9EF1930D} (PUP.Optional.SpeedAnalysis.A) -> Nebyla provedena žádná instrukce.
HKCR\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020} (PUP.Optional.SpeedAnalysis.A) -> Nebyla provedena žádná instrukce.
HKCR\CLSID\{E65CE95B-56E9-47C9-8707-A1D1DE30760F} (PUP.Optional.SpeedAnalysis.A) -> Nebyla provedena žádná instrukce.
HKCR\TypeLib\{25C65308-8937-4D76-BEFB-6AF0A468E75A} (PUP.Optional.SpeedAnalysis.A) -> Nebyla provedena žádná instrukce.
HKCR\Speed Analysis 2.Navbar.1 (PUP.Optional.SpeedAnalysis.A) -> Nebyla provedena žádná instrukce.
HKCR\Speed Analysis 2.Navbar (PUP.Optional.SpeedAnalysis.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Google\Chrome\Extensions\dgjkhjdcljddbedokogakmmdjgnbeanf (PUP.Optional.SpeedAnalysis2.A) -> Nebyla provedena žádná instrukce.

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 1
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.StartPage) -> Špatný: (http://www1.delta-search.com/?babsrc=HP ... 3&tsp=4983) Dobrý: (http://www.google.com) -> Nebyla provedena žádná instrukce.

Nalezené složky: 5
C:\ProgramData\IBUpdaterService (PUP.InstallBrain) -> Nebyla provedena žádná instrukce.
C:\Users\modl\AppData\Roaming\Babylon (PUP.Optional.Babylon.A) -> Nebyla provedena žádná instrukce.
C:\Users\modl\AppData\Roaming\SpeedAnalysis2 (PUP.Optional.SpeedAnalysis.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Speed Analysis 2 (PUP.Optional.SpeedAnalysis.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Speed Analysis 2\mz (PUP.Optional.SpeedAnalysis.A) -> Nebyla provedena žádná instrukce.

Nalezené soubory: 36
C:\Program Files (x86)\Speed Analysis 2\ScriptHost.dll (PUP.Optional.SpeedAnalysis.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Speed Analysis 2\BackgroundHost.exe (PUP.Optional.SpeedAnalysis2.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Uninstall Information\Ib\97\3867\ib_uninstall.exe (PUP.Optional.InstallBrain) -> Nebyla provedena žádná instrukce.
C:\Users\modl\AppData\Roaming\File Scout\filescout.exe (Trojan.PUP.Optional.FileScout.A) -> Nebyla provedena žádná instrukce.
C:\Users\modl\Documents\ieupdate\ieuptdt.exe (Trojan.FakeMS) -> Nebyla provedena žádná instrukce.
C:\Users\modl\Documents\ieupdate\pomocna8.exe (Trojan.FakeMS) -> Nebyla provedena žádná instrukce.
C:\Users\modl\Downloads\Zoner Photo Studio Pro 14.0.1.5\KeyMaker-CORE\keygen.exe (PUP.RiskwareTool.CK) -> Nebyla provedena žádná instrukce.
C:\ProgramData\IBUpdaterService\repository.xml (PUP.InstallBrain) -> Nebyla provedena žádná instrukce.
C:\Users\modl\AppData\Roaming\Babylon\log_file.txt (PUP.Optional.Babylon.A) -> Nebyla provedena žádná instrukce.
C:\Users\modl\AppData\Roaming\SpeedAnalysis2\speedanalysis.crx (PUP.Optional.SpeedAnalysis.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Speed Analysis 2\updater.js (PUP.Optional.SpeedAnalysis.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Speed Analysis 2\AddonsFramework.Typelib.dll (PUP.Optional.SpeedAnalysis.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Speed Analysis 2\background.html (PUP.Optional.SpeedAnalysis.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Speed Analysis 2\BackgroundHost64.exe (PUP.Optional.SpeedAnalysis.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Speed Analysis 2\BackgroundHostPS.dll (PUP.Optional.SpeedAnalysis.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Speed Analysis 2\bg.js (PUP.Optional.SpeedAnalysis.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Speed Analysis 2\ButtonSite.dll (PUP.Optional.SpeedAnalysis.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Speed Analysis 2\ButtonSite64.dll (PUP.Optional.SpeedAnalysis.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Speed Analysis 2\config.xml (PUP.Optional.SpeedAnalysis.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Speed Analysis 2\content.js (PUP.Optional.SpeedAnalysis.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Speed Analysis 2\icon128.png (PUP.Optional.SpeedAnalysis.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Speed Analysis 2\icon16.png (PUP.Optional.SpeedAnalysis.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Speed Analysis 2\icon18.ico (PUP.Optional.SpeedAnalysis.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Speed Analysis 2\icon18.png (PUP.Optional.SpeedAnalysis.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Speed Analysis 2\icon24.ico (PUP.Optional.SpeedAnalysis.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Speed Analysis 2\icon24.png (PUP.Optional.SpeedAnalysis.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Speed Analysis 2\icon32.ico (PUP.Optional.SpeedAnalysis.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Speed Analysis 2\icon32.png (PUP.Optional.SpeedAnalysis.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Speed Analysis 2\icon48.png (PUP.Optional.SpeedAnalysis.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Speed Analysis 2\jquery-1.9.1.min.js (PUP.Optional.SpeedAnalysis.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Speed Analysis 2\json2.min.js (PUP.Optional.SpeedAnalysis.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Speed Analysis 2\uninst.exe (PUP.Optional.SpeedAnalysis.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Speed Analysis 2\uninstall.exe (PUP.Optional.SpeedAnalysis.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Speed Analysis 2\updaterWrapper.js (PUP.Optional.SpeedAnalysis.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Speed Analysis 2\mz\background.js (PUP.Optional.SpeedAnalysis.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Speed Analysis 2\mz\content.js (PUP.Optional.SpeedAnalysis.A) -> Nebyla provedena žádná instrukce.

(konec)

Re: Prosím o kontrolu PC

Napsal: 23 srp 2013 21:27
od Márty84
Vsechny nalezy nechte odstranit. Po restartu udelejte rychlou kontrolu. Pokud neco najde, dejte zase log. Kdyz ne, jen napiste ze nic nenasel. Podle toho budeme pokracovat.


20.10. pro neaktivitu :lock: http://forum.viry.cz/viewtopic.php?f=12&t=123975
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz