Kontrola logu

Zpráva

Gabo · #1 Příspěvek od **Gabo** » 30 čer 2014 14:03

Zdravim, pc ide dobre, ale vzdy ked pridem na youtube a chcem si pozriet nejake video, tak sa mi zasekne cela stranka a cez spravcu systemu windows vidim, ze "strankovanie" vyskocilo o dost vysoko (viac, ako byvalo predtym zvykom). Potom to sa to odsekne a funguje vsetko. Internet mam velmi rychly. Na inych strankach takyto problem nemam. Pri vypinani Opery vela krat cakat este aj 5 minut, kym sa Opera vypne. Dalo by sa to nejako precistit (ccleaner pouzivam pravidelne) ?

Dakujem

Logfile of random's system information tool 1.09 (written by random/random)
Run by Gabriel at 2014-06-30 14:57:02
Systém Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 68 GB (45%) free of 153 GB
Total RAM: 1021 MB (24% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:57:42, on 30.6.2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS\sttray.exe
C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe
C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe
C:\Program Files\Philips Display\SmartControl II\DTHtml.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Common Files\Portrait Displays\Shared\HookManager.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Documents and Settings\Gabriel\Local Settings\Application Data\VNT\vntldr.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Settings Manager\systemk\SystemkService.exe
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\Program Files\Settings Manager\systemk\SystemkService.exe
C:\Program Files\Settings Manager\systemk\systemku.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\Opera\opera.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Documents and Settings\Gabriel\Desktop\BEZPEČNOSŤ\RSIT.exe
C:\Program Files\trend micro\Gabriel.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.default-search.net?sid=503&a ... 92&src=hmp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: Linkey - {4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47} - C:\DOCUME~1\Gabriel\LOCALS~1\APPLIC~1\Linkey\IEEXTE~1\iedll.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SigmatelSysTrayApp] sttray.exe
O4 - HKLM\..\Run: [DT PHL] C:\Program Files\Common Files\Portrait Displays\Shared\DT_startup.exe -PHL
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [VNT] C:\Program Files\VNT\vntldr.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [EPSON SX125 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIGGE.EXE /FU "C:\WINDOWS\TEMP\E_SF0.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 7923229796
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\DOCUME~1\Gabriel\LOCALS~1\APPLIC~1\Linkey\IEEXTE~1\iedll.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Portrait Displays Display Tune Service (DTSRVC) - Unknown owner - C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Portrait Displays SDK Service (PdiService) - Portrait Displays, Inc. - C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe
O23 - Service: Systemk Service (SystemkService) - Aztec Media Inc - C:\Program Files\Settings Manager\systemk\SystemkService.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

--
End of file - 6975 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\avast! Emergency Update.job
C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Logon.job
C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Monthly.job
C:\WINDOWS\tasks\Opera scheduled Autoupdate 1397242596.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}]
Linkey - C:\DOCUME~1\Gabriel\LOCALS~1\APPLIC~1\Linkey\IEEXTE~1\iedll.dll [2014-06-01 175632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-05-07 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-06-26 457712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-05-07 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SigmatelSysTrayApp"=C:\WINDOWS\sttray.exe [2006-05-26 282624]
"DT PHL"=C:\Program Files\Common Files\Portrait Displays\Shared\DT_startup.exe [2009-10-08 86016]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-08-15 98304]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-06-26 4086432]
"VNT"=C:\Program Files\VNT\vntldr.exe [2014-02-13 195536]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2014-05-07 256896]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"EPSON SX125 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIGGE.EXE [2009-09-14 200704]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2014-05-08 21444224]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PivotSoftware]
C:\Program Files\Portrait Displays\Pivot Software\wpctrl.exe [2009-03-03 694824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\DOCUME~1\Gabriel\LOCALS~1\APPLIC~1\Linkey\IEEXTE~1\iedll.dll "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2012-08-16 192512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"LegalNoticeText"=
"LegalNoticeCaption"=

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Run a DLL as an App"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\WINDOWS\system32\muzapp.exe"="C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player"
"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"C:\Program Files\Epson Software\Event Manager\EEventManager.exe"="C:\Program Files\Epson Software\Event Manager\EEventManager.exe:*:Enabled:EEventManager Application"
"C:\Documents and Settings\Gabriel\Application Data\Dropbox\bin\Dropbox.exe"="C:\Documents and Settings\Gabriel\Application Data\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox"
"C:\Program Files\Steam\SteamApps\common\Mafia II\pc\mafia2.exe"="C:\Program Files\Steam\SteamApps\common\Mafia II\pc\mafia2.exe:*:Enabled:Mafia II"
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe]
"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"MSVideo8"=VfWWDM32.dll
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"msacm.divxa32"=msaud32_divx.acm
"msacm.ac3filter"=ac3filter.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv

======List of files/folders created in the last 1 month======

2014-06-29 23:27:52 ----A---- C:\WINDOWS\system32\javaws.exe
2014-06-29 23:27:44 ----A---- C:\WINDOWS\system32\WindowsAccessBridge.dll
2014-06-29 23:27:44 ----A---- C:\WINDOWS\system32\javaw.exe
2014-06-29 23:27:44 ----A---- C:\WINDOWS\system32\java.exe
2014-06-29 23:22:28 ----A---- C:\WINDOWS\system32\FNTCACHE.DAT
2014-06-28 22:11:11 ----D---- C:\Program Files\Settings Manager
2014-06-28 22:11:02 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\systemk
2014-06-28 22:10:29 ----D---- C:\Documents and Settings\Gabriel\Application Data\OpenCandy
2014-06-26 22:40:34 ----D---- C:\WINDOWS\jumpshot.com
2014-06-26 22:29:58 ----A---- C:\WINDOWS\avastSS.scr
2014-06-13 09:53:59 ----D---- C:\UpdateChromeLinksLogs
2014-06-13 09:53:48 ----A---- C:\WINDOWS\system32\mfc71.dll
2014-06-13 09:53:48 ----A---- C:\WINDOWS\system32\gdiplus.dll

======List of files/folders modified in the last 1 month======

2014-06-30 14:57:30 ----D---- C:\Program Files\Trend Micro
2014-06-30 14:57:20 ----D---- C:\Documents and Settings\Gabriel\Application Data\Skype
2014-06-30 11:35:09 ----D---- C:\WINDOWS\Temp
2014-06-30 00:32:58 ----A---- C:\WINDOWS\SchedLgU.Txt
2014-06-29 23:27:59 ----SHD---- C:\WINDOWS\Installer
2014-06-29 23:27:59 ----HD---- C:\Config.Msi
2014-06-29 23:27:52 ----D---- C:\WINDOWS\system32
2014-06-29 23:27:42 ----D---- C:\Program Files\Java
2014-06-29 23:25:02 ----D---- C:\WINDOWS\Prefetch
2014-06-29 23:23:13 ----D---- C:\WINDOWS
2014-06-29 23:22:26 ----D---- C:\Program Files\Eusing Free Registry Cleaner
2014-06-29 23:12:58 ----D---- C:\Program Files\CCleaner
2014-06-29 22:18:40 ----D---- C:\FFOutput
2014-06-29 16:19:38 ----A---- C:\WINDOWS\AviSplitter.INI
2014-06-29 01:19:25 ----D---- C:\WINDOWS\system32\CatRoot2
2014-06-28 22:11:41 ----D---- C:\Program Files
2014-06-26 22:39:39 ----D---- C:\WINDOWS\system32\config
2014-06-26 22:30:43 ----SD---- C:\WINDOWS\Tasks
2014-06-26 22:29:58 ----A---- C:\WINDOWS\system32\aswBoot.exe
2014-06-23 14:57:34 ----D---- C:\Program Files\Opera
2014-06-21 23:05:55 ----AD---- C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP
2014-06-21 23:05:52 ----D---- C:\Program Files\SpywareBlaster
2014-06-18 11:44:14 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2014-06-15 14:12:38 ----D---- C:\Program Files\SUPERAntiSpyware
2014-06-13 09:55:12 ----RD---- C:\Program Files\Skype
2014-06-12 00:14:00 ----D---- C:\WINDOWS\Debug
2014-06-11 23:11:26 ----D---- C:\WINDOWS\system32\MRT
2014-06-11 23:08:02 ----A---- C:\WINDOWS\system32\MRT.exe
2014-06-08 13:50:59 ----D---- C:\Program Files\AskPartnerNetwork
2014-06-06 14:00:28 ----RSD---- C:\WINDOWS\assembly
2014-06-06 13:59:24 ----RSD---- C:\WINDOWS\Fonts
2014-06-06 13:59:24 ----D---- C:\Program Files\OpenOffice 4
2014-06-06 12:03:25 ----D---- C:\Documents and Settings\Gabriel\Application Data\Dropbox
2014-06-06 10:02:12 ----D---- C:\Documents and Settings\Gabriel\Application Data\DropboxMaster
2014-06-04 10:57:51 ----D---- C:\Program Files\Common Files
2014-06-04 10:55:43 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Western Digital

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2014-06-26 49944]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2014-06-26 192352]
R1 AswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2014-06-26 55112]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2014-06-26 779536]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2014-06-26 414392]
R1 aswTdi;aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [2014-06-26 57800]
R1 F06DEFF2-5B9C-490D-910F-35D3A9119622;F06DEFF2-5B9C-490D-910F-35D3A9119622; \??\C:\Program Files\Settings Manager\systemk\systemkmgrc2.cfg []
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 36352]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 Pivot;Pivot; C:\WINDOWS\System32\drivers\pivot.sys [2009-03-03 17465]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS []
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2014-06-26 24184]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2014-06-26 67824]
R2 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2012-06-03 5504]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2012-08-16 6810624]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdXP3.sys [2012-02-23 99856]
R3 E100B;Intel(R) PRO Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2006-01-12 163328]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-02-28 12160]
R3 PdiPorts;Portrait Displays low level device driver; C:\WINDOWS\System32\Drivers\PdiPorts.sys [2009-07-15 17136]
R3 pivotmou;Pivot Mouse/Pointers Filter Driver; \??\C:\WINDOWS\system32\drivers\pivotmou.sys []
R3 seehcri;Sony Ericsson seehcri Device Driver; C:\WINDOWS\system32\DRIVERS\seehcri.sys [2008-01-09 27632]
R3 STHDA;SigmaTel High Definition Audio CODEC; C:\WINDOWS\system32\drivers\sthda.sys [2006-05-26 1177032]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
R3 usbstor;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S3 anvsnddrv;AnvSoft Virtual Sound Device; C:\WINDOWS\system32\drivers\anvsnddrv.sys []
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2013-01-31 83168]
S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 sfng32;Sonic Focus Plugin for Sigmatel HDA; C:\WINDOWS\system32\drivers\sfng32.sys [2005-12-03 41728]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2013-01-31 181344]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 SWDUMon;SWDUMon; C:\WINDOWS\system32\DRIVERS\SWDUMon.sys [2013-06-05 13464]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 usbvideo;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2013-07-17 123008]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WinUSB;SAMSUNG Android USB Driver; C:\WINDOWS\system32\DRIVERS\WinUSB.sys [2006-11-02 39368]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [2012-07-11 116608]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2012-08-16 643072]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-06-26 50344]
R2 DTSRVC;Portrait Displays Display Tune Service; C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe [2009-10-08 69632]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2014-05-07 182696]
R2 PdiService;Portrait Displays SDK Service; C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2009-07-15 109168]
R2 STacSV;SigmaTel Audio Service; C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe [2006-05-26 86016]
R2 SystemkService;Systemk Service; C:\Program Files\Settings Manager\systemk\SystemkService.exe [2014-06-11 3572240]
R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [2013-08-27 93072]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-18 262320]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

#2 Příspěvek od **cernohous13** » 30 čer 2014 15:00

Zdravím,

Stáhni Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
Ulož jej na plochu a spusť - zobrazí se licenční podminky -> start libovolnou klávesou.
Bude vytvořena záloha a proběhne skenování.
Vyskočí log (nebo je uložen zde c:\JRT jako JRT.txt) - zkopíruj jej sem

Stáhni AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Ulož nejlépe na plochu -> ukonči všechny programy -> spusť AdwCleaner -> klikni na Scan po dokončení na Clean
bude provedena oprava, restartuje se - (případně restartuj) a vypadne log C:\AdwCleaner\AdwCleaner[S?].txt , jeho obsah vložíš sem

pravděpodobně budeš nucen vypnout na tu chvíli antivir - je to čisté, prověřeno

vyosek píše: Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu
Po spuštění do okna vlozte skript nize
Kód: Vybrat vše
srinfo;
autoclean;
emptyclsid;
iedefaults;
process;
hijackthis;
emptyalltemp;
resethosts;
Nasledne kliknete na Run Script

PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Log bude zde C:\zoek-results.log

Gabo · #3 Příspěvek od **Gabo** » 30 čer 2014 16:21

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Microsoft Windows XP x86
Ran by Gabriel on po 30.06.2014 at 16:16:03,35
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

Successfully deleted: [Registry Key] "hkey_local_machine\software\askpartnernetwork"

~~~ Files

~~~ Folders

Successfully deleted: [Folder] "C:\Documents and Settings\Gabriel\Application Data\opencandy"
Successfully deleted: [Folder] "C:\Program Files\eusing free registry cleaner"
Successfully deleted: [Folder] "C:\Documents and Settings\Gabriel\start menu\programs\free registry cleaner"
Successfully deleted: [Folder] "C:\Program Files\askpartnernetwork"

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on po 30.06.2014 at 16:26:04,00
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

# AdwCleaner v3.214 - Report created 30/06/2014 at 16:41:31
# Updated 29/06/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Gabriel - GABRIELN
# Running from : C:\Documents and Settings\Gabriel\Desktop\adwcleaner_3.214.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : F06DEFF2-5B9C-490D-910F-35D3A9119622
[#] Service Deleted : SystemkService

***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\All Users.WINDOWS\Application Data\AskPartnerNetwork
[!] Folder Deleted : C:\Documents and Settings\All Users.WINDOWS\Application Data\systemk
[!] Folder Deleted : C:\Program Files\Settings Manager
Folder Deleted : C:\Program Files\VNT
Folder Deleted : C:\Documents and Settings\All Users\Application Data\ICQ\ICQToolbar
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Trymedia
Folder Deleted : C:\Documents and Settings\Gabriel\Local Settings\Application Data\Linkey
Folder Deleted : C:\Documents and Settings\Gabriel\Local Settings\Application Data\VNT

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKCU\Software\Google\Chrome\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp
Key Deleted : HKLM\SOFTWARE\Classes\Linkey.Linkey
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [VNT]
Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x64]
Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x86]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6A7CD9EC-D8BD-4340-BCD0-77C09A282921}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{54739D49-AC03-4C57-9264-C5195596B3A1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{54739D49-AC03-4C57-9264-C5195596B3A1}
Key Deleted : HKCU\Software\Linkey
Key Deleted : HKCU\Software\SystemK
Key Deleted : HKLM\Software\Linkey
Key Deleted : HKLM\Software\SystemK
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Settings Manager
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\DOCUME~1\Gabriel\LOCALS~1\APPLIC~1\Linkey\IEEXTE~1\iedll.dll
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]

-\\ Google Chrome v34.0.1847.116

[ File : C:\Documents and Settings\Gabriel\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]

Deleted [Search Provider] : hxxp://www.default-search.net/search?sid=503&a ... earchTerms}
Deleted [Startup_urls] : hxxp://www.default-search.net?sid=503&aid=100& ... 92&src=hmp
Deleted [Homepage] : hxxp://www.default-search.net?sid=503&aid=100& ... 92&src=hmp

*************************

AdwCleaner[R0].txt - [6511 octets] - [30/06/2014 16:40:19]
AdwCleaner[S0].txt - [5871 octets] - [30/06/2014 16:41:31]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5931 octets] ##########

Zoek.exe v5.0.0.0 Updated 28-06-2014
Tool run by Gabriel on po 30.06.2014 at 16:49:32,35.
Systém Microsoft Windows XP Home Edition 5.1.2600 Service Pack 3 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Documents and Settings\Gabriel\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

30.6.2014 16:51:46 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1645522239-1417001333-839522115-1004\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2503} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} deleted successfully

==== Running Processes ======================

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\sttray.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Philips Display\SmartControl II\DTHtml.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Common Files\Portrait Displays\Shared\HookManager.exe
C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\Gabriel\Desktop\zoek.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc

==== Deleting Services ======================

==== Deleting Files \ Folders ======================

C:\found.000 deleted
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Apple deleted
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Package Cache deleted
C:\Documents and Settings\Gabriel\Application Data\Mozilla\Extensions\speedtestanalysis@SpeedAnalysis.com deleted
"C:\Documents and Settings\Gabriel\Application Data\Zoner" deleted

======== System Restore Points ========

RP34: 31.3.2014 16:08:15 - Kontrolný bod systému
RP35: 1.4.2014 16:40:51 - Kontrolný bod systému
RP36: 2.4.2014 17:08:55 - Kontrolný bod systému
RP37: 3.4.2014 19:21:38 - Kontrolný bod systému
RP38: 4.4.2014 19:42:00 - Kontrolný bod systému
RP39: 5.4.2014 21:41:27 - Kontrolný bod systému
RP40: 6.4.2014 22:29:58 - Kontrolný bod systému
RP41: 8.4.2014 19:19:04 - Kontrolný bod systému
RP42: 9.4.2014 17:12:34 - Software Distribution Service 3.0
RP43: 10.4.2014 19:14:14 - Kontrolný bod systému
RP44: 11.4.2014 19:50:09 - Kontrolný bod systému
RP45: 13.4.2014 14:29:27 - Kontrolný bod systému
RP46: 14.4.2014 15:18:40 - Kontrolný bod systému
RP47: 15.4.2014 16:13:07 - Kontrolný bod systému
RP48: 16.4.2014 16:50:18 - Kontrolný bod systému
RP49: 17.4.2014 17:32:35 - Kontrolný bod systému
RP50: 18.4.2014 0:29:03 - avast! antivirus system restore point
RP51: 21.4.2014 15:48:00 - Kontrolný bod systému
RP52: 22.4.2014 17:00:40 - Kontrolný bod systému
RP53: 23.4.2014 17:56:45 - Kontrolný bod systému
RP54: 24.4.2014 18:42:24 - Kontrolný bod systému
RP55: 25.4.2014 19:38:42 - Kontrolný bod systému
RP56: 29.4.2014 12:57:18 - Kontrolný bod systému
RP57: 30.4.2014 13:24:54 - Kontrolný bod systému
RP58: 1.5.2014 14:39:58 - Kontrolný bod systému
RP59: 1.5.2014 15:42:45 - WD SmartWare Installer
RP60: 1.5.2014 15:48:23 - WD SmartWare Installer
RP61: 2.5.2014 16:22:05 - Kontrolný bod systému
RP62: 3.5.2014 0:00:29 - Software Distribution Service 3.0
RP63: 4.5.2014 11:42:41 - Kontrolný bod systému
RP64: 5.5.2014 10:34:57 - avast! antivirus system restore point
RP65: 6.5.2014 11:01:17 - Kontrolný bod systému
RP66: 7.5.2014 12:18:22 - Kontrolný bod systému
RP67: 8.5.2014 22:04:08 - Installed Java 7 Update 55
RP68: 10.5.2014 11:36:33 - Kontrolný bod systému
RP69: 11.5.2014 17:47:41 - Kontrolný bod systému
RP70: 12.5.2014 17:55:01 - Kontrolný bod systému
RP71: 13.5.2014 18:21:55 - Kontrolný bod systému
RP72: 14.5.2014 19:00:47 - Kontrolný bod systému
RP73: 15.5.2014 10:59:44 - Software Distribution Service 3.0
RP74: 15.5.2014 13:28:06 - Nainštalovaný ovládač tlačiarne Foxit Reader PDF Printer Driver
RP75: 15.5.2014 23:21:05 - Removed QuickTime 7
RP76: 17.5.2014 11:42:15 - Kontrolný bod systému
RP77: 18.5.2014 12:03:19 - Kontrolný bod systému
RP78: 19.5.2014 11:15:04 - Removed SlimComputer
RP79: 19.5.2014 11:15:15 - Removed Ask Toolbar
RP80: 21.5.2014 17:51:56 - Kontrolný bod systému
RP81: 22.5.2014 18:30:20 - Kontrolný bod systému
RP82: 24.5.2014 13:15:03 - Kontrolný bod systému
RP83: 25.5.2014 13:55:46 - Kontrolný bod systému
RP84: 26.5.2014 16:35:45 - Kontrolný bod systému
RP85: 27.5.2014 17:59:16 - Kontrolný bod systému
RP86: 3.6.2014 9:09:07 - Kontrolný bod systému
RP87: 4.6.2014 10:42:58 - Kontrolný bod systému
RP88: 4.6.2014 10:54:08 - Removed WD SmartWare
RP89: 4.6.2014 10:57:43 - Removed WD Quick View
RP90: 6.6.2014 13:57:13 - Odstránený OpenOffice 4.0.0
RP91: 6.6.2014 13:58:56 - Installed OpenOffice 4.1.0
RP92: 8.6.2014 15:18:33 - Kontrolný bod systému
RP93: 9.6.2014 15:55:04 - Kontrolný bod systému
RP94: 10.6.2014 18:38:49 - Kontrolný bod systému
RP95: 11.6.2014 18:51:05 - Kontrolný bod systému
RP96: 11.6.2014 23:06:38 - Software Distribution Service 3.0
RP97: 13.6.2014 9:55:09 - Removed Skype Click to Call
RP98: 14.6.2014 13:47:18 - Kontrolný bod systému
RP99: 15.6.2014 14:47:30 - Kontrolný bod systému
RP100: 17.6.2014 13:50:50 - Kontrolný bod systému
RP101: 18.6.2014 19:16:44 - Kontrolný bod systému
RP102: 19.6.2014 20:10:42 - Kontrolný bod systému
RP103: 21.6.2014 16:19:19 - Kontrolný bod systému
RP104: 22.6.2014 19:14:12 - Kontrolný bod systému
RP105: 23.6.2014 23:20:14 - Kontrolný bod systému
RP106: 25.6.2014 18:28:50 - Kontrolný bod systému
RP107: 26.6.2014 18:35:57 - Kontrolný bod systému
RP108: 26.6.2014 22:26:41 - avast! antivirus system restore point
RP109: 27.6.2014 23:05:09 - Kontrolný bod systému
RP110: 29.6.2014 12:27:21 - Kontrolný bod systému
RP111: 29.6.2014 23:27:02 - Installed Java 7 Update 60
RP112: 30.6.2014 16:51:46 - zoek.exe restore point

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [26.06.2014 22:30]

==== Firefox Extensions ======================

ProfilePath: C:\Documents and Settings\admin\Application Data\TomTom\HOME\Profiles\kc6qjwo2.default
- Map status indicator - C:\Program Files\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com
- TomTom HOME default theme - C:\Program Files\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com
- Emulator - %ProfilePath%\extensions\Navcore.8.080.9662@tomtom.com
- Emulator - %ProfilePath%\extensions\Navcore.9.053.520930@tomtom.com
- Emulator - %ProfilePath%\extensions\Navcore.9.057.562242@tomtom.com

ProfilePath: C:\Documents and Settings\Gabriel\Application Data\TomTom\HOME\Profiles\b108xpb9.default
- Map status indicator - C:\Program Files\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com
- TomTom HOME default theme - C:\Program Files\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com
- Emulator - %ProfilePath%\extensions\Navcore.8.080.9662@tomtom.com
- Emulator - %ProfilePath%\extensions\Navcore.9.057.562242@tomtom.com

ProfilePath: C:\Documents and Settings\Gabriel\Application Data\TomTom\HOME\Profiles\nhsdh1yt.default
- Emulator - %ProfilePath%\extensions\Navcore.8.080.9662@tomtom(2).com

AppDir: C:\Program Files\Mozilla Firefox
- Skype Click to Call - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

==== Firefox Plugins ======================

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
aaaajepeddfdaihpmdgnickofffkdlpb - No path found[]
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[26.06.2014 22:29]

Chrome YouTube Downloader - Gabriel\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cbdjiinahkdjdcdlgfimlcolkjpbooja

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchT ... {startPage}"

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\aaaajepeddfdaihpmdgnickofffkdlpb deleted successfully

==== HijackThis Entries ======================

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SigmatelSysTrayApp] sttray.exe
O4 - HKLM\..\Run: [DT PHL] C:\Program Files\Common Files\Portrait Displays\Shared\DT_startup.exe -PHL
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [EPSON SX125 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIGGE.EXE /FU "C:\WINDOWS\TEMP\E_SF0.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 7923229796
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs:
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Portrait Displays Display Tune Service (DTSRVC) - Unknown owner - C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Portrait Displays SDK Service (PdiService) - Portrait Displays, Inc. - C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

==== Empty IE Cache ======================

C:\Documents and Settings\NetworkService.NT AUTHORITY\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\Gabriel\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Documents and Settings\Gabriel\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=46 folders=20 73079293 bytes)

==== Empty Temp Folders ======================

C:\Documents and Settings\admin\Local Settings\temp emptied successfully
C:\Documents and Settings\Administrator\Local Settings\temp emptied successfully
C:\Documents and Settings\Default User\Local Settings\Temp emptied successfully
C:\Documents and Settings\Default User.WINDOWS\Local Settings\Temp emptied successfully
C:\Documents and Settings\Gabriel\Local Settings\Temp will be emptied at reboot
C:\Documents and Settings\LocalService\Local Settings\temp emptied successfully
C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\Temp emptied successfully
C:\Documents and Settings\NetworkService\Local Settings\temp emptied successfully
C:\Documents and Settings\NetworkService.NT AUTHORITY\Local Settings\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\DOCUME~1\Gabriel\LOCALS~1\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\RECYCLER successfully emptied

==== Deleting Files / Folders ======================

"C:\Documents and Settings\Gabriel\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not found

==== EOF on po 30.06.2014 at 17:14:30,67 ======================

#4 Příspěvek od **cernohous13** » 30 čer 2014 17:01

Výborně

Stáhni a nainstaluj MBAM zde http://www.bleepingcomputer.com/downloa ... i-malware/ verzi 1.75
Spustit > na 3.záložce "Aktualizace" > Kontrola aktualizací
následně na 1.záložce "Kontrolor" -> Úplná kontrola -> Prohledat
po dokončení scanu vyskočí okno Notepad s výsledkem - obsah zkopíruj do své odpovědi
zatím nic nemazat - počkej na posouzení a program nech zatím spuštěný

Gabo · #5 Příspěvek od **Gabo** » 30 čer 2014 19:39

Vysledok:

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Verzia databázy: v2014.06.30.09

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Gabriel :: GABRIELN [administrátor]

30.6.2014 18:47:00
MBAM-log-2014-06-30 (20-38-06).txt

Typ kontroly: Úplná kontrola (C:\|)
Možnosti kontroly zapnuté: Pamäť | Po spustení | Registre | Systémové súbory | Heuristika/Extra | Heuristika/Shuriken | PUP | PUM
Možnosti kontroly vypnuté: P2P
Objektov kontrolovaných: 577293
Uplynutý čas: 1 hod, 50 min, 54 sek

Detegované služby pamäte: 0
(Škodlivé položky neboli zistené)

Detegované moduly pamäte: 0
(Škodlivé položky neboli zistené)

Detegované registračné kľúče: 2
HKLM\SOFTWARE\SystemK (PUP.Optional.SystemK.A) -> Žiadna úloha nevykonaná.
HKLM\SOFTWARE\SystemK\General (PUP.Optional.SettingsManager.A) -> Žiadna úloha nevykonaná.

Detegované registračné hodnoty: 1
HKLM\SOFTWARE\SystemK|browser (PUP.Optional.SettingsManager.A) -> Dáta: ie ff cr -> Žiadna úloha nevykonaná.

Detegované položky registračných dát: 0
(Škodlivé položky neboli zistené)

Detegované priečinky: 0
(Škodlivé položky neboli zistené)

Detegované súbory: 21
C:\AdwCleaner\Quarantine\C\Documents and Settings\Gabriel\Local Settings\Application Data\Linkey\Helper.dll.vir (PUP.Optional.AztecMedia.A) -> Žiadna úloha nevykonaná.
C:\AdwCleaner\Quarantine\C\Documents and Settings\Gabriel\Local Settings\Application Data\Linkey\LinkeyDeals.exe.vir (PUP.Optional.Linkey.A) -> Žiadna úloha nevykonaná.
C:\AdwCleaner\Quarantine\C\Documents and Settings\Gabriel\Local Settings\Application Data\Linkey\Uninstall.exe.vir (PUP.Optional.Linkey.A) -> Žiadna úloha nevykonaná.
C:\AdwCleaner\Quarantine\C\Documents and Settings\Gabriel\Local Settings\Application Data\Linkey\IEExtension\iedll.dll.vir (PUP.Optional.Linkey.A) -> Žiadna úloha nevykonaná.
C:\AdwCleaner\Quarantine\C\Documents and Settings\Gabriel\Local Settings\Application Data\Linkey\IEExtension\iedll64.dll.vir (PUP.Optional.Linkey.A) -> Žiadna úloha nevykonaná.
C:\System Volume Information\_restore{8E2B6774-B028-4F95-87DC-DFEDAF1E4009}\RP109\A0018990.exe (PUP.Optional.OpenCandy.A) -> Žiadna úloha nevykonaná.
C:\System Volume Information\_restore{8E2B6774-B028-4F95-87DC-DFEDAF1E4009}\RP111\A0019520.exe (PUP.Optional.Linkey.A) -> Žiadna úloha nevykonaná.
C:\System Volume Information\_restore{8E2B6774-B028-4F95-87DC-DFEDAF1E4009}\RP111\A0019401.exe (PUP.Optional.Linkey.A) -> Žiadna úloha nevykonaná.
C:\System Volume Information\_restore{8E2B6774-B028-4F95-87DC-DFEDAF1E4009}\RP111\A0019402.exe (PUP.Optional.Linkey.A) -> Žiadna úloha nevykonaná.
C:\System Volume Information\_restore{8E2B6774-B028-4F95-87DC-DFEDAF1E4009}\RP111\A0019512.dll (PUP.Optional.AztecMedia.A) -> Žiadna úloha nevykonaná.
C:\System Volume Information\_restore{8E2B6774-B028-4F95-87DC-DFEDAF1E4009}\RP111\A0019513.exe (PUP.Optional.Linkey.A) -> Žiadna úloha nevykonaná.
C:\System Volume Information\_restore{8E2B6774-B028-4F95-87DC-DFEDAF1E4009}\RP111\A0019514.exe (PUP.Optional.Linkey.A) -> Žiadna úloha nevykonaná.
C:\System Volume Information\_restore{8E2B6774-B028-4F95-87DC-DFEDAF1E4009}\RP111\A0019515.dll (PUP.Optional.Linkey.A) -> Žiadna úloha nevykonaná.
C:\System Volume Information\_restore{8E2B6774-B028-4F95-87DC-DFEDAF1E4009}\RP111\A0019516.dll (PUP.Optional.Linkey.A) -> Žiadna úloha nevykonaná.
C:\System Volume Information\_restore{8E2B6774-B028-4F95-87DC-DFEDAF1E4009}\RP111\A0019521.exe (PUP.Optional.Linkey.A) -> Žiadna úloha nevykonaná.
C:\System Volume Information\_restore{8E2B6774-B028-4F95-87DC-DFEDAF1E4009}\RP111\A0019522.exe (PUP.Optional.SystemK.A) -> Žiadna úloha nevykonaná.
C:\System Volume Information\_restore{8E2B6774-B028-4F95-87DC-DFEDAF1E4009}\RP111\A0019523.exe (PUP.Optional.SystemK.A) -> Žiadna úloha nevykonaná.
C:\System Volume Information\_restore{8E2B6774-B028-4F95-87DC-DFEDAF1E4009}\RP111\A0019524.cfg (PUP.Optional.SystemK.A) -> Žiadna úloha nevykonaná.
C:\System Volume Information\_restore{8E2B6774-B028-4F95-87DC-DFEDAF1E4009}\RP111\A0019525.dll (PUP.Optional.SystemK.A) -> Žiadna úloha nevykonaná.
C:\System Volume Information\_restore{8E2B6774-B028-4F95-87DC-DFEDAF1E4009}\RP111\A0019526.dll (PUP.Optional.SystemK.A) -> Žiadna úloha nevykonaná.
C:\System Volume Information\_restore{8E2B6774-B028-4F95-87DC-DFEDAF1E4009}\RP74\A0014521.EXE (PUP.Optional.OpenCandy) -> Žiadna úloha nevykonaná.

(koniec)

#6 Příspěvek od **cernohous13** » 01 črc 2014 06:38

v MBAM nech vše odstranit a dej mi nový RSIT

Gabo · #7 Příspěvek od **Gabo** » 01 črc 2014 15:44

Logfile of random's system information tool 1.09 (written by random/random)
Run by Gabriel at 2014-07-01 16:43:33
Systém Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 68 GB (45%) free of 153 GB
Total RAM: 1021 MB (15% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:43:47, on 1.7.2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\sttray.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Philips Display\SmartControl II\DTHtml.exe
C:\Program Files\Common Files\Portrait Displays\Shared\HookManager.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe
C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\Opera\opera.exe
C:\Documents and Settings\Gabriel\Desktop\BEZPEČNOSŤ\RSIT.exe
C:\Program Files\trend micro\Gabriel.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SigmatelSysTrayApp] sttray.exe
O4 - HKLM\..\Run: [DT PHL] C:\Program Files\Common Files\Portrait Displays\Shared\DT_startup.exe -PHL
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [EPSON SX125 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIGGE.EXE /FU "C:\WINDOWS\TEMP\E_SF0.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 7923229796
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Portrait Displays Display Tune Service (DTSRVC) - Unknown owner - C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Portrait Displays SDK Service (PdiService) - Portrait Displays, Inc. - C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

--
End of file - 6375 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\avast! Emergency Update.job
C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Logon.job
C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Monthly.job
C:\WINDOWS\tasks\Opera scheduled Autoupdate 1397242596.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-05-07 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-06-26 457712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-05-07 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SigmatelSysTrayApp"=C:\WINDOWS\sttray.exe [2006-05-26 282624]
"DT PHL"=C:\Program Files\Common Files\Portrait Displays\Shared\DT_startup.exe [2009-10-08 86016]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-08-15 98304]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-06-26 4086432]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2014-05-07 256896]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"EPSON SX125 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIGGE.EXE [2009-09-14 200704]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2014-05-08 21444224]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PivotSoftware]
C:\Program Files\Portrait Displays\Pivot Software\wpctrl.exe [2009-03-03 694824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2012-08-16 192512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"LegalNoticeText"=
"LegalNoticeCaption"=

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Run a DLL as an App"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\WINDOWS\system32\muzapp.exe"="C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player"
"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"C:\Program Files\Epson Software\Event Manager\EEventManager.exe"="C:\Program Files\Epson Software\Event Manager\EEventManager.exe:*:Enabled:EEventManager Application"
"C:\Documents and Settings\Gabriel\Application Data\Dropbox\bin\Dropbox.exe"="C:\Documents and Settings\Gabriel\Application Data\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox"
"C:\Program Files\Steam\SteamApps\common\Mafia II\pc\mafia2.exe"="C:\Program Files\Steam\SteamApps\common\Mafia II\pc\mafia2.exe:*:Enabled:Mafia II"
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"MSVideo8"=VfWWDM32.dll
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"msacm.divxa32"=msaud32_divx.acm
"msacm.ac3filter"=ac3filter.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv

======List of files/folders created in the last 1 month======

2014-06-30 18:13:30 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2014-06-30 17:12:50 ----A---- C:\WINDOWS\zoek-delete.exe
2014-06-30 17:12:49 ----D---- C:\WINDOWS\Temp
2014-06-30 16:49:23 ----D---- C:\zoek_backup
2014-06-30 16:41:13 ----A---- C:\WINDOWS\system32\sqlite3.dll
2014-06-30 16:40:16 ----D---- C:\AdwCleaner
2014-06-29 23:27:52 ----A---- C:\WINDOWS\system32\javaws.exe
2014-06-29 23:27:44 ----A---- C:\WINDOWS\system32\WindowsAccessBridge.dll
2014-06-29 23:27:44 ----A---- C:\WINDOWS\system32\javaw.exe
2014-06-29 23:27:44 ----A---- C:\WINDOWS\system32\java.exe
2014-06-29 23:22:28 ----A---- C:\WINDOWS\system32\FNTCACHE.DAT
2014-06-28 22:11:02 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\systemk
2014-06-26 22:40:34 ----D---- C:\WINDOWS\jumpshot.com
2014-06-26 22:29:58 ----A---- C:\WINDOWS\avastSS.scr
2014-06-13 09:53:59 ----D---- C:\UpdateChromeLinksLogs
2014-06-13 09:53:48 ----A---- C:\WINDOWS\system32\mfc71.dll
2014-06-13 09:53:48 ----A---- C:\WINDOWS\system32\gdiplus.dll

======List of files/folders modified in the last 1 month======

2014-07-01 16:43:38 ----D---- C:\Program Files\Trend Micro
2014-07-01 16:43:25 ----D---- C:\WINDOWS\Prefetch
2014-07-01 16:41:51 ----D---- C:\Documents and Settings\Gabriel\Application Data\Skype
2014-07-01 01:16:40 ----A---- C:\WINDOWS\SchedLgU.Txt
2014-06-30 23:35:38 ----RSD---- C:\WINDOWS\assembly
2014-06-30 23:35:37 ----D---- C:\WINDOWS\system32\drivers
2014-06-30 18:13:38 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2014-06-30 17:14:17 ----D---- C:\WINDOWS
2014-06-30 17:12:57 ----D---- C:\WINDOWS\system32\config
2014-06-30 17:12:30 ----D---- C:\Program Files
2014-06-30 16:51:56 ----D---- C:\WINDOWS\system32\drivers\etc
2014-06-30 16:49:24 ----D---- C:\WINDOWS\system32
2014-06-30 16:15:58 ----D---- C:\WINDOWS\ERUNT
2014-06-29 23:27:59 ----SHD---- C:\WINDOWS\Installer
2014-06-29 23:27:59 ----HD---- C:\Config.Msi
2014-06-29 23:27:42 ----D---- C:\Program Files\Java
2014-06-29 23:12:58 ----D---- C:\Program Files\CCleaner
2014-06-29 22:18:40 ----D---- C:\FFOutput
2014-06-29 16:19:38 ----A---- C:\WINDOWS\AviSplitter.INI
2014-06-29 01:19:25 ----D---- C:\WINDOWS\system32\CatRoot2
2014-06-26 22:30:43 ----SD---- C:\WINDOWS\Tasks
2014-06-26 22:29:58 ----A---- C:\WINDOWS\system32\aswBoot.exe
2014-06-23 14:57:34 ----D---- C:\Program Files\Opera
2014-06-21 23:05:55 ----AD---- C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP
2014-06-21 23:05:52 ----D---- C:\Program Files\SpywareBlaster
2014-06-18 11:44:14 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2014-06-15 14:12:38 ----D---- C:\Program Files\SUPERAntiSpyware
2014-06-13 09:55:12 ----RD---- C:\Program Files\Skype
2014-06-13 09:55:12 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Skype
2014-06-12 00:14:00 ----D---- C:\WINDOWS\Debug
2014-06-11 23:11:26 ----D---- C:\WINDOWS\system32\MRT
2014-06-11 23:08:02 ----A---- C:\WINDOWS\system32\MRT.exe
2014-06-06 13:59:24 ----RSD---- C:\WINDOWS\Fonts
2014-06-06 13:59:24 ----D---- C:\Program Files\OpenOffice 4
2014-06-06 12:03:25 ----D---- C:\Documents and Settings\Gabriel\Application Data\Dropbox
2014-06-06 10:02:12 ----D---- C:\Documents and Settings\Gabriel\Application Data\DropboxMaster
2014-06-04 10:57:51 ----D---- C:\Program Files\Common Files
2014-06-04 10:55:43 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Western Digital

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2014-06-26 49944]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2014-06-26 192352]
R1 AswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2014-06-26 55112]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2014-06-26 779536]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2014-06-26 414392]
R1 aswTdi;aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [2014-06-26 57800]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 36352]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 Pivot;Pivot; C:\WINDOWS\System32\drivers\pivot.sys [2009-03-03 17465]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS []
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2014-06-26 24184]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2014-06-26 67824]
R2 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2012-06-03 5504]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2012-08-16 6810624]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdXP3.sys [2012-02-23 99856]
R3 E100B;Intel(R) PRO Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2006-01-12 163328]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys []
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-02-28 12160]
R3 PdiPorts;Portrait Displays low level device driver; C:\WINDOWS\System32\Drivers\PdiPorts.sys [2009-07-15 17136]
R3 pivotmou;Pivot Mouse/Pointers Filter Driver; \??\C:\WINDOWS\system32\drivers\pivotmou.sys []
R3 seehcri;Sony Ericsson seehcri Device Driver; C:\WINDOWS\system32\DRIVERS\seehcri.sys [2008-01-09 27632]
R3 STHDA;SigmaTel High Definition Audio CODEC; C:\WINDOWS\system32\drivers\sthda.sys [2006-05-26 1177032]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
R3 usbstor;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S3 anvsnddrv;AnvSoft Virtual Sound Device; C:\WINDOWS\system32\drivers\anvsnddrv.sys []
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2013-01-31 83168]
S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 sfng32;Sonic Focus Plugin for Sigmatel HDA; C:\WINDOWS\system32\drivers\sfng32.sys [2005-12-03 41728]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2013-01-31 181344]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 SWDUMon;SWDUMon; C:\WINDOWS\system32\DRIVERS\SWDUMon.sys [2013-06-05 13464]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 usbvideo;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2013-07-17 123008]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WinUSB;SAMSUNG Android USB Driver; C:\WINDOWS\system32\DRIVERS\WinUSB.sys [2006-11-02 39368]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [2012-07-11 116608]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2012-08-16 643072]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-06-26 50344]
R2 DTSRVC;Portrait Displays Display Tune Service; C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe [2009-10-08 69632]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2014-05-07 182696]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
R2 PdiService;Portrait Displays SDK Service; C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2009-07-15 109168]
R2 STacSV;SigmaTel Audio Service; C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe [2006-05-26 86016]
R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [2013-08-27 93072]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-18 262320]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

#8 Příspěvek od **cernohous13** » 02 črc 2014 05:45

Stáhni OTM z jednoho odkazu a rozbal nejlépe na plochu.
http://oldtimer.geekstogo.com/OTM.exe
http://www.itxassociates.com/OT-Tools/OTM.exe

Spusť program „OTM.exe“
Do okna pod žlutou čáru vlož celý text zeleným písmem ze „Scriptu“

Klikni na červené „MoveIt!“

Při nabídce restartu „YES“
a log potom najdeš v C:\_OTM\MovedFiles\ - dej mi ho sem na kontrolu

Script OTM

Kód: Vybrat vše

:Commands
[emptytemp]
[emptyflash]
[emptyjava]
[clearallrestorepoints]

:Files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp /s
C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Logon.job
C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Monthly.job
C:\WINDOWS\tasks\Opera scheduled Autoupdate 1397242596.job
C:\WINDOWS\zoek-delete.exe
C:\zoek_backup
C:\AdwCleaner

:Reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-

:Services
JavaQuickStarterService

Gabo · #9 Příspěvek od **Gabo** » 02 črc 2014 07:37

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: admin
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: All Users

User: All Users.WINDOWS

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User.WINDOWS
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Gabriel
->Temp folder emptied: 456746 bytes
->Temporary Internet Files folder emptied: 520160 bytes
->Google Chrome cache emptied: 0 bytes
->Opera cache emptied: 53908500 bytes
->Flash cache emptied: 2785 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: LocalService.NT AUTHORITY
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: NetworkService.NT AUTHORITY
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 174 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 87720736 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 136,00 mb

[EMPTYFLASH]

User: admin
->Flash cache emptied: 0 bytes

User: Administrator

User: All Users

User: All Users.WINDOWS

User: Default User
->Flash cache emptied: 0 bytes

User: Default User.WINDOWS

User: Gabriel
->Flash cache emptied: 0 bytes

User: LocalService
->Flash cache emptied: 0 bytes

User: LocalService.NT AUTHORITY

User: NetworkService

User: NetworkService.NT AUTHORITY

Total Flash Files Cleaned = 0,00 mb

[EMPTYJAVA]

User: admin
->Java cache emptied: 0 bytes

User: Administrator

User: All Users

User: All Users.WINDOWS

User: Default User

User: Default User.WINDOWS

User: Gabriel

User: LocalService

User: LocalService.NT AUTHORITY

User: NetworkService

User: NetworkService.NT AUTHORITY

Total Java Files Cleaned = 0,00 mb

Restore point Set: OTM Restore Point
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP34D.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP35D.tmp folder moved successfully.
C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Logon.job moved successfully.
C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Monthly.job moved successfully.
C:\WINDOWS\tasks\Opera scheduled Autoupdate 1397242596.job moved successfully.
C:\WINDOWS\zoek-delete.exe moved successfully.
C:\zoek_backup\C_found.000\dir0000.chk folder moved successfully.
C:\zoek_backup\C_found.000 folder moved successfully.
C:\zoek_backup\C_DOCUME~1_ALLUSE~1.WIN_APPLIC~1_Package Cache\{ED80B64B-FFAE-43D7-9E21-225F94221239}v2.0.1.2 folder moved successfully.
C:\zoek_backup\C_DOCUME~1_ALLUSE~1.WIN_APPLIC~1_Package Cache\{bfb9000e-e7d4-490f-a873-ec2c9cab3b3d} folder moved successfully.
C:\zoek_backup\C_DOCUME~1_ALLUSE~1.WIN_APPLIC~1_Package Cache\{124310E8-7C49-4C33-B4F2-3CF43F3830B7}v2.0.1.2 folder moved successfully.
C:\zoek_backup\C_DOCUME~1_ALLUSE~1.WIN_APPLIC~1_Package Cache\E15AD80FC74277EF2048312E9A71AF56B2EBA622\redist folder moved successfully.
C:\zoek_backup\C_DOCUME~1_ALLUSE~1.WIN_APPLIC~1_Package Cache\E15AD80FC74277EF2048312E9A71AF56B2EBA622 folder moved successfully.
C:\zoek_backup\C_DOCUME~1_ALLUSE~1.WIN_APPLIC~1_Package Cache\6E3495AD67A71BE70E25B88E4E8F0F4926AC40B4 folder moved successfully.
C:\zoek_backup\C_DOCUME~1_ALLUSE~1.WIN_APPLIC~1_Package Cache folder moved successfully.
C:\zoek_backup\C_DOCUME~1_ALLUSE~1.WIN_APPLIC~1_Apple\Installer Cache\AppleApplicationSupport 2.3.6 folder moved successfully.
C:\zoek_backup\C_DOCUME~1_ALLUSE~1.WIN_APPLIC~1_Apple\Installer Cache\AppleApplicationSupport 2.3.4 folder moved successfully.
C:\zoek_backup\C_DOCUME~1_ALLUSE~1.WIN_APPLIC~1_Apple\Installer Cache\Apple Software Update 2.1.3.127 folder moved successfully.
C:\zoek_backup\C_DOCUME~1_ALLUSE~1.WIN_APPLIC~1_Apple\Installer Cache folder moved successfully.
C:\zoek_backup\C_DOCUME~1_ALLUSE~1.WIN_APPLIC~1_Apple folder moved successfully.
C:\zoek_backup\C_Documents and Settings_Gabriel_Application Data_Zoner folder moved successfully.
C:\zoek_backup\C_Documents and Settings_Gabriel_Application Data_Mozilla_Extensions_speedtestanalysis@SpeedAnalysis.com\chrome\skin folder moved successfully.
C:\zoek_backup\C_Documents and Settings_Gabriel_Application Data_Mozilla_Extensions_speedtestanalysis@SpeedAnalysis.com\chrome\content\mz folder moved successfully.
C:\zoek_backup\C_Documents and Settings_Gabriel_Application Data_Mozilla_Extensions_speedtestanalysis@SpeedAnalysis.com\chrome\content folder moved successfully.
C:\zoek_backup\C_Documents and Settings_Gabriel_Application Data_Mozilla_Extensions_speedtestanalysis@SpeedAnalysis.com\chrome folder moved successfully.
C:\zoek_backup\C_Documents and Settings_Gabriel_Application Data_Mozilla_Extensions_speedtestanalysis@SpeedAnalysis.com folder moved successfully.
C:\zoek_backup folder moved successfully.
C:\AdwCleaner\Quarantine\C\Program Files\VNT folder moved successfully.
C:\AdwCleaner\Quarantine\C\Program Files\Settings Manager\systemk folder moved successfully.
C:\AdwCleaner\Quarantine\C\Program Files\Settings Manager folder moved successfully.
C:\AdwCleaner\Quarantine\C\Program Files folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\Gabriel\Local Settings\Application Data\VNT folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\Gabriel\Local Settings\Application Data\Linkey\IEExtension folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\Gabriel\Local Settings\Application Data\Linkey folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\Gabriel\Local Settings\Application Data folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\Gabriel\Local Settings folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\Gabriel folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users.WINDOWS\Application Data\systemk folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users.WINDOWS\Application Data folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users.WINDOWS folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\Trymedia\data folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\Trymedia folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\ICQ\ICQToolbar\XML\TR folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\ICQ\ICQToolbar\XML\SK folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\ICQ\ICQToolbar\XML\RU folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\ICQ\ICQToolbar\XML\IT folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\ICQ\ICQToolbar\XML\HE folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\ICQ\ICQToolbar\XML\FR folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\ICQ\ICQToolbar\XML\ES folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\ICQ\ICQToolbar\XML\EN folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\ICQ\ICQToolbar\XML\DE folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\ICQ\ICQToolbar\XML\CZ folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\ICQ\ICQToolbar\XML\BG folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\ICQ\ICQToolbar\XML folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\ICQ\ICQToolbar folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\ICQ folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings folder moved successfully.
C:\AdwCleaner\Quarantine\C folder moved successfully.
C:\AdwCleaner\Quarantine folder moved successfully.
C:\AdwCleaner folder moved successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
========== SERVICES/DRIVERS ==========
Service JavaQuickStarterService stopped successfully!
Service JavaQuickStarterService deleted successfully!

OTM by OldTimer - Version 3.1.21.0 log created on 07022014_082846

Files moved on Reboot...
File move failed. C:\WINDOWS\temp\_avast_\AvastLock.txt scheduled to be moved on reboot.
File C:\WINDOWS\temp\_avast_\Webshlock.txt not found!

Registry entries deleted on Reboot...

Po restarte sa mi na ploche objavil tento subor Thumbs: http://i59.tinypic.com/2mwfcxi.jpg
Je to ok?

#10 Příspěvek od **cernohous13** » 02 črc 2014 08:35

Spusť opět OTM -> CleanUp! - odinstaluje a vyčistí po sobě.

Mohu doporučit kontrolu a vyčištění Ccleanerem

Stáhni Ccleaner - http://www.filehippo.com/download_ccleaner
Při instalaci vyhodit fajfku u nabízených toolbarů
Můžeš nastavit potřebný jazyk
zavřít Internetový prohlížeč a
spustit "Čistič" > "Spustit Ccleaner" - odstraní nepotřebné
spustit "Registry" > "Hledej problémy" > "Opravit vybrané problémy"
souhlas se zálohou registrů - opakovat dokud nebudou registry čisté.
spustit "Nástroje" > "Start" - tady můžeš zkusit deaktivovat procesy, které při spuštění nepotřebuješ (pokud by ti potom něco nechodilo, stejným způsobem je povolíš)

Návod:http://jnp.zive.cz/Clanky/Prirucka-do-k ... fault.aspx

Ten si můžeš nechat i na budoucí občasné čištění.

Po vyčištění by se hodila defragmentace
http://www.filehippo.com/download_defraggler

Po provedení mi napiš jak je na tom PC
pokud ta ikona na ploše nezmizí, tak ti napíšu jak na to

Gabo · #11 Příspěvek od **Gabo** » 02 črc 2014 10:19

Ten Adwcleaner a Zoek mozem zmazat? Tak OTM uz vycistilo, restartovalo, idem na ccleaner (ten pouzivam uz roky, je to super program

) a potom dam defraggler - aj ten pouzivam uz dobre dlho

Subor Thumbs uz zmizol

Gabo · #12 Příspěvek od **Gabo** » 02 črc 2014 13:16

Defragmentacia dokoncena, ale je to dobry vysledok?

Obrázek

#13 Příspěvek od **cernohous13** » 02 črc 2014 20:08

Dej znovu aktualizovať
Zobraziť súbory
zašktrtni "Názov súborov"
Defragmentovat zvýrazněné/označené
(nevím jak to máte ve slovenčině)

Gabo · #14 Příspěvek od **Gabo** » 03 črc 2014 19:36

Tak to som pouzil prvy krat

Pc je teraz o dost rychlejsi. Dakujem Cernohous13 za pomoc

#15 Příspěvek od **cernohous13** » 04 črc 2014 04:44

Nemáš zač - rádo se stalo a jsme tady i příště

VIRY.CZ

Kontrola logu

Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu