VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Prosím o preventivní kontrolu

https://forum.viry.cz:443/viewtopic.php?t=137804

Stránka 1 z 1

Prosím o preventivní kontrolu

Napsal: 04 kvě 2014 12:07
od RomanL2
Dobrý den, prosím o preventivní kontrolu dlouho neudržovaného notebooku. Zde log z RSIT:

Logfile of random's system information tool 1.06 (written by random/random)
Run by Dell at 2014-05-04 13:04:24
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 16 GB (42%) free of 38 GB
Total RAM: 1015 MB (55% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-1202660629-1454471165-682003330-1003Core.job
C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-1202660629-1454471165-682003330-1003UA.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1202660629-1454471165-682003330-1003Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1202660629-1454471165-682003330-1003UA.job
C:\WINDOWS\tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
C:\WINDOWS\tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll [2003-05-15 50376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31332EEF-CB9F-458F-AFEB-D30E9A66B6BA}]
AVG Do Not Track - C:\Program Files\AVG\AVG2012\avgdtiex.dll [2012-10-15 938104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
AcroIEToolbarHelper Class - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll [2003-05-15 147456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll [2003-05-15 147456]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"igfxtray"=C:\WINDOWS\system32\igfxtray.exe [2008-08-04 94208]
"igfxhkcmd"=C:\WINDOWS\system32\hkcmd.exe [2008-08-04 77824]
"igfxpers"=C:\WINDOWS\system32\igfxpers.exe [2008-08-04 114688]
"AVG_TRAY"=C:\Program Files\AVG\AVG2012\avgtray.exe [2012-11-19 2598520]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2008-08-04 135168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Documents and Settings\Dell\Dokumenty\Stažené soubory\SweetImSetup.exe"="C:\Documents and Settings\Dell\Dokumenty\Stažené soubory\SweetImSetup.exe:*:Enabled:SweetIM Installer"
"C:\Documents and Settings\Dell\Plocha\Janka\Sindicate\Launcher.exe"="C:\Documents and Settings\Dell\Plocha\Janka\Sindicate\Launcher.exe:*:Enabled:Launcher.exe"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:MSN Messenger 7.0"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\AVG\AVG2012\avgmfapx.exe"="C:\Program Files\AVG\AVG2012\avgmfapx.exe:*:Enabled:Instalátor AVG"
"C:\Program Files\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe"="C:\Program Files\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe:*:Enabled:Update Engine"
"C:\Program Files\AVG\AVG2012\avgnsx.exe"="C:\Program Files\AVG\AVG2012\avgnsx.exe:*:Enabled:Webový štít"
"C:\Program Files\AVG\AVG2012\avgdiagex.exe"="C:\Program Files\AVG\AVG2012\avgdiagex.exe:*:Enabled:AVG Diagnostika 2012"
"C:\Program Files\AVG\AVG2012\avgemcx.exe"="C:\Program Files\AVG\AVG2012\avgemcx.exe:*:Enabled:Obecná kontrola pošty"
"C:\Documents and Settings\Dell\Local Settings\Data aplikací\Facebook\Video\Skype\FacebookVideoCalling.exe"="C:\Documents and Settings\Dell\Local Settings\Data aplikací\Facebook\Video\Skype\FacebookVideoCalling.exe:*:Enabled:Facebook Video Calling Plugin"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:MSN Messenger 7.0"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a61e3a50-65f4-11e1-ad8b-002719f2284b}]
shell\AutoRun\command - E:\Startme.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cbd32fe6-f772-11e0-aca4-0060b3a117d3}]
shell\AutoRun\command - E:\Startme.exe


======List of files/folders created in the last 1 months======

2014-05-04 13:04:28 ----D---- C:\Program Files\trend micro
2014-05-04 13:04:24 ----D---- C:\rsit
2014-05-04 12:42:27 ----D---- C:\Program Files\CCleaner
2014-05-03 18:42:43 ----D---- C:\WINDOWS\Minidump

======List of files/folders modified in the last 1 months======

2014-05-04 13:04:28 ----RD---- C:\Program Files
2014-05-04 13:00:14 ----A---- C:\WINDOWS\wincmd.ini
2014-05-04 12:59:36 ----D---- C:\WINDOWS\Prefetch
2014-05-04 12:49:42 ----D---- C:\Documents and Settings\Dell\Data aplikací\Skype
2014-05-04 12:48:44 ----D---- C:\WINDOWS
2014-05-04 12:47:24 ----D---- C:\WINDOWS\Debug
2014-05-04 12:47:10 ----D---- C:\WINDOWS\Temp
2014-05-04 12:42:28 ----D---- C:\WINDOWS\system32\CatRoot2
2014-05-04 12:23:51 ----D---- C:\WINDOWS\system32
2014-05-04 12:07:54 ----N---- C:\WINDOWS\SchedLgU.Txt
2014-05-04 12:07:38 ----HD---- C:\WINDOWS\inf
2014-05-04 12:07:31 ----RSHDC---- C:\WINDOWS\system32\dllcache
2014-05-04 12:06:55 ----D---- C:\WINDOWS\ie8updates
2014-04-30 10:12:55 ----A---- C:\WINDOWS\system32\mshtml.dll
2014-04-13 21:04:38 ----D---- C:\Fotky
2014-04-10 11:53:57 ----D---- C:\WINDOWS\system32\MRT
2014-04-10 11:50:40 ----A---- C:\WINDOWS\system32\MRT.exe
2014-04-10 11:50:09 ----D---- C:\Program Files\Internet Explorer
2014-04-09 19:14:41 ----DC---- C:\WINDOWS\system32\DRVSTORE

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Avgldx86;AVG AVI Loader Driver; C:\WINDOWS\system32\DRIVERS\avgldx86.sys [2012-11-08 250080]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\WINDOWS\system32\DRIVERS\avgmfx86.sys [2011-12-23 41040]
R1 Avgtdix;AVG TDI Driver; C:\WINDOWS\system32\DRIVERS\avgtdix.sys [2013-04-11 302368]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R2 irda;Protokol IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2008-08-04 13059]
R3 AVGIDSDriver;AVGIDSDriver; C:\WINDOWS\system32\DRIVERS\avgidsdriverx.sys [2012-12-10 142176]
R3 AVGIDSFilter;AVGIDSFilter; C:\WINDOWS\system32\DRIVERS\avgidsfilterx.sys [2011-12-23 24144]
R3 AVGIDSShim;AVGIDSShim; C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys [2011-12-23 17232]
R3 b57w2k;Broadcom NetXtreme 57xx Gigabit Controller; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2008-08-04 134272]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 GTIPCI21;GTIPCI21; C:\WINDOWS\system32\DRIVERS\gtipci21.sys [2008-08-04 80384]
R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2008-08-04 1041536]
R3 HSFHWICH;HSFHWICH; C:\WINDOWS\system32\DRIVERS\HSFHWICH.sys [2008-08-04 200064]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2008-08-04 1049180]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 SMCIRDA;SMC IrCC Miniport Device Driver; C:\WINDOWS\system32\DRIVERS\smcirda.sys [2001-10-24 35913]
R3 STAC97;SigmaTel C-Major Audio; C:\WINDOWS\system32\drivers\STAC97.sys [2008-08-04 272568]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2009-03-18 30336]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2008-08-04 685056]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 NBXG3021;NB 802.11g XG302 SP1 Driver; C:\WINDOWS\system32\DRIVERS\wlanCIG.sys [2006-03-06 515616]
S3 RT73;RT73 USB Wireless LAN Card Driver; C:\WINDOWS\system32\DRIVERS\rt73.sys [2007-05-14 445696]
S3 s1039bus;Sony Ericsson Device 1039 driver (WDM); C:\WINDOWS\system32\DRIVERS\s1039bus.sys [2009-11-19 98672]
S3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s1039mdfl.sys [2009-11-19 14960]
S3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s1039mdm.sys [2009-11-19 124016]
S3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s1039mgmt.sys [2009-11-19 117872]
S3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS); C:\WINDOWS\system32\DRIVERS\s1039nd5.sys [2009-11-19 25456]
S3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s1039obex.sys [2009-11-19 113904]
S3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM); C:\WINDOWS\system32\DRIVERS\s1039unic.sys [2009-11-19 123504]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe [2013-10-16 5175856]
R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288]
R2 Irmon;Sledování infračerveného přenosu; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-06-11 136120]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-03-30 119408]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Re: Prosím o preventivní kontrolu

Napsal: 04 kvě 2014 14:28
od cernohous13
Zdravím, nevypadá nemocný :wink:

:arrow: Stáhni a nainstaluj MBAM zde http://www.bleepingcomputer.com/downloa ... i-malware/ verzi 1.75
Spustit -> na 3.záložce "Aktualizace" -> Kontrola aktualizací (možná bude provedeno automaticky)
následně na 1.záložce "Kontrolor" -> Úplná kontrola -> Prohledat
po dokončení scanu vyskočí okno Notepad s výsledkem - obsah zkopíruj do své odpovědi
zatím nic nemazat - počkej na posouzení a program zatím nevypínej

Re: Prosím o preventivní kontrolu

Napsal: 05 kvě 2014 00:39
od RomanL2
Tady je log z MBAMu, něco tam asi bude...

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Verze: v2014.05.04.07

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Dell :: DELL-E0AD2D2379 [administrátor]

4.5.2014 18:00:33
MBAM-log-2014-05-05 (01-33-20).txt

Typ: Kompletní kontrola (C:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 285363
Uplynulý čas: 3 hodin, 2 minut, 7 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 19
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A} (PUP.Optional.FaceMoods.A) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{64182481-4F71-486B-A045-B233BD0DA8FC} (PUP.Optional.FaceMoods.A) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{64182481-4F71-486B-A045-B233BD0DA8FC} (PUP.Optional.FaceMoods.A) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{984A9162-8891-4D19-8CFE-17648BB4E1EC} (PUP.Optional.GamesPlayLab.A) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{984A9162-8891-4D19-8CFE-17648BB4E1EC} (PUP.Optional.GamesPlayLab.A) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9} (PUP.Optional.FaceMoods.A) -> Nebyla provedena žádná instrukce.
HKCR\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A} (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
HKCR\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19} (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
HKCR\Interface\{A439801C-961D-452C-AB42-7848E9CBD289} (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
HKCR\MgMediaPlayer.GifAnimator.1 (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
HKCR\MgMediaPlayer.GifAnimator (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
HKCR\facemoods.facemoodsHlpr (PUP.Optional.FaceMoods.A) -> Nebyla provedena žádná instrukce.
HKCR\facemoods.facemoodsHlpr.1 (PUP.Optional.FaceMoods.A) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Google\Chrome\Extensions\ocphobfcfafpclibolpjdafgaffkaoci (PUP.Optional.GamePlayLab.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\GamePlayLabs Plugin (PUP.Optional.GamePlayLabs.A) -> Nebyla provedena žádná instrukce.

Nalezené hodnoty v registru: 2
HKCU\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Data: {0A0B7290-E91D-11DF-A9F9-0060B3A117D3} -> Nebyla provedena žádná instrukce.
HKLM\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Data: {0A0B7290-E91D-11DF-A9F9-0060B3A117D3} -> Nebyla provedena žádná instrukce.

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 5
C:\Documents and Settings\Dell\Data aplikací\facemoods.com (PUP.Optional.FaceMoods.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Dell\Data aplikací\facemoods.com\facemoods (PUP.Optional.FaceMoods.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Dell\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ocphobfcfafpclibolpjdafgaffkaoci (PUP.Optional.GamePlayLabs.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Dell\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ocphobfcfafpclibolpjdafgaffkaoci\1.0_0 (PUP.Optional.GamePlayLabs.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Dell\Local Settings\Data aplikací\GamePlayLabs Plugin (PUP.Optional.GamePlayLabs.A) -> Nebyla provedena žádná instrukce.

Nalezené soubory: 34
C:\Documents and Settings\Dell\Data aplikací\Desktopicon\eBayShortcuts.exe (Adware.ADON) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Dell\Dokumenty\Downloads\aTube_Catcher.exe (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
C:\Program Files\SweetIM\Messenger\mgAdaptersProxy.dll (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\Program Files\SweetIM\Messenger\mgAIMAuto.dll (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\Program Files\SweetIM\Messenger\mgAIMMessengerAdapter.dll (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\Program Files\SweetIM\Messenger\mgArchive.dll (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\Program Files\SweetIM\Messenger\mgcommon.dll (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\Program Files\SweetIM\Messenger\mgcommunication.dll (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\Program Files\SweetIM\Messenger\mgconfig.dll (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\Program Files\SweetIM\Messenger\mgFlashPlayer.dll (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\Program Files\SweetIM\Messenger\mghooking.dll (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\Program Files\SweetIM\Messenger\mgICQAuto.dll (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\Program Files\SweetIM\Messenger\mgICQMessengerAdapter.dll (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\Program Files\SweetIM\Messenger\mgIEPlayer.dll (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\Program Files\SweetIM\Messenger\mglogger.dll (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\Program Files\SweetIM\Messenger\mgMediaPlayer.dll (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\Program Files\SweetIM\Messenger\mgMsnAuto.dll (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\Program Files\SweetIM\Messenger\mgMsnMessengerAdapter.dll (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\Program Files\SweetIM\Messenger\mgsimcommon.dll (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\Program Files\SweetIM\Messenger\mgSweetIM.dll (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\Program Files\SweetIM\Messenger\mgUpdateSupport.dll (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\Program Files\SweetIM\Messenger\mgxml_wrapper.dll (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\Program Files\SweetIM\Messenger\mgYahooAuto.dll (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\Program Files\SweetIM\Messenger\mgYahooMessengerAdapter.dll (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\Program Files\SweetIM\Messenger\SweetIM.exe (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\WINDOWS\Installer\130aa56.msi (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Dell\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ocphobfcfafpclibolpjdafgaffkaoci\1.0_0\background.html (PUP.Optional.GamePlayLabs.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Dell\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ocphobfcfafpclibolpjdafgaffkaoci\1.0_0\gameplaylabs.png (PUP.Optional.GamePlayLabs.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Dell\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ocphobfcfafpclibolpjdafgaffkaoci\1.0_0\gameplaylabsplugin.js (PUP.Optional.GamePlayLabs.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Dell\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ocphobfcfafpclibolpjdafgaffkaoci\1.0_0\manifest.json (PUP.Optional.GamePlayLabs.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Dell\Local Settings\Data aplikací\GamePlayLabs Plugin\gplplugin.crx (PUP.Optional.GamePlayLabs.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Dell\Local Settings\Data aplikací\GamePlayLabs Plugin\gplplugin.xpi (PUP.Optional.GamePlayLabs.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Dell\Local Settings\Data aplikací\GamePlayLabs Plugin\setup.ini (PUP.Optional.GamePlayLabs.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Dell\Local Settings\Data aplikací\GamePlayLabs Plugin\Uninstall.exe (PUP.Optional.GamePlayLabs.A) -> Nebyla provedena žádná instrukce.

(konec)

Re: Prosím o preventivní kontrolu

Napsal: 05 kvě 2014 04:15
od cernohous13
:D jj, dost toho je

zkontroluj zda je vše označeno a nech Odstranit...

Pak kontrolu opakuj

Re: Prosím o preventivní kontrolu

Napsal: 05 kvě 2014 22:25
od RomanL2
Tak, provedeno, zde další log z MBAM:

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Verze: v2014.05.04.07

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Dell :: DELL-E0AD2D2379 [administrátor]

5.5.2014 21:07:58
MBAM-log-2014-05-05 (23-20-45).txt

Typ: Kompletní kontrola (C:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 285427
Uplynulý čas: 2 hodin, 11 minut, 1 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 1
C:\System Volume Information\_restore{47F67619-6CC2-4E40-9BAE-8A09C984BE55}\RP409\A0101858.msi (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.

(konec)

Re: Prosím o preventivní kontrolu

Napsal: 06 kvě 2014 05:46
od cernohous13
:arrow: Stáhni Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
Ulož jej na plochu a spusť - zobrazí se licenční podminky -> start libovolnou klávesou.
Bude vytvořena záloha a proběhne skenování.
Vyskočí log (nebo je uložen zde c:\JRT jako JRT.txt) - zkopíruj jej sem

:arrow: Stáhni AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Ulož nejlépe na plochu -> ukonči všechny programy -> spusť AdwCleaner -> klikni na Scan po dokončení na Clean
bude provedena oprava, restartuje se - (případně restartuj) a vypadne log C:\AdwCleaner\AdwCleaner[S?].txt , jeho obsah vložíš sem

:arrow: pravděpodobně budeš nucen vypnout na tu chvíli antivir - je to čisté, prověřeno
vyosek píše: :arrow: Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu
  • :arrow: Po spuštění do okna vlozte skript nize

    Kód: Vybrat vše

    srinfo;
autoclean;
emptyclsid;
iedefaults;
process;
hijackthis;
emptyalltemp;
resethosts;
  • Nasledne kliknete na Run Script
  • PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem
Log bude zde C:\zoek-results.log

Re: Prosím o preventivní kontrolu

Napsal: 06 kvě 2014 20:15
od RomanL2
Provedeno, zde log z JRT:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Microsoft Windows XP x86
Ran by Dell on Łt 06.05.2014 at 19:34:03,62
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440}



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\bho.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escort.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mediaplayer.graphicsutils
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mediaplayer.graphicsutils.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Paths\sweetim.exe
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Documents and Settings\Dell\Data aplikacˇ\desktopicon"
Successfully deleted: [Folder] "C:\Program Files\icq6toolbar"
Successfully deleted: [Folder] "C:\Program Files\sweetim"
Successfully deleted: [Folder] "C:\Program Files\ask.com"



~~~ FireFox

Successfully deleted: [File] C:\Documents and Settings\Dell\Data aplikacˇ\mozilla\firefox\profiles\45gv6y2j.default\extensions\{eee6c361-6118-11dc-9c72-001320c79847}.xpi
Successfully deleted: [File] C:\Documents and Settings\Dell\Data aplikacˇ\mozilla\firefox\profiles\45gv6y2j.default\searchplugins\askcom.xml
Successfully deleted: [File] C:\Documents and Settings\Dell\Data aplikacˇ\mozilla\firefox\profiles\45gv6y2j.default\searchplugins\sweetim.xml
Successfully deleted: [Folder] C:\Documents and Settings\Dell\Data aplikacˇ\mozilla\firefox\profiles\45gv6y2j.default\sweetpackstoolbardata
Successfully deleted the following from C:\Documents and Settings\Dell\Data aplikacˇ\mozilla\firefox\profiles\45gv6y2j.default\prefs.js

user_pref("browser.search.defaulturl", "hxxp://search.sweetim.com/search.asp?src=2&q=");
user_pref("extensions.facemoods.aflt", "_#vsl");
user_pref("extensions.facemoods.firstRun", false);
user_pref("extensions.facemoods.lastActv", "1");
user_pref("keyword.URL", "hxxp://search.sweetim.com/search.asp?barid={0A0B7290-E91D-11DF-A9F9-0060B3A117D3}&src=2&q=");
user_pref("sweetim.toolbar.RevertDialog.enable", "false");
user_pref("sweetim.toolbar.UserSelectedSaveSettings", "true");
user_pref("sweetim.toolbar.Visibility.VisibilityGuardLastUnHide", "0");
user_pref("sweetim.toolbar.Visibility.enable", "true");
user_pref("sweetim.toolbar.Visibility.intervaldays", "7");
user_pref("sweetim.toolbar.cda.DisableOveride.enable", "true");
user_pref("sweetim.toolbar.cda.HideOveride.enable", "true");
user_pref("sweetim.toolbar.cda.RemoveOveride.enable", "true");
user_pref("sweetim.toolbar.cda.returnValue", "none");
user_pref("sweetim.toolbar.dialogs.0.enable", "true");
user_pref("sweetim.toolbar.dialogs.0.handler", "chrome://sim_toolbar_package/content/optionsdialog-handler.js");
user_pref("sweetim.toolbar.dialogs.0.height", "335");
user_pref("sweetim.toolbar.dialogs.0.id", "id_options_dialog");
user_pref("sweetim.toolbar.dialogs.0.title", "$string.config.label;");
user_pref("sweetim.toolbar.dialogs.0.url", "hxxp://www.sweetim.com/simffbar/options_remote ... crg=$cargo;");
user_pref("sweetim.toolbar.dialogs.0.width", "761");
user_pref("sweetim.toolbar.dialogs.1.enable", "true");
user_pref("sweetim.toolbar.dialogs.1.handler", "chrome://sim_toolbar_package/content/exampledialog-handler.js");
user_pref("sweetim.toolbar.dialogs.1.height", "300");
user_pref("sweetim.toolbar.dialogs.1.id", "id_example_dialog");
user_pref("sweetim.toolbar.dialogs.1.title", "Example (unit-test) dialog");
user_pref("sweetim.toolbar.dialogs.1.url", "chrome://sim_toolbar_package/content/exampledialog.html");
user_pref("sweetim.toolbar.dialogs.1.width", "500");
user_pref("sweetim.toolbar.dialogs.2.enable", "true");
user_pref("sweetim.toolbar.dialogs.2.handler", "chrome://sim_toolbar_package/content/cdadialog-handler.js");
user_pref("sweetim.toolbar.dialogs.2.height", "150");
user_pref("sweetim.toolbar.dialogs.2.id", "id_dialog_hide_disable_remove");
user_pref("sweetim.toolbar.dialogs.2.title", "Option Dialog");
user_pref("sweetim.toolbar.dialogs.2.url", "hxxp://www.sweetim.com/simffbar/simcdadialog.asp");
user_pref("sweetim.toolbar.dialogs.2.width", "530");
user_pref("sweetim.toolbar.dnscatch.domain-blacklist", ".*.sweetim.com/.*|.*.facebook.com/.*|.*.google.com/.*|.*.google.co.in/.*|.*.google.com.br/.*|.*.google.es/.*|.*.youtube
user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");
user_pref("sweetim.toolbar.keywordUrlGuard.enable", "false");
user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");
user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");
user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");
user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");
user_pref("sweetim.toolbar.mode.debug", "false");
user_pref("sweetim.toolbar.newtab.created", "false");
user_pref("sweetim.toolbar.newtab.enable", "true");
user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "ICQ Search");
user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "ICQ Search");
user_pref("sweetim.toolbar.previous.browser.startup.homepage", "hxxp://cs.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:cs:official");
user_pref("sweetim.toolbar.previous.keyword.URL", "");
user_pref("sweetim.toolbar.rc.url", "hxxp://www.sweetim.com/simffbar/rc.html?toolba ... crg=$cargo;");
user_pref("sweetim.toolbar.scripts.0.addcontextdiv", "true");
user_pref("sweetim.toolbar.scripts.0.callback", "simVerification");
user_pref("sweetim.toolbar.scripts.0.domain-blacklist", "");
user_pref("sweetim.toolbar.scripts.0.domain-whitelist", "hxxp://(www.|apps.)?facebook\\.com.*");
user_pref("sweetim.toolbar.scripts.0.elementid", "id_script_sim_fb");
user_pref("sweetim.toolbar.scripts.0.enable", "false");
user_pref("sweetim.toolbar.scripts.0.id", "id_script_fb");
user_pref("sweetim.toolbar.scripts.0.url", "hxxp://sc.sweetim.com/apps/in/fb/infb.js");
user_pref("sweetim.toolbar.scripts.1.addcontextdiv", "true");
user_pref("sweetim.toolbar.scripts.1.callback", "simVerification");
user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
user_pref("sweetim.toolbar.scripts.1.domain-whitelist", "hxxps://(www.|apps.)?facebook\\.com.*");
user_pref("sweetim.toolbar.scripts.1.elementid", "id_script_sim_fb");
user_pref("sweetim.toolbar.scripts.1.enable", "false");
user_pref("sweetim.toolbar.scripts.1.id", "id_script_fb_hxxpS");
user_pref("sweetim.toolbar.scripts.1.url", "hxxps://sc.sweetim.com/apps/in/fb/infb.js");
user_pref("sweetim.toolbar.scripts.2.addcontextdiv", "false");
user_pref("sweetim.toolbar.scripts.2.callback", "");
user_pref("sweetim.toolbar.scripts.2.domain-blacklist", ".*.google..*|.*.bing..*|.*.live..*|.*.msn..*|.*.yahoo..*|.*.youtube.com.*|.*ask.com.*|.*.sweetim.com.*");
user_pref("sweetim.toolbar.scripts.2.domain-whitelist", "");
user_pref("sweetim.toolbar.scripts.2.elementid", "id_predict_include_script");
user_pref("sweetim.toolbar.scripts.2.enable", "false");
user_pref("sweetim.toolbar.scripts.2.id", "id_script_prad");
user_pref("sweetim.toolbar.scripts.2.url", "hxxp://cdn1.certified-apps.com/scripts/shared/enable.js?si=3104&tid=chff1");
user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engine=\"hxxp://*google.*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"hxxp://sear
user_pref("sweetim.toolbar.search.history.capacity", "10");
user_pref("sweetim.toolbar.searchguard.enable", "false");
user_pref("sweetim.toolbar.searchguard.initialized_by_rc", "true");
user_pref("sweetim.toolbar.simapp_id", "{0A0B7290-E91D-11DF-A9F9-0060B3A117D3}");
user_pref("sweetim.toolbar.urls.homepage", "hxxp://home.sweetim.com");
user_pref("sweetim.toolbar.version", "1.9.0.0");
Emptied folder: C:\Documents and Settings\Dell\Data aplikacˇ\mozilla\firefox\profiles\45gv6y2j.default\minidumps [4 files]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Łt 06.05.2014 at 19:44:34,84
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Zde log z AdAware - ten mi při prvním průchodu nějak vytuhnul a nerestartoval, tak jsem to restartnul ručně a log jsem našel v adr. AdAware. Pustil jsem ho pak pro jistotu ještě jednou, přikládám oba logy:

# AdwCleaner v3.207 - Report created 06/05/2014 at 19:53:42
# Updated 05/05/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Dell - DELL-E0AD2D2379
# Running from : C:\Documents and Settings\Dell\Plocha\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\ICQ\ICQToolbar
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\SweetIM
Folder Deleted : C:\Documents and Settings\Dell\Data aplikací\Mozilla\Firefox\Profiles\45gv6y2j.default\ICQToolbarData
Folder Deleted : C:\Documents and Settings\Dell\Data aplikací\Mozilla\Firefox\Profiles\45gv6y2j.default\SweetIMToolbarData
Folder Deleted : C:\Documents and Settings\Dell\Data aplikací\Mozilla\Firefox\Profiles\45gv6y2j.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}
[!] Folder Deleted : C:\Documents and Settings\Dell\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
File Deleted : C:\Documents and Settings\Dell\Nabídka Start\eBay.lnk
File Deleted : C:\Documents and Settings\Dell\Data aplikací\Mozilla\Firefox\Profiles\45gv6y2j.default\searchplugins\icqplugin.gif
File Deleted : C:\Documents and Settings\Dell\Data aplikací\Mozilla\Firefox\Profiles\45gv6y2j.default\searchplugins\icqplugin.src
File Deleted : C:\Documents and Settings\Dell\Data aplikací\Mozilla\Firefox\Profiles\45gv6y2j.default\searchplugins\icqplugin.xml
File Deleted : C:\Documents and Settings\Dell\Data aplikací\Mozilla\Firefox\Profiles\45gv6y2j.default\searchplugins\icqplugin-1.xml
File Deleted : C:\Documents and Settings\Dell\Data aplikací\Mozilla\Firefox\Profiles\45gv6y2j.default\searchplugins\icqplugin-10.xml
File Deleted : C:\Documents and Settings\Dell\Data aplikací\Mozilla\Firefox\Profiles\45gv6y2j.default\searchplugins\icqplugin-11.xml
File Deleted : C:\Documents and Settings\Dell\Data aplikací\Mozilla\Firefox\Profiles\45gv6y2j.default\searchplugins\icqplugin-12.xml
File Deleted : C:\Documents and Settings\Dell\Data aplikací\Mozilla\Firefox\Profiles\45gv6y2j.default\searchplugins\icqplugin-13.xml
File Deleted : C:\Documents and Settings\Dell\Data aplikací\Mozilla\Firefox\Profiles\45gv6y2j.default\searchplugins\icqplugin-14.xml
File Deleted : C:\Documents and Settings\Dell\Data aplikací\Mozilla\Firefox\Profiles\45gv6y2j.default\searchplugins\icqplugin-15.xml
File Deleted : C:\Documents and Settings\Dell\Data aplikací\Mozilla\Firefox\Profiles\45gv6y2j.default\searchplugins\icqplugin-16.xml
File Deleted : C:\Documents and Settings\Dell\Data aplikací\Mozilla\Firefox\Profiles\45gv6y2j.default\searchplugins\icqplugin-17.xml
File Deleted : C:\Documents and Settings\Dell\Data aplikací\Mozilla\Firefox\Profiles\45gv6y2j.default\searchplugins\icqplugin-18.xml
File Deleted : C:\Documents and Settings\Dell\Data aplikací\Mozilla\Firefox\Profiles\45gv6y2j.default\searchplugins\icqplugin-19.xml
File Deleted : C:\Documents and Settings\Dell\Data aplikací\Mozilla\Firefox\Profiles\45gv6y2j.default\searchplugins\icqplugin-2.xml
File Deleted : C:\Documents and Settings\Dell\Data aplikací\Mozilla\Firefox\Profiles\45gv6y2j.default\searchplugins\icqplugin-20.xml
File Deleted : C:\Documents and Settings\Dell\Data aplikací\Mozilla\Firefox\Profiles\45gv6y2j.default\searchplugins\icqplugin-21.xml
File Deleted : C:\Documents and Settings\Dell\Data aplikací\Mozilla\Firefox\Profiles\45gv6y2j.default\searchplugins\icqplugin-22.xml
File Deleted : C:\Documents and Settings\Dell\Data aplikací\Mozilla\Firefox\Profiles\45gv6y2j.default\searchplugins\icqplugin-23.xml
File Deleted : C:\Documents and Settings\Dell\Data aplikací\Mozilla\Firefox\Profiles\45gv6y2j.default\searchplugins\icqplugin-24.xml
File Deleted : C:\Documents and Settings\Dell\Data aplikací\Mozilla\Firefox\Profiles\45gv6y2j.default\searchplugins\icqplugin-25.xml
File Deleted : C:\Documents and Settings\Dell\Data aplikací\Mozilla\Firefox\Profiles\45gv6y2j.default\searchplugins\icqplugin-3.xml
File Deleted : C:\Documents and Settings\Dell\Data aplikací\Mozilla\Firefox\Profiles\45gv6y2j.default\searchplugins\icqplugin-4.xml
File Deleted : C:\Documents and Settings\Dell\Data aplikací\Mozilla\Firefox\Profiles\45gv6y2j.default\searchplugins\icqplugin-5.xml
File Deleted : C:\Documents and Settings\Dell\Data aplikací\Mozilla\Firefox\Profiles\45gv6y2j.default\searchplugins\icqplugin-6.xml
File Deleted : C:\Documents and Settings\Dell\Data aplikací\Mozilla\Firefox\Profiles\45gv6y2j.default\searchplugins\icqplugin-7.xml
File Deleted : C:\Documents and Settings\Dell\Data aplikací\Mozilla\Firefox\Profiles\45gv6y2j.default\searchplugins\icqplugin-8.xml
File Deleted : C:\Documents and Settings\Dell\Data aplikací\Mozilla\Firefox\Profiles\45gv6y2j.default\searchplugins\icqplugin-9.xml

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{65C994A2-C65A-4A20-BA92-AADAFC0DCE49}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8E7AD93B-3E87-423D-947F-A321FA7E31C4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Documents and Settings\Dell\Dokumenty\Stažené soubory\SweetImSetup.exe]
Key Deleted : HKCU\Software\GamePlayLabs
Key Deleted : HKCU\Software\ICQ\ICQToolbar
Key Deleted : HKCU\Software\ICQToolbar
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\Software\ICQ\ICQToolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\GamePlayLabs Plugin
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB676B0E1B9EFA049B9F7DDDA9645734
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Prev Search Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Prev Search Bar]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]

-\\ Mozilla Firefox v28.0 (cs)

[ File : C:\Documents and Settings\Dell\Data aplikací\Mozilla\Firefox\Profiles\45gv6y2j.default\prefs.js ]


-\\ Google Chrome v

[ File : C:\Documents and Settings\Dell\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]

Deleted [Homepage] : hxxp://start.facemoods.com/?a=vsl
Deleted [Extension] : ndibdjnfmopecpmkdieinmbadjfpblof

*************************

AdwCleaner[R0].txt - [12896 octets] - [06/05/2014 19:51:50]
AdwCleaner[S0].txt - [12910 octets] - [06/05/2014 19:53:42]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [12971 octets] ##########


# AdwCleaner v3.207 - Report created 06/05/2014 at 20:32:11
# Updated 05/05/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Dell - DELL-E0AD2D2379
# Running from : C:\Documents and Settings\Dell\Plocha\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

[!] Folder Deleted : C:\Documents and Settings\Dell\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof

***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702


-\\ Mozilla Firefox v28.0 (cs)

-\\ Google Chrome v

[ File : C:\Documents and Settings\Dell\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [12896 octets] - [06/05/2014 19:51:50]
AdwCleaner[R1].txt - [1181 octets] - [06/05/2014 20:31:06]
AdwCleaner[S0].txt - [13052 octets] - [06/05/2014 19:53:42]
AdwCleaner[S1].txt - [1111 octets] - [06/05/2014 20:32:11]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1171 octets] ##########

A zde log ze ZOE:


Zoek.exe v5.0.0.0 Updated 14-April-2014
Tool run by Dell on Łt 06.05.2014 at 20:46:26,39.
Systém Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Documents and Settings\Dell\Plocha\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

6.5.2014 20:50:11 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Suspicious Entries Found ======================

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy

\StandardProfile\GloballyOpenPorts\List]
"3389:TCP"="3389:TCP:*:Enabled:@xpsp2res.dll,-22009"

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Running Processes ======================

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\SCardSvr.exe
C:\Program Files\AVG\AVG2012\avgwdsvc.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\AVG\AVG2012\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\System32\alg.exe
C:\totalcmd\TOTALCMD.EXE
C:\Documents and Settings\Dell\Plocha\zoek.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc

==== Deleting Services ======================


==== Deleting Files \ Folders ======================

"C:\WINDOWS\Installer\130aa56.msi" not found
C:\DOCUME~1\ALLUSE~1\DATAAP~1\ICQ deleted
C:\DOCUME~1\ALLUSE~1\DATAAP~1\AVG January 2013 Campaign deleted

======== System Restore Points ========

RP382: 8.2.2014 18:46:02 - Kontrolní bod systému
RP383: 12.2.2014 18:40:04 - Sony PC Companion
RP384: 13.2.2014 11:12:21 - Software Distribution Service 3.0
RP385: 14.2.2014 18:11:59 - Kontrolní bod systému
RP386: 19.2.2014 10:36:55 - Kontrolní bod systému
RP387: 20.2.2014 20:57:26 - Kontrolní bod systému
RP388: 1.3.2014 19:40:51 - Kontrolní bod systému
RP389: 3.3.2014 20:35:24 - Kontrolní bod systému
RP390: 4.3.2014 21:26:42 - Kontrolní bod systému
RP391: 8.3.2014 10:54:43 - Software Distribution Service 3.0
RP392: 12.3.2014 19:56:09 - Kontrolní bod systému
RP393: 14.3.2014 11:33:28 - Software Distribution Service 3.0
RP394: 16.3.2014 22:13:36 - Kontrolní bod systému
RP395: 18.3.2014 11:07:07 - Kontrolní bod systému
RP396: 19.3.2014 11:54:39 - Software Distribution Service 3.0
RP397: 24.3.2014 21:48:53 - Kontrolní bod systému
RP398: 27.3.2014 20:40:01 - Kontrolní bod systému
RP399: 31.3.2014 10:26:33 - Kontrolní bod systému
RP400: 3.4.2014 20:17:56 - Kontrolní bod systému
RP401: 7.4.2014 20:44:39 - Kontrolní bod systému
RP402: 9.4.2014 19:14:33 - Sony PC Companion
RP403: 10.4.2014 11:47:38 - Software Distribution Service 3.0
RP404: 11.4.2014 20:53:19 - Kontrolní bod systému
RP405: 13.4.2014 19:50:41 - Kontrolní bod systému
RP406: 23.4.2014 20:38:58 - Kontrolní bod systému
RP407: 29.4.2014 21:25:51 - Kontrolní bod systému
RP408: 1.5.2014 10:55:20 - Kontrolní bod systému
RP409: 4.5.2014 11:47:57 - Software Distribution Service 3.0
RP410: 5.5.2014 21:30:13 - Kontrolní bod systému
RP411: 6.5.2014 20:50:11 - zoek.exe restore point

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{20a82645-c095-46ed-80e3-08825760534b}"="c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows

Presentation Foundation\DotNetAssistantExtension" [18.10.2013 21:14]

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.cz/"
"Default_Page_URL"="http://www.google.com"
"Default_Search_URL"="http://www.google.com/ie"
"Prev Search Page"="http://www.google.com"
"Prev Search Bar"="http://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
@="http://www.google.com/search?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"SearchAssistant"="http://www.google.com/ie"
"Default_Search_URL"="http://www.google.com/ie"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Prev Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Prev Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.google.cz/"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/ ... chasst.htm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search"
{462EFA37-BF12-4B93-BBEC-13CC0066E629} Google

Url="http://www.google.com/search?q={searchT ... n-US&ie=ut

f8&oe=utf8"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google

Url="http://www.google.com/search?q={searchT ... {inputEnco

ding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Pro

ducts\059103D1F2AE2884A90A9464776548A2 deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1D301950-EA2F-4882-9

AA0-49467756842A} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\059103D1F2AE2884A90A9464776548A2

deleted successfully

==== HijackThis Entries ======================

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL =

http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program

Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program

Files\AVG\AVG2012\avgdtiex.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program

Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program

Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL

SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK

SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver -

res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel -

res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program

Files\AVG\AVG2012\avgdtiex.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network

Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} -

C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program

Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -

C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} -

http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program

Files\AVG\AVG2012\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -

C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} -

C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí -

{8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program

Files\AVG\AVG2012\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program

Files\AVG\AVG2012\avgwdsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program

Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation -

C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files\Sony\Sony PC

Companion\PCCService.exe
O24 - Desktop Component 0: (no name) -

http://imb.lide.cz/big/4c5c282176f95164 ... d=94649270

==== Empty IE Cache ======================

C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5

emptied successfully
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5

emptied successfully
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5

emptied successfully
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5

emptied successfully
C:\Documents and Settings\Dell\Local Settings\Temporary Internet Files\Content.IE5\index.dat

will be deleted at reboot
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet

Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=26 folders=4 8852998 bytes)

==== Empty Temp Folders ======================

C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\DOCUME~1\Dell\LOCALS~1\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\RECYCLER successfully emptied

==== Deleting Files / Folders ======================

"C:\Documents and Settings\Dell\Local Settings\Temporary Internet

Files\Content.IE5\index.dat" not deleted
"C:\Documents and Settings\LocalService\Local Settings\Temporary Internet

Files\Content.IE5\index.dat" not deleted

==== EOF on Łt 06.05.2014 at 21:01:19,62 ======================

Re: Prosím o preventivní kontrolu

Napsal: 07 kvě 2014 04:49
od cernohous13
:???: Jak se na to tváří PC?

:arrow: Dej mi aktuální RSIT

Re: Prosím o preventivní kontrolu

Napsal: 08 kvě 2014 09:35
od RomanL2
PC je úžasný stroj, právě proběhla automatická aktualizace antiviru na vyšší verzi, a trvala pře 30 minut, nicméně bych řekl, že v tomhle případě je to asi normální. :)
Zde nový log z RSIT:

Logfile of random's system information tool 1.06 (written by random/random)
Run by Dell at 2014-05-08 09:40:01
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 16 GB (42%) free of 38 GB
Total RAM: 1015 MB (52% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-1202660629-1454471165-682003330-1003Core.job
C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-1202660629-1454471165-682003330-1003UA.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1202660629-1454471165-682003330-1003Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1202660629-1454471165-682003330-1003UA.job
C:\WINDOWS\tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
C:\WINDOWS\tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll [2003-05-15 50376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31332EEF-CB9F-458F-AFEB-D30E9A66B6BA}]
AVG Do Not Track - C:\Program Files\AVG\AVG2012\avgdtiex.dll [2012-10-15 938104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
AcroIEToolbarHelper Class - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll [2003-05-15 147456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll [2003-05-15 147456]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"igfxtray"=C:\WINDOWS\system32\igfxtray.exe [2008-08-04 94208]
"igfxhkcmd"=C:\WINDOWS\system32\hkcmd.exe [2008-08-04 77824]
"igfxpers"=C:\WINDOWS\system32\igfxpers.exe [2008-08-04 114688]
"AVG_TRAY"=C:\Program Files\AVG\AVG2012\avgtray.exe [2012-11-19 2598520]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2008-08-04 135168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Documents and Settings\Dell\Plocha\Janka\Sindicate\Launcher.exe"="C:\Documents and Settings\Dell\Plocha\Janka\Sindicate\Launcher.exe:*:Enabled:Launcher.exe"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:MSN Messenger 7.0"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\AVG\AVG2012\avgmfapx.exe"="C:\Program Files\AVG\AVG2012\avgmfapx.exe:*:Enabled:Instalátor AVG"
"C:\Program Files\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe"="C:\Program Files\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe:*:Enabled:Update Engine"
"C:\Program Files\AVG\AVG2012\avgnsx.exe"="C:\Program Files\AVG\AVG2012\avgnsx.exe:*:Enabled:Webový štít"
"C:\Program Files\AVG\AVG2012\avgdiagex.exe"="C:\Program Files\AVG\AVG2012\avgdiagex.exe:*:Enabled:AVG Diagnostika 2012"
"C:\Program Files\AVG\AVG2012\avgemcx.exe"="C:\Program Files\AVG\AVG2012\avgemcx.exe:*:Enabled:Obecná kontrola pošty"
"C:\Documents and Settings\Dell\Local Settings\Data aplikací\Facebook\Video\Skype\FacebookVideoCalling.exe"="C:\Documents and Settings\Dell\Local Settings\Data aplikací\Facebook\Video\Skype\FacebookVideoCalling.exe:*:Enabled:Facebook Video Calling Plugin"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:MSN Messenger 7.0"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a61e3a50-65f4-11e1-ad8b-002719f2284b}]
shell\AutoRun\command - E:\Startme.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cbd32fe6-f772-11e0-aca4-0060b3a117d3}]
shell\AutoRun\command - E:\Startme.exe


======List of files/folders created in the last 1 months======

2014-05-06 20:56:43 ----A---- C:\WINDOWS\zoek-delete.exe
2014-05-06 20:56:42 ----D---- C:\WINDOWS\Temp
2014-05-06 20:46:20 ----D---- C:\zoek_backup
2014-05-06 19:52:18 ----A---- C:\WINDOWS\system32\sqlite3.dll
2014-05-06 19:51:46 ----D---- C:\AdwCleaner
2014-05-06 19:33:43 ----D---- C:\WINDOWS\ERUNT
2014-05-05 01:33:46 ----A---- C:\MBAM-log-2014-05-05 (01-33-20).txt
2014-05-04 17:49:02 ----D---- C:\Work
2014-05-04 17:43:49 ----D---- C:\Documents and Settings\Dell\Data aplikací\Malwarebytes
2014-05-04 17:42:53 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2014-05-04 17:42:49 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2014-05-04 13:04:28 ----D---- C:\Program Files\trend micro
2014-05-04 13:04:24 ----D---- C:\rsit
2014-05-04 12:42:27 ----D---- C:\Program Files\CCleaner
2014-05-03 18:42:43 ----D---- C:\WINDOWS\Minidump

======List of files/folders modified in the last 1 months======

2014-05-06 21:19:23 ----A---- C:\WINDOWS\SchedLgU.Txt
2014-05-06 21:19:13 ----A---- C:\WINDOWS\wincmd.ini
2014-05-06 20:59:51 ----D---- C:\WINDOWS
2014-05-06 20:56:20 ----RD---- C:\Program Files
2014-05-06 20:46:27 ----D---- C:\WINDOWS\Prefetch
2014-05-06 20:46:22 ----D---- C:\WINDOWS\system32
2014-05-06 20:45:29 ----D---- C:\WINDOWS\system32\CatRoot2
2014-05-05 23:29:31 ----D---- C:\WINDOWS\system32\drivers
2014-05-05 20:59:16 ----D---- C:\WINDOWS\Registration
2014-05-04 12:49:42 ----D---- C:\Documents and Settings\Dell\Data aplikací\Skype
2014-05-04 12:47:24 ----D---- C:\WINDOWS\Debug
2014-05-04 12:07:38 ----HD---- C:\WINDOWS\inf
2014-05-04 12:07:31 ----RSHDC---- C:\WINDOWS\system32\dllcache
2014-05-04 12:06:55 ----D---- C:\WINDOWS\ie8updates
2014-04-30 10:12:55 ----A---- C:\WINDOWS\system32\mshtml.dll
2014-04-13 21:04:38 ----D---- C:\Fotky
2014-04-10 11:53:57 ----D---- C:\WINDOWS\system32\MRT
2014-04-10 11:50:40 ----A---- C:\WINDOWS\system32\MRT.exe
2014-04-10 11:50:09 ----D---- C:\Program Files\Internet Explorer
2014-04-09 19:14:41 ----DC---- C:\WINDOWS\system32\DRVSTORE

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Avgldx86;AVG AVI Loader Driver; C:\WINDOWS\system32\DRIVERS\avgldx86.sys [2012-11-08 250080]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\WINDOWS\system32\DRIVERS\avgmfx86.sys [2011-12-23 41040]
R1 Avgtdix;AVG TDI Driver; C:\WINDOWS\system32\DRIVERS\avgtdix.sys [2013-04-11 302368]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R2 irda;Protokol IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2008-08-04 13059]
R3 AVGIDSDriver;AVGIDSDriver; C:\WINDOWS\system32\DRIVERS\avgidsdriverx.sys [2012-12-10 142176]
R3 AVGIDSFilter;AVGIDSFilter; C:\WINDOWS\system32\DRIVERS\avgidsfilterx.sys [2011-12-23 24144]
R3 AVGIDSShim;AVGIDSShim; C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys [2011-12-23 17232]
R3 b57w2k;Broadcom NetXtreme 57xx Gigabit Controller; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2008-08-04 134272]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 GTIPCI21;GTIPCI21; C:\WINDOWS\system32\DRIVERS\gtipci21.sys [2008-08-04 80384]
R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2008-08-04 1041536]
R3 HSFHWICH;HSFHWICH; C:\WINDOWS\system32\DRIVERS\HSFHWICH.sys [2008-08-04 200064]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2008-08-04 1049180]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 SMCIRDA;SMC IrCC Miniport Device Driver; C:\WINDOWS\system32\DRIVERS\smcirda.sys [2001-10-24 35913]
R3 STAC97;SigmaTel C-Major Audio; C:\WINDOWS\system32\drivers\STAC97.sys [2008-08-04 272568]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2009-03-18 30336]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2008-08-04 685056]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 NBXG3021;NB 802.11g XG302 SP1 Driver; C:\WINDOWS\system32\DRIVERS\wlanCIG.sys [2006-03-06 515616]
S3 RT73;RT73 USB Wireless LAN Card Driver; C:\WINDOWS\system32\DRIVERS\rt73.sys [2007-05-14 445696]
S3 s1039bus;Sony Ericsson Device 1039 driver (WDM); C:\WINDOWS\system32\DRIVERS\s1039bus.sys [2009-11-19 98672]
S3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s1039mdfl.sys [2009-11-19 14960]
S3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s1039mdm.sys [2009-11-19 124016]
S3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s1039mgmt.sys [2009-11-19 117872]
S3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS); C:\WINDOWS\system32\DRIVERS\s1039nd5.sys [2009-11-19 25456]
S3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s1039obex.sys [2009-11-19 113904]
S3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM); C:\WINDOWS\system32\DRIVERS\s1039unic.sys [2009-11-19 123504]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe [2013-10-16 5175856]
R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288]
R2 Irmon;Sledování infračerveného přenosu; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-06-11 136120]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-03-30 119408]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Re: Prosím o preventivní kontrolu

Napsal: 08 kvě 2014 15:37
od cernohous13
Stáhni OTM z jednoho odkazu a rozbal nejlépe na plochu.
http://oldtimer.geekstogo.com/OTM.exe
http://www.itxassociates.com/OT-Tools/OTM.exe

Spusť program „OTM.exe“ (pro Vistu a Win7 – pravým a „Run As Administrator“).
Do okna pod žlutou čáru vlož celý text zeleným písmem ze „Scriptu“

Klikni na červené „MoveIt!“

Při nabídce restartu „YES“
a log potom najdeš v C:\_OTM\MovedFiles\ - dej mi ho sem na kontrolu
Script OTM

Kód: Vybrat vše

:Commands
[resethosts]
[emptytemp]
[emptyflash]
[emptyjava]
[clearallrestorepoints]

:Files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp /s
C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-1202660629-1454471165-682003330-1003Core.job
C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-1202660629-1454471165-682003330-1003UA.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1202660629-1454471165-682003330-1003Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1202660629-1454471165-682003330-1003UA.job
C:\WINDOWS\tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
C:\WINDOWS\tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
C:\WINDOWS\zoek-delete.exe
C:\zoek_backup
C:\AdwCleaner

:Reg
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a61e3a50-65f4-11e1-ad8b-002719f2284b}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cbd32fe6-f772-11e0-aca4-0060b3a117d3}]

Re: Prosím o preventivní kontrolu

Napsal: 08 kvě 2014 18:42
od RomanL2
Zde log z OTM:

All processes killed
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: Dell
->Temp folder emptied: 14156 bytes
->Temporary Internet Files folder emptied: 1623133 bytes
->FireFox cache emptied: 432261256 bytes
->Google Chrome cache emptied: 13693697 bytes
->Flash cache emptied: 523 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 2504 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 895 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 220096002 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 67 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 637,00 mb


[EMPTYFLASH]

User: All Users

User: Default User

User: Dell
->Flash cache emptied: 0 bytes

User: LocalService

User: NetworkService

Total Flash Files Cleaned = 0,00 mb


[EMPTYJAVA]

User: All Users

User: Default User

User: Dell

User: LocalService

User: NetworkService

Total Java Files Cleaned = 0,00 mb


Restore point Set: OTM Restore Point
========== FILES ==========
C:\WINDOWS\system32\_000125_.tmp.dll moved successfully.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP138.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP15B.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1D9.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1F7.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP215.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP23A.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2A.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2F5.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP302.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3EA.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP41F.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP500.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5E1.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5EF.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6E4.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6F9.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP734.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP74A.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP81F.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP900.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP924.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP94F.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPA25.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPF5.tmp folder moved successfully.
C:\WINDOWS\Installer\MSI13.tmp moved successfully.
C:\WINDOWS\Installer\MSI2E.tmp moved successfully.
C:\WINDOWS\Installer\MSI36.tmp moved successfully.
C:\WINDOWS\Installer\MSI3B.tmp moved successfully.
C:\WINDOWS\Installer\MSI3D.tmp moved successfully.
C:\WINDOWS\Installer\MSI7.tmp moved successfully.
C:\WINDOWS\Installer\MSIE.tmp moved successfully.
C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-1202660629-1454471165-682003330-1003Core.job moved successfully.
C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-1202660629-1454471165-682003330-1003UA.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1202660629-1454471165-682003330-1003Core.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1202660629-1454471165-682003330-1003UA.job moved successfully.
C:\WINDOWS\tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job moved successfully.
C:\WINDOWS\tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job moved successfully.
C:\WINDOWS\zoek-delete.exe moved successfully.
C:\zoek_backup\C_DOCUME~1_ALLUSE~1_DATAAP~1_ICQ\ICQNewTab\img folder moved successfully.
C:\zoek_backup\C_DOCUME~1_ALLUSE~1_DATAAP~1_ICQ\ICQNewTab folder moved successfully.
C:\zoek_backup\C_DOCUME~1_ALLUSE~1_DATAAP~1_ICQ folder moved successfully.
C:\zoek_backup\C_DOCUME~1_ALLUSE~1_DATAAP~1_AVG January 2013 Campaign folder moved successfully.
C:\zoek_backup folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\Dell\Nabídka Start folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\Dell\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\_locales\zh_TW folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\Dell\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\_locales\zh_CN folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\Dell\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\_locales\tr folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\Dell\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\_locales\sr folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\Dell\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\_locales\sk folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\Dell\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\_locales\ru folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\Dell\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\_locales\pt_PT folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\Dell\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\_locales\pt_BR folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\Dell\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\_locales\pl folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\Dell\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\_locales\nl folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\Dell\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\_locales\ko folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\Dell\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\_locales\ja folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\Dell\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\_locales\it folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\Dell\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\_locales\id folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\Dell\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\_locales\hu folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\Dell\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\_locales\fr folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\Dell\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\_locales\es_419 folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\Dell\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\_locales\es folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\Dell\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\_locales\en folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\Dell\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\_locales\de folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\Dell\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\_locales\da folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\Dell\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\_locales\cs folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\Dell\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\_locales folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\Dell\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\content\lib folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\Dell\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\content\js folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\Dell\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\content\icons folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\Dell\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\content\css folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\Dell\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\content folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\Dell\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0 folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\Dell\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\Dell\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\Dell\Local Settings\Data aplikací\Google\Chrome\User Data\Default folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\Dell\Local Settings\Data aplikací\Google\Chrome\User Data folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\Dell\Local Settings\Data aplikací\Google\Chrome folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\Dell\Local Settings\Data aplikací\Google folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\Dell\Local Settings\Data aplikací folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\Dell\Local Settings folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\Dell\Data aplikací\Mozilla\Firefox\Profiles\45gv6y2j.default\searchplugins folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\Dell\Data aplikací\Mozilla\Firefox\Profiles\45gv6y2j.default\ICQToolbarData folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\Dell\Data aplikací\Mozilla\Firefox\Profiles\45gv6y2j.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}\search_engine folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\Dell\Data aplikací\Mozilla\Firefox\Profiles\45gv6y2j.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}\META-INF folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\Dell\Data aplikací\Mozilla\Firefox\Profiles\45gv6y2j.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}\defaults\preferences folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\Dell\Data aplikací\Mozilla\Firefox\Profiles\45gv6y2j.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}\defaults folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\Dell\Data aplikací\Mozilla\Firefox\Profiles\45gv6y2j.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}\components folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\Dell\Data aplikací\Mozilla\Firefox\Profiles\45gv6y2j.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}\chrome\skin folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\Dell\Data aplikací\Mozilla\Firefox\Profiles\45gv6y2j.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}\chrome\locale\tr folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\Dell\Data aplikací\Mozilla\Firefox\Profiles\45gv6y2j.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}\chrome\locale\sk folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\Dell\Data aplikací\Mozilla\Firefox\Profiles\45gv6y2j.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}\chrome\locale\ru folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\Dell\Data aplikací\Mozilla\Firefox\Profiles\45gv6y2j.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}\chrome\locale\it folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\Dell\Data aplikací\Mozilla\Firefox\Profiles\45gv6y2j.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}\chrome\locale\he folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\Dell\Data aplikací\Mozilla\Firefox\Profiles\45gv6y2j.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}\chrome\locale\fr folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\Dell\Data aplikací\Mozilla\Firefox\Profiles\45gv6y2j.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}\chrome\locale\es folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\Dell\Data aplikací\Mozilla\Firefox\Profiles\45gv6y2j.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}\chrome\locale\en-US folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\Dell\Data aplikací\Mozilla\Firefox\Profiles\45gv6y2j.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}\chrome\locale\de folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\Dell\Data aplikací\Mozilla\Firefox\Profiles\45gv6y2j.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}\chrome\locale\cs folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\Dell\Data aplikací\Mozilla\Firefox\Profiles\45gv6y2j.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}\chrome\locale\bg folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\Dell\Data aplikací\Mozilla\Firefox\Profiles\45gv6y2j.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}\chrome\locale folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\Dell\Data aplikací\Mozilla\Firefox\Profiles\45gv6y2j.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}\chrome\content\img folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\Dell\Data aplikací\Mozilla\Firefox\Profiles\45gv6y2j.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}\chrome\content folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\Dell\Data aplikací\Mozilla\Firefox\Profiles\45gv6y2j.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}\chrome folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\Dell\Data aplikací\Mozilla\Firefox\Profiles\45gv6y2j.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07} folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\Dell\Data aplikací\Mozilla\Firefox\Profiles\45gv6y2j.default\Extensions folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\Dell\Data aplikací\Mozilla\Firefox\Profiles\45gv6y2j.default folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\Dell\Data aplikací\Mozilla\Firefox\Profiles folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\Dell\Data aplikací\Mozilla\Firefox folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\Dell\Data aplikací\Mozilla folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\Dell\Data aplikací folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\Dell folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Data aplikací\SweetIM\Messenger\data\contentdb folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Data aplikací\SweetIM\Messenger\data\Bars\Default folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Data aplikací\SweetIM\Messenger\data\Bars folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Data aplikací\SweetIM\Messenger\data folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Data aplikací\SweetIM\Messenger\conf\users\469196125 folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Data aplikací\SweetIM\Messenger\conf\users folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Data aplikací\SweetIM\Messenger\conf folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Data aplikací\SweetIM\Messenger folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Data aplikací\SweetIM folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Data aplikací\ICQ\ICQToolbar\XML\TR folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Data aplikací\ICQ\ICQToolbar\XML\SK folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Data aplikací\ICQ\ICQToolbar\XML\RU folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Data aplikací\ICQ\ICQToolbar\XML\IT folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Data aplikací\ICQ\ICQToolbar\XML\HE folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Data aplikací\ICQ\ICQToolbar\XML\FR folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Data aplikací\ICQ\ICQToolbar\XML\ES folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Data aplikací\ICQ\ICQToolbar\XML\EN folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Data aplikací\ICQ\ICQToolbar\XML\DE folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Data aplikací\ICQ\ICQToolbar\XML\BG folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Data aplikací\ICQ\ICQToolbar\XML folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Data aplikací\ICQ\ICQToolbar folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Data aplikací\ICQ folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Data aplikací folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings folder moved successfully.
C:\AdwCleaner\Quarantine\C folder moved successfully.
C:\AdwCleaner\Quarantine folder moved successfully.
C:\AdwCleaner\Backup\C\Documents and Settings\Dell\Data aplikací\Mozilla\Firefox\Profiles\45gv6y2j.default folder moved successfully.
C:\AdwCleaner\Backup\C\Documents and Settings\Dell\Data aplikací\Mozilla\Firefox\Profiles folder moved successfully.
C:\AdwCleaner\Backup\C\Documents and Settings\Dell\Data aplikací\Mozilla\Firefox folder moved successfully.
C:\AdwCleaner\Backup\C\Documents and Settings\Dell\Data aplikací\Mozilla folder moved successfully.
C:\AdwCleaner\Backup\C\Documents and Settings\Dell\Data aplikací folder moved successfully.
C:\AdwCleaner\Backup\C\Documents and Settings\Dell folder moved successfully.
C:\AdwCleaner\Backup\C\Documents and Settings folder moved successfully.
C:\AdwCleaner\Backup\C folder moved successfully.
C:\AdwCleaner\Backup folder moved successfully.
C:\AdwCleaner folder moved successfully.
========== REGISTRY ==========
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a61e3a50-65f4-11e1-ad8b-002719f2284b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a61e3a50-65f4-11e1-ad8b-002719f2284b}\ not found.
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cbd32fe6-f772-11e0-aca4-0060b3a117d3}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cbd32fe6-f772-11e0-aca4-0060b3a117d3}\ not found.

OTM by OldTimer - Version 3.1.21.0 log created on 05082014_192352

Files moved on Reboot...

Registry entries deleted on Reboot...

Re: Prosím o preventivní kontrolu

Napsal: 09 kvě 2014 05:38
od cernohous13
:arrow: Spusť opět OTM -> CleanUp! - odinstaluje a vyčistí po sobě.

:arrow: Mohu doporučit kontrolu a vyčištění Ccleanerem
Stáhni Ccleaner - http://www.filehippo.com/download_ccleaner
Při instalaci vyhodit fajfku u nabízených toolbarů
Můžeš nastavit potřebný jazyk
zavřít Internetový prohlížeč a
spustit "Čistič" > "Spustit Ccleaner" - odstraní nepotřebné
spustit "Registry" > "Hledej problémy" > "Opravit vybrané problémy"
souhlas se zálohou registrů - opakovat dokud nebudou registry čisté.
spustit "Nástroje" > "Start" - tady můžeš zkusit deaktivovat procesy, které při spuštění nepotřebuješ (pokud by ti potom něco nechodilo, stejným způsobem je povolíš)


Návod:http://jnp.zive.cz/Clanky/Prirucka-do-k ... fault.aspx
Ten si můžeš nechat i na budoucí občasné čištění.

:arrow: Po vyčištění by se hodila defragmentace
http://www.filehippo.com/download_defraggler

A jestli nejsou problémy tak jsme ve finále :wink:

Re: Prosím o preventivní kontrolu

Napsal: 15 kvě 2014 06:33
od RomanL2
PC je staré a pomalé, ale jinak vypadá, že je v pořádku. Omlouvám se za pozdní reakci, kamarád už si notebook odnesl a já jsem pozapomněl z druhého PC poděkovat, takže tímto tak činím. Děkuji za pomoc, poslední dobou využívám pomoci vašeho fóra častěji, protože mi všichni známí nosí po ukončení podpory Windows XP PC "na kontrolu", a většina z nich na nějakou údržbu nejméně dva roky ani nesáhla, takže je to poměrně výživné a bez vaší pomoci bych toho asi mnoho nedokázal. Tak ještě jednou děkuji. :)

Re: Prosím o preventivní kontrolu

Napsal: 15 kvě 2014 14:47
od cernohous13
Ukončením podpory XP nekončí nesmrtelný OS :D ještě dnes mi to chtěli kontrolovat jejich antivirovým nástrojem a v týdnu aktualizovali zabezpečení IE :wink:

Nemáš zač - jsme tady i příště :fez:
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz