Log FRST:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-02-2015 02
Ran by Master (administrator) on X on 12-02-2015 11:39:08
Running from C:\Documents and Settings\Master\Plocha
Loaded Profiles: Master (Available profiles: Master & Administrator)
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Čeština
Internet Explorer Version 8 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTray.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Protexis Inc.) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
() C:\Program Files\Trell\Trell_kasa.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-24] (AVAST Software)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxsrvc.dll (Intel Corporation)
HKU\S-1-5-21-1390067357-2147094087-725345543-1003\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE [833024 2014-06-16] (ZONER software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
BootExecute: autocheck autochk * sdnclean.exe
CHR HKU\S-1-5-21-1390067357-2147094087-725345543-1003\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1390067357-2147094087-725345543-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-1390067357-2147094087-725345543-1003\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
BHO: AcroIEHlprObj Class -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll No File
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll No File
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll No File
Toolbar: HKU\S-1-5-21-1390067357-2147094087-725345543-1003 -> &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Documents and Settings\Master\Data aplikací\Mozilla\Firefox\Profiles\tuiyim33.default
FF DefaultSearchEngine: Google (avast)
FF DefaultSearchUrl: https://www.google.com/search/?trackid=sp-006
FF SearchEngineOrder.1: Google (avast)
FF SelectedSearchEngine: Google (avast)
FF Homepage: https://www.google.com/?trackid=sp-006
FF Keyword.URL: https://www.google.com/search/?trackid=sp-006
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin: @divx.com/DivX Plus Web Player Plug-In,version=1.0.0 -> C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Documents and Settings\Master\Data aplikací\Mozilla\Firefox\Profiles\tuiyim33.default\searchplugins\google-avast.xml
FF Extension: 7Go - C:\Documents and Settings\Master\Data aplikací\Mozilla\Firefox\Profiles\tuiyim33.default\Extensions\7go@7go.com.xpi [2014-01-18]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-01-02]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-08-02]
Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.cz/"
CHR Profile: C:\Documents and Settings\Master\Local Settings\Data aplikací\Google\Chrome\User Data\Default
CHR Extension: (Peněženka Google) - C:\Documents and Settings\Master\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-04]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Documents and Settings\Master\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2013-08-08]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswwebrepchrome-sp.crx [2014-08-04]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-01]
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2013-05-06]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-01] (AVAST Software)
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-04-14] (Oracle Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24184 2014-12-01] ()
R1 aswKbd; C:\WINDOWS\system32\Drivers\aswKbd.sys [21576 2013-03-07] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [70384 2014-12-01] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [55240 2014-12-01] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2014-12-01] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [787800 2014-12-01] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [423784 2014-12-01] (AVAST Software)
R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57928 2014-12-01] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [206248 2014-12-01] ()
S0 cercsr6; C:\WINDOWS\system32\Drivers\cercsr6.sys [39904 2005-04-06] (Adaptec, Inc.) [File not signed]
S3 ALSysIO; \??\C:\DOCUME~1\Master\LOCALS~1\Temp\ALSysIO.sys [X]
S3 catchme; \??\C:\DOCUME~1\Master\LOCALS~1\Temp\catchme.sys [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-12 11:39 - 2015-02-12 11:39 - 00010349 _____ () C:\Documents and Settings\Master\Plocha\FRST.txt
2015-02-12 11:38 - 2015-02-12 11:38 - 00000000 ____D () C:\Documents and Settings\Master\Plocha\FRST-OlderVersion
2015-02-11 11:11 - 2015-02-12 11:39 - 00000000 ____D () C:\Documents and Settings\Master\Local Settings\temp
2015-02-11 11:11 - 2015-02-11 11:11 - 00008817 _____ () C:\ComboFix.txt
2015-02-11 11:11 - 2015-02-11 11:11 - 00000000 ____D () C:\Documents and Settings\NetworkService\Local Settings\temp
2015-02-11 11:11 - 2015-02-11 11:11 - 00000000 ____D () C:\Documents and Settings\LocalService\Local Settings\temp
2015-02-11 11:11 - 2015-02-11 11:11 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\temp
2015-02-10 19:14 - 2015-02-10 19:14 - 00074827 _____ () C:\Documents and Settings\Master\Plocha\Vinařství Veritas.cdr
2015-02-10 18:15 - 2015-02-10 18:15 - 00010240 _____ () C:\Documents and Settings\Master\Plocha\Štítek Německo.xls
2015-02-10 16:58 - 2015-02-10 16:59 - 00023040 _____ () C:\Documents and Settings\Master\Plocha\Štítek.xls
2015-02-09 12:08 - 2015-02-09 13:16 - 00000000 ____D () C:\Documents and Settings\Master\Plocha\cetelem
2015-02-04 10:31 - 2015-02-12 10:42 - 00000940 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-04 10:31 - 2015-02-12 09:03 - 00000936 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-02 13:46 - 2015-02-02 13:46 - 00018944 _____ () C:\Documents and Settings\Master\Plocha\4.čtvr.2014.xlt
2015-02-02 08:04 - 2015-02-02 08:39 - 00005807 _____ () C:\Documents and Settings\Master\Plocha\201401102112.txt
2015-02-02 08:02 - 2015-02-02 07:45 - 00014151 _____ () C:\Documents and Settings\Master\Plocha\201401102112
2015-01-20 13:15 - 2015-01-20 13:31 - 00000000 ____D () C:\Documents and Settings\Master\Data aplikací\MultiBit
2015-01-20 12:42 - 2015-01-20 12:42 - 00001451 _____ () C:\Documents and Settings\All Users\Plocha\MultiBit 0.5.18.lnk
2015-01-20 12:42 - 2015-01-20 12:42 - 00000000 ____D () C:\Program Files\MultiBit-0.5.18
2015-01-20 12:42 - 2015-01-20 12:42 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\MultiBit
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-12 11:39 - 2014-01-16 18:36 - 00000000 ____D () C:\FRST
2015-02-12 11:39 - 2011-12-30 20:00 - 00000000 ____D () C:\Documents and Settings\Master\Plocha
2015-02-12 11:38 - 2014-01-16 18:28 - 01125376 _____ (Farbar) C:\Documents and Settings\Master\Plocha\FRST.exe
2015-02-12 10:59 - 2013-03-22 10:01 - 00000914 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-02-12 10:24 - 2012-12-29 16:26 - 00000005 _____ () C:\Program Files\trl.trl
2015-02-12 10:24 - 2012-12-29 16:15 - 00000000 ____D () C:\Program Files\Trell
2015-02-12 10:24 - 2012-01-02 11:34 - 00000000 ____D () C:\Program Files\Ztrl
2015-02-12 09:05 - 2011-12-29 21:40 - 01710047 _____ () C:\WINDOWS\WindowsUpdate.log
2015-02-12 09:04 - 2012-07-10 16:12 - 00000364 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job
2015-02-12 09:04 - 2012-03-12 13:04 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2015-02-12 09:04 - 2012-03-12 13:04 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2015-02-12 09:04 - 2004-08-18 13:00 - 00013646 _____ () C:\WINDOWS\system32\wpa.dbl
2015-02-12 09:03 - 2011-12-29 21:46 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-02-11 15:06 - 2011-12-30 20:00 - 00000178 ___SH () C:\Documents and Settings\Master\ntuser.ini
2015-02-11 15:06 - 2011-12-30 20:00 - 00000000 ____D () C:\Documents and Settings\Master
2015-02-11 15:06 - 2011-12-29 21:46 - 00032520 _____ () C:\WINDOWS\SchedLgU.Txt
2015-02-11 11:11 - 2014-11-04 13:57 - 00000000 ____D () C:\Qoobox
2015-02-11 11:08 - 2004-08-18 13:00 - 00000227 _____ () C:\WINDOWS\system.ini
2015-02-11 10:56 - 2011-12-30 20:00 - 00000000 __RHD () C:\Documents and Settings\Master\Data aplikací
2015-02-11 10:52 - 2014-11-04 13:53 - 05611930 ____R (Swearware) C:\Documents and Settings\Master\Plocha\ComboFix.exe
2015-02-10 19:18 - 2014-08-14 18:11 - 00176474 _____ () C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-System.dat
2015-02-09 13:59 - 2013-05-18 15:38 - 00000000 ____D () C:\Documents and Settings\Master\Plocha\večerka
2015-02-09 13:39 - 2011-12-30 20:02 - 00000000 ___RD () C:\Documents and Settings\Master\Dokumenty\Obrázky
2015-02-09 08:42 - 2011-12-30 20:00 - 00000000 ___HD () C:\Documents and Settings\Master\Local Settings\Data aplikací
2015-02-06 18:40 - 2012-01-02 13:58 - 00001813 _____ () C:\Documents and Settings\All Users\Plocha\Google Chrome.lnk
2015-02-05 19:12 - 2014-08-14 18:11 - 00610624 _____ () C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-S-1-5-21-1390067357-2147094087-725345543-1003-0.dat
2015-02-05 19:07 - 2011-12-30 20:00 - 00000000 ___RD () C:\Documents and Settings\Master\Dokumenty
2015-02-05 14:44 - 2014-08-14 10:10 - 00002535 _____ () C:\Documents and Settings\All Users\Plocha\CorelDRAW X6.lnk
2015-02-05 14:39 - 2013-06-01 15:53 - 00000000 ____D () C:\Program Files\ObjednavkyJIPPlus
2015-02-05 14:18 - 2014-09-25 09:23 - 00126628 _____ () C:\WINDOWS\setupapi.log
2015-02-05 12:59 - 2013-03-22 10:01 - 00701616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2015-02-05 12:59 - 2012-01-02 14:38 - 00071344 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2015-01-27 12:19 - 2014-01-18 16:05 - 00000000 ____D () C:\Documents and Settings\Master\Plocha\vinotéka
2015-01-26 14:32 - 2012-05-19 15:34 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-01-20 12:42 - 2011-12-29 21:58 - 00000000 ___RD () C:\Documents and Settings\All Users\Nabídka Start\Programy
2015-01-20 12:42 - 2011-12-29 21:58 - 00000000 ____D () C:\Documents and Settings\All Users\Plocha
2015-01-20 09:12 - 2011-12-30 18:36 - 00000712 _____ () C:\Documents and Settings\All Users\Plocha\Mozilla Firefox.lnk
2015-01-20 09:12 - 2011-12-30 18:36 - 00000712 _____ () C:\Documents and Settings\All Users\Nabídka Start\Programy\Mozilla Firefox.lnk
==================== Files in the root of some directories =======
2012-12-29 16:26 - 2015-02-12 10:24 - 0000005 _____ () C:\Program Files\trl.trl
2011-12-30 20:13 - 2014-01-02 14:49 - 0037376 _____ () C:\Documents and Settings\Master\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-16 18:36 - 2014-01-16 18:36 - 0029696 _____ () C:\Documents and Settings\Master\Local Settings\Data aplikací\MSGBOX.EXE
2014-07-02 13:04 - 2014-07-02 13:04 - 0001817 _____ () C:\Documents and Settings\Master\Local Settings\Data aplikací\recently-used.xbel
Some zero byte size files/folders:
==========================
C:\Windows\System32\SYSTEMMESSAGE0A.DLL
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== End Of Log ============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu, PC se mi zdá pomalejší
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosím o kontrolu, PC se mi zdá pomalejší
Zdravim 
Protoze jste pri spusteni ComboFixu souhlasil s podminkami uziti, jen se ujistim, ze jste osoba pro praci s nim vyskolena nebo Vam alespon osoba zkusena asistovala. Poprosim Vas o obsah logu z CF. CF mimochodem castecne smazal stopy po haveti, takze ted je log z RSIT/FRST krapet k nicemu.
Protoze jste pri spusteni ComboFixu souhlasil s podminkami uziti, jen se ujistim, ze jste osoba pro praci s nim vyskolena nebo Vam alespon osoba zkusena asistovala. Poprosim Vas o obsah logu z CF. CF mimochodem castecne smazal stopy po haveti, takze ted je log z RSIT/FRST krapet k nicemu.Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Prosím o kontrolu, PC se mi zdá pomalejší
Ne, bohužel jsem požádal známého, který asi půl hodiny něco dělal, ale bez úspěchu.
zde je log:
ComboFix 15-02-09.01 - Master 11.02.2015 10:56:37.3.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2046.1595 [GMT 1:00]
Spuštěný z: c:\documents and settings\Master\Plocha\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-01-11 do 2015-02-11 )))))))))))))))))))))))))))))))
.
.
2015-01-20 12:15 . 2015-01-20 12:31 -------- d-----w- c:\documents and settings\Master\Data aplikací\MultiBit
2015-01-20 11:42 . 2015-01-20 11:42 -------- d-----w- c:\program files\MultiBit-0.5.18
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-02-05 11:59 . 2013-03-22 09:01 701616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2015-02-05 11:59 . 2012-01-02 13:38 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-12-01 12:08 . 2012-01-02 12:56 787800 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2014-12-01 12:08 . 2012-01-02 12:56 423784 ----a-w- c:\windows\system32\drivers\aswsp.sys
2014-12-01 12:08 . 2014-05-06 10:36 24184 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-12-01 12:08 . 2013-03-19 12:12 206248 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-12-01 12:08 . 2013-03-19 12:12 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-12-01 12:08 . 2013-03-19 12:12 70384 ----a-w- c:\windows\system32\drivers\aswmonflt.sys
2014-12-01 12:08 . 2012-01-02 12:56 57928 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2014-12-01 12:08 . 2012-01-02 12:56 55240 ----a-w- c:\windows\system32\drivers\aswrdr.sys
2014-12-01 12:08 . 2014-12-01 12:08 291352 ----a-w- c:\windows\system32\aswBoot.exe
2014-12-01 12:08 . 2014-12-01 12:08 43152 ----a-w- c:\windows\avastSS.scr
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-12-01 12:07 723976 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Zoner Photo Studio Autoupdate"="c:\program files\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE" [2014-06-16 833024]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2015-01-24 5227112]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean.exe
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Reader Speed Launch.lnk]
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2013-02-13 02:37 1263952 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
2005-06-21 14:44 126976 ----a-w- c:\windows\system32\hkcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
2012-03-13 13:45 127040 ----a-w- c:\program files\ICQ7.7\ICQ.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2005-06-21 14:48 155648 ----a-w- c:\windows\system32\igfxtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate]
2014-06-16 15:25 833024 ----a-w- c:\program files\Zoner\Photo Studio 16\Program32\ZPSTray.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\ICQ7.7\\ICQ.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\Maxthon\\Bin\\MxUp.exe"=
"c:\\Program Files\\Maxthon\\Bin\\Maxthon.exe"=
"c:\\Program Files\\Google\\Chrome\\Application\\chrome.exe"=
.
R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [19.3.2013 13:12 49944]
R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [19.3.2013 13:12 206248]
R1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [19.3.2013 13:12 21576]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswsnx.sys [2.1.2012 13:56 787800]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswsp.sys [2.1.2012 13:56 423784]
R2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [6.5.2014 11:36 24184]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswmonflt.sys [19.3.2013 13:12 70384]
S3 ALSysIO;ALSysIO;\??\c:\docume~1\Master\LOCALS~1\Temp\ALSysIO.sys --> c:\docume~1\Master\LOCALS~1\Temp\ALSysIO.sys [?]
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-02-06 17:36 1086280 ----a-w- c:\program files\Google\Chrome\Application\40.0.2214.111\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2015-02-10 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-22 11:59]
.
2015-02-11 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2014-12-01 12:07]
.
2015-02-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-01-02 09:31]
.
2015-02-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-01-02 09:31]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com
uInternet Connection Wizard,ShellNext = hxxp://get.adobe.com/flashplayer/completion/aih/?exitcode=0
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\documents and settings\Master\Data aplikací\Mozilla\Firefox\Profiles\tuiyim33.default\
FF - prefs.js: browser.search.defaulturl - hxxps://www.google.com/search/?trackid=sp-006
FF - prefs.js: browser.search.selectedEngine - Google (avast)
FF - prefs.js: browser.startup.homepage - hxxps://www.google.com/?trackid=sp-006
FF - prefs.js: keyword.URL - hxxps://www.google.com/search/?trackid=sp-006
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2015-02-11 11:08
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_16_0_0_305_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_16_0_0_305_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(436)
c:\windows\system32\webcheck.dll
.
Celkový čas: 2015-02-11 11:11:19
ComboFix-quarantined-files.txt 2015-02-11 10:11
ComboFix2.txt 2014-11-04 13:14
.
Před spuštěním: 1 596 760 064
Po spuštění: 2 575 417 344
.
- - End Of File - - 9D3E8EC99C0C5271F5F680E4BB54C22A
413FC2A0C716421B3158746D63736515
zde je log:
ComboFix 15-02-09.01 - Master 11.02.2015 10:56:37.3.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2046.1595 [GMT 1:00]
Spuštěný z: c:\documents and settings\Master\Plocha\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-01-11 do 2015-02-11 )))))))))))))))))))))))))))))))
.
.
2015-01-20 12:15 . 2015-01-20 12:31 -------- d-----w- c:\documents and settings\Master\Data aplikací\MultiBit
2015-01-20 11:42 . 2015-01-20 11:42 -------- d-----w- c:\program files\MultiBit-0.5.18
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-02-05 11:59 . 2013-03-22 09:01 701616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2015-02-05 11:59 . 2012-01-02 13:38 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-12-01 12:08 . 2012-01-02 12:56 787800 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2014-12-01 12:08 . 2012-01-02 12:56 423784 ----a-w- c:\windows\system32\drivers\aswsp.sys
2014-12-01 12:08 . 2014-05-06 10:36 24184 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-12-01 12:08 . 2013-03-19 12:12 206248 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-12-01 12:08 . 2013-03-19 12:12 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-12-01 12:08 . 2013-03-19 12:12 70384 ----a-w- c:\windows\system32\drivers\aswmonflt.sys
2014-12-01 12:08 . 2012-01-02 12:56 57928 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2014-12-01 12:08 . 2012-01-02 12:56 55240 ----a-w- c:\windows\system32\drivers\aswrdr.sys
2014-12-01 12:08 . 2014-12-01 12:08 291352 ----a-w- c:\windows\system32\aswBoot.exe
2014-12-01 12:08 . 2014-12-01 12:08 43152 ----a-w- c:\windows\avastSS.scr
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-12-01 12:07 723976 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Zoner Photo Studio Autoupdate"="c:\program files\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE" [2014-06-16 833024]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2015-01-24 5227112]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean.exe
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Reader Speed Launch.lnk]
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2013-02-13 02:37 1263952 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
2005-06-21 14:44 126976 ----a-w- c:\windows\system32\hkcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
2012-03-13 13:45 127040 ----a-w- c:\program files\ICQ7.7\ICQ.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2005-06-21 14:48 155648 ----a-w- c:\windows\system32\igfxtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate]
2014-06-16 15:25 833024 ----a-w- c:\program files\Zoner\Photo Studio 16\Program32\ZPSTray.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\ICQ7.7\\ICQ.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\Maxthon\\Bin\\MxUp.exe"=
"c:\\Program Files\\Maxthon\\Bin\\Maxthon.exe"=
"c:\\Program Files\\Google\\Chrome\\Application\\chrome.exe"=
.
R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [19.3.2013 13:12 49944]
R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [19.3.2013 13:12 206248]
R1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [19.3.2013 13:12 21576]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswsnx.sys [2.1.2012 13:56 787800]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswsp.sys [2.1.2012 13:56 423784]
R2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [6.5.2014 11:36 24184]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswmonflt.sys [19.3.2013 13:12 70384]
S3 ALSysIO;ALSysIO;\??\c:\docume~1\Master\LOCALS~1\Temp\ALSysIO.sys --> c:\docume~1\Master\LOCALS~1\Temp\ALSysIO.sys [?]
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-02-06 17:36 1086280 ----a-w- c:\program files\Google\Chrome\Application\40.0.2214.111\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2015-02-10 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-22 11:59]
.
2015-02-11 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2014-12-01 12:07]
.
2015-02-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-01-02 09:31]
.
2015-02-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-01-02 09:31]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com
uInternet Connection Wizard,ShellNext = hxxp://get.adobe.com/flashplayer/completion/aih/?exitcode=0
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\documents and settings\Master\Data aplikací\Mozilla\Firefox\Profiles\tuiyim33.default\
FF - prefs.js: browser.search.defaulturl - hxxps://www.google.com/search/?trackid=sp-006
FF - prefs.js: browser.search.selectedEngine - Google (avast)
FF - prefs.js: browser.startup.homepage - hxxps://www.google.com/?trackid=sp-006
FF - prefs.js: keyword.URL - hxxps://www.google.com/search/?trackid=sp-006
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2015-02-11 11:08
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_16_0_0_305_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_16_0_0_305_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(436)
c:\windows\system32\webcheck.dll
.
Celkový čas: 2015-02-11 11:11:19
ComboFix-quarantined-files.txt 2015-02-11 10:11
ComboFix2.txt 2014-11-04 13:14
.
Před spuštěním: 1 596 760 064
Po spuštění: 2 575 417 344
.
- - End Of File - - 9D3E8EC99C0C5271F5F680E4BB54C22A
413FC2A0C716421B3158746D63736515
Re: Prosím o kontrolu, PC se mi zdá pomalejší
Ulozte na plochu ComboFix.exe - http://download.bleepingcomputer.com/sUBs/ComboFix.exe
- Otevrete Poznamkovy blok (Start -> Spustit -> notepad)
- zkopirujte do nej skript nize a ulozte na plochu jako CFScript (Typ souboru: Textovy dokument)
Kód: Vybrat vše
KillAll:: Registry:: [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Zoner Photo Studio Autoupdate"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SunJavaUpdateSched"=- [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate] Firefox:: FF - ProfilePath - c:\documents and settings\Master\Data aplikací\Mozilla\Firefox\Profiles\tuiyim33.default\ FF - prefs.js: browser.search.defaulturl - hxxps://www.google.com/search/?trackid=sp-006 FF - prefs.js: browser.search.selectedEngine - Google (avast) FF - prefs.js: browser.startup.homepage - hxxps://www.google.com/?trackid=sp-006 FF - prefs.js: keyword.URL - hxxps://www.google.com/search/?trackid=sp-006 File:: c:\windows\Tasks\GoogleUpdateTaskMachineCore.job c:\windows\Tasks\GoogleUpdateTaskMachineUA.job RegLock:: [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}] [HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}] ClearJavaCache:: Reboot:: - Tento CFScript.txt chytte, doslova pretahnete nad ikonu ComboFixu a pustte.
- Po restartu na Vas vyskoci log, jehoz obsah mi vlozte do dalsi odpovedi.
Pokud vyskoci hlaska "Pokus pouzit neplatnou operaci na klic registru, ktery je oznacen pro odstraneni", tak jen restartujte PC - registr se da do kupy - jedna se o vnitrni chybu, kterou zpusobuje CF a autor ji zatim neumi bohuzel opravit Muze se stat, ze po aplikaci skriptu nenabehnou Windows. V tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraciPokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Prosím o kontrolu, PC se mi zdá pomalejší
ComboFix 15-02-09.01 - Master 12.02.2015 16:49:23.4.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2046.1247 [GMT 1:00]
Spuštěný z: c:\documents and settings\Master\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Master\Plocha\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-01-12 do 2015-02-12 )))))))))))))))))))))))))))))))
.
.
2015-01-20 12:15 . 2015-01-20 12:31 -------- d-----w- c:\documents and settings\Master\Data aplikací\MultiBit
2015-01-20 11:42 . 2015-01-20 11:42 -------- d-----w- c:\program files\MultiBit-0.5.18
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-02-05 11:59 . 2013-03-22 09:01 701616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2015-02-05 11:59 . 2012-01-02 13:38 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-12-01 12:08 . 2012-01-02 12:56 787800 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2014-12-01 12:08 . 2012-01-02 12:56 423784 ----a-w- c:\windows\system32\drivers\aswsp.sys
2014-12-01 12:08 . 2014-05-06 10:36 24184 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-12-01 12:08 . 2013-03-19 12:12 206248 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-12-01 12:08 . 2013-03-19 12:12 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-12-01 12:08 . 2013-03-19 12:12 70384 ----a-w- c:\windows\system32\drivers\aswmonflt.sys
2014-12-01 12:08 . 2012-01-02 12:56 57928 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2014-12-01 12:08 . 2012-01-02 12:56 55240 ----a-w- c:\windows\system32\drivers\aswrdr.sys
2014-12-01 12:08 . 2014-12-01 12:08 291352 ----a-w- c:\windows\system32\aswBoot.exe
2014-12-01 12:08 . 2014-12-01 12:08 43152 ----a-w- c:\windows\avastSS.scr
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-12-01 12:07 723976 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2015-01-24 5227112]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean.exe
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Reader Speed Launch.lnk]
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
2005-06-21 14:44 126976 ----a-w- c:\windows\system32\hkcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
2012-03-13 13:45 127040 ----a-w- c:\program files\ICQ7.7\ICQ.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2005-06-21 14:48 155648 ----a-w- c:\windows\system32\igfxtray.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\ICQ7.7\\ICQ.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\Maxthon\\Bin\\MxUp.exe"=
"c:\\Program Files\\Maxthon\\Bin\\Maxthon.exe"=
"c:\\Program Files\\Google\\Chrome\\Application\\chrome.exe"=
.
R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [19.3.2013 13:12 49944]
R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [19.3.2013 13:12 206248]
R1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [19.3.2013 13:12 21576]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswsnx.sys [2.1.2012 13:56 787800]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswsp.sys [2.1.2012 13:56 423784]
R2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [6.5.2014 11:36 24184]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswmonflt.sys [19.3.2013 13:12 70384]
S3 ALSysIO;ALSysIO;\??\c:\docume~1\Master\LOCALS~1\Temp\ALSysIO.sys --> c:\docume~1\Master\LOCALS~1\Temp\ALSysIO.sys [?]
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-02-06 17:36 1086280 ----a-w- c:\program files\Google\Chrome\Application\40.0.2214.111\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2015-02-12 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-22 11:59]
.
2015-02-12 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2014-12-01 12:07]
.
2015-02-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-01-02 09:31]
.
2015-02-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-01-02 09:31]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com
uInternet Connection Wizard,ShellNext = hxxp://get.adobe.com/flashplayer/completion/aih/?exitcode=0
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\documents and settings\Master\Data aplikací\Mozilla\Firefox\Profiles\tuiyim33.default\
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2015-02-12 17:05
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(1384)
c:\windows\system32\webcheck.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files\Java\jre7\bin\jqs.exe
c:\windows\system32\msiexec.exe
c:\program files\Common Files\Protexis\License Service\PsiService_2.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\system32\wbem\unsecapp.exe
.
**************************************************************************
.
Celkový čas: 2015-02-12 17:10:17 - počítač byl restartován
ComboFix-quarantined-files.txt 2015-02-12 16:10
ComboFix2.txt 2015-02-11 10:11
.
Před spuštěním: 2 144 186 368
Po spuštění: 2 339 942 400
.
- - End Of File - - 861E224F9F932E31B589F9C06D078C1E
413FC2A0C716421B3158746D63736515
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2046.1247 [GMT 1:00]
Spuštěný z: c:\documents and settings\Master\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Master\Plocha\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-01-12 do 2015-02-12 )))))))))))))))))))))))))))))))
.
.
2015-01-20 12:15 . 2015-01-20 12:31 -------- d-----w- c:\documents and settings\Master\Data aplikací\MultiBit
2015-01-20 11:42 . 2015-01-20 11:42 -------- d-----w- c:\program files\MultiBit-0.5.18
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-02-05 11:59 . 2013-03-22 09:01 701616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2015-02-05 11:59 . 2012-01-02 13:38 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-12-01 12:08 . 2012-01-02 12:56 787800 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2014-12-01 12:08 . 2012-01-02 12:56 423784 ----a-w- c:\windows\system32\drivers\aswsp.sys
2014-12-01 12:08 . 2014-05-06 10:36 24184 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-12-01 12:08 . 2013-03-19 12:12 206248 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-12-01 12:08 . 2013-03-19 12:12 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-12-01 12:08 . 2013-03-19 12:12 70384 ----a-w- c:\windows\system32\drivers\aswmonflt.sys
2014-12-01 12:08 . 2012-01-02 12:56 57928 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2014-12-01 12:08 . 2012-01-02 12:56 55240 ----a-w- c:\windows\system32\drivers\aswrdr.sys
2014-12-01 12:08 . 2014-12-01 12:08 291352 ----a-w- c:\windows\system32\aswBoot.exe
2014-12-01 12:08 . 2014-12-01 12:08 43152 ----a-w- c:\windows\avastSS.scr
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-12-01 12:07 723976 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2015-01-24 5227112]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean.exe
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Reader Speed Launch.lnk]
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
2005-06-21 14:44 126976 ----a-w- c:\windows\system32\hkcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
2012-03-13 13:45 127040 ----a-w- c:\program files\ICQ7.7\ICQ.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2005-06-21 14:48 155648 ----a-w- c:\windows\system32\igfxtray.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\ICQ7.7\\ICQ.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\Maxthon\\Bin\\MxUp.exe"=
"c:\\Program Files\\Maxthon\\Bin\\Maxthon.exe"=
"c:\\Program Files\\Google\\Chrome\\Application\\chrome.exe"=
.
R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [19.3.2013 13:12 49944]
R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [19.3.2013 13:12 206248]
R1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [19.3.2013 13:12 21576]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswsnx.sys [2.1.2012 13:56 787800]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswsp.sys [2.1.2012 13:56 423784]
R2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [6.5.2014 11:36 24184]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswmonflt.sys [19.3.2013 13:12 70384]
S3 ALSysIO;ALSysIO;\??\c:\docume~1\Master\LOCALS~1\Temp\ALSysIO.sys --> c:\docume~1\Master\LOCALS~1\Temp\ALSysIO.sys [?]
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-02-06 17:36 1086280 ----a-w- c:\program files\Google\Chrome\Application\40.0.2214.111\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2015-02-12 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-22 11:59]
.
2015-02-12 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2014-12-01 12:07]
.
2015-02-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-01-02 09:31]
.
2015-02-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-01-02 09:31]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com
uInternet Connection Wizard,ShellNext = hxxp://get.adobe.com/flashplayer/completion/aih/?exitcode=0
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\documents and settings\Master\Data aplikací\Mozilla\Firefox\Profiles\tuiyim33.default\
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2015-02-12 17:05
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(1384)
c:\windows\system32\webcheck.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files\Java\jre7\bin\jqs.exe
c:\windows\system32\msiexec.exe
c:\program files\Common Files\Protexis\License Service\PsiService_2.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\system32\wbem\unsecapp.exe
.
**************************************************************************
.
Celkový čas: 2015-02-12 17:10:17 - počítač byl restartován
ComboFix-quarantined-files.txt 2015-02-12 16:10
ComboFix2.txt 2015-02-11 10:11
.
Před spuštěním: 2 144 186 368
Po spuštění: 2 339 942 400
.
- - End Of File - - 861E224F9F932E31B589F9C06D078C1E
413FC2A0C716421B3158746D63736515
Re: Prosím o kontrolu, PC se mi zdá pomalejší
Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/ (nebo http://www.bleepingcomputer.com/download/adwcleaner/ )
- ukoncete vsechny programy
- kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
- kliknete na Scan, pote na Clean
- po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner [Sx].txt), jehoz obsah mi zkopirujte do pristi odpovedi
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Prosím o kontrolu, PC se mi zdá pomalejší
# AdwCleaner v4.110 - Logfile created 12/02/2015 at 17:47:36
# Updated 05/02/2015 by Xplode
# Database : 2015-02-09.1 [Server]
# Operating system : Microsoft Windows XP Service Pack 3 (x86)
# Username : Master - X
# Running from : C:\Documents and Settings\Master\Plocha\AdwCleaner.exe
# Option : Cleaning
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\apn
Folder Deleted : C:\Documents and Settings\Master\Data aplikací\7go
Folder Deleted : C:\Documents and Settings\Master\Data aplikací\PerformerSoft
Folder Deleted : C:\Documents and Settings\Master\Data aplikací\Systweak
File Deleted : C:\Documents and Settings\Master\Data aplikací\Mozilla\Firefox\Profiles\tuiyim33.default\Extensions\7go@7go.com.xpi
File Deleted : C:\WINDOWS\system32\roboot.exe
File Deleted : C:\Documents and Settings\Master\Plocha\Live PC Help.lnk
File Deleted : C:\Documents and Settings\Master\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage-journal
***** [ Scheduled tasks ] *****
***** [ Shortcuts ] *****
Shortcut Disinfected : C:\Documents and Settings\All Users\Nabídka Start\Programy\Příslušenství\Systémové nástroje\Naplánované úlohy.lnk
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
Key Deleted : HKCU\Software\Classes\pokki
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Key Deleted : HKLM\SOFTWARE\Classes\*\shell\filescout
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Key Deleted : HKCU\Software\filescout
Key Deleted : HKCU\Software\systweak
Key Deleted : HKCU\Software\usyndication.com
Key Deleted : HKCU\Software\USyndication
Key Deleted : HKLM\SOFTWARE\DivX\Install\Setup\WizardLayout\ConduitToolbar
Key Deleted : HKLM\SOFTWARE\systweak
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\00E944CB89111313EAF35A0553F547F9
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\53F55AF3F4049ED3FA6EA6F88E414E24
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E4BF4B11615E03C97732FD581AB607
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CE3DDAB2D152683FBCEB4866BCD2B0F
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AF6CE16AFEA5C9A39B766468A8B35C21
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FB1E44269B58F433A8C8E671E37CFDCF
***** [ Web browsers ] *****
-\\ Internet Explorer v8.0.6001.18702
-\\ Mozilla Firefox v33.1.1 (x86 cs)
-\\ Google Chrome v40.0.2214.111
*************************
AdwCleaner[R0].txt - [3211 bytes] - [12/02/2015 17:41:47]
AdwCleaner[S0].txt - [3334 bytes] - [12/02/2015 17:47:36]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3393 bytes] ##########
# Updated 05/02/2015 by Xplode
# Database : 2015-02-09.1 [Server]
# Operating system : Microsoft Windows XP Service Pack 3 (x86)
# Username : Master - X
# Running from : C:\Documents and Settings\Master\Plocha\AdwCleaner.exe
# Option : Cleaning
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\apn
Folder Deleted : C:\Documents and Settings\Master\Data aplikací\7go
Folder Deleted : C:\Documents and Settings\Master\Data aplikací\PerformerSoft
Folder Deleted : C:\Documents and Settings\Master\Data aplikací\Systweak
File Deleted : C:\Documents and Settings\Master\Data aplikací\Mozilla\Firefox\Profiles\tuiyim33.default\Extensions\7go@7go.com.xpi
File Deleted : C:\WINDOWS\system32\roboot.exe
File Deleted : C:\Documents and Settings\Master\Plocha\Live PC Help.lnk
File Deleted : C:\Documents and Settings\Master\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage-journal
***** [ Scheduled tasks ] *****
***** [ Shortcuts ] *****
Shortcut Disinfected : C:\Documents and Settings\All Users\Nabídka Start\Programy\Příslušenství\Systémové nástroje\Naplánované úlohy.lnk
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
Key Deleted : HKCU\Software\Classes\pokki
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Key Deleted : HKLM\SOFTWARE\Classes\*\shell\filescout
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Key Deleted : HKCU\Software\filescout
Key Deleted : HKCU\Software\systweak
Key Deleted : HKCU\Software\usyndication.com
Key Deleted : HKCU\Software\USyndication
Key Deleted : HKLM\SOFTWARE\DivX\Install\Setup\WizardLayout\ConduitToolbar
Key Deleted : HKLM\SOFTWARE\systweak
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\00E944CB89111313EAF35A0553F547F9
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\53F55AF3F4049ED3FA6EA6F88E414E24
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E4BF4B11615E03C97732FD581AB607
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CE3DDAB2D152683FBCEB4866BCD2B0F
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AF6CE16AFEA5C9A39B766468A8B35C21
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FB1E44269B58F433A8C8E671E37CFDCF
***** [ Web browsers ] *****
-\\ Internet Explorer v8.0.6001.18702
-\\ Mozilla Firefox v33.1.1 (x86 cs)
-\\ Google Chrome v40.0.2214.111
*************************
AdwCleaner[R0].txt - [3211 bytes] - [12/02/2015 17:41:47]
AdwCleaner[S0].txt - [3334 bytes] - [12/02/2015 17:47:36]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3393 bytes] ##########
Re: Prosím o kontrolu, PC se mi zdá pomalejší
Dejte log FRST.txt, prilozte i Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Prosím o kontrolu, PC se mi zdá pomalejší
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-02-2015 02
Ran by Master (administrator) on X on 12-02-2015 18:29:59
Running from C:\Documents and Settings\Master\Plocha
Loaded Profiles: Master (Available profiles: Master & Administrator)
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Čeština
Internet Explorer Version 8 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Protexis Inc.) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-24] (AVAST Software)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxsrvc.dll (Intel Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
BootExecute: autocheck autochk * sdnclean.exe
CHR HKU\S-1-5-21-1390067357-2147094087-725345543-1003\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1390067357-2147094087-725345543-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-1390067357-2147094087-725345543-1003\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: AcroIEHlprObj Class -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll No File
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll No File
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll No File
Toolbar: HKU\S-1-5-21-1390067357-2147094087-725345543-1003 -> &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Documents and Settings\Master\Data aplikací\Mozilla\Firefox\Profiles\tuiyim33.default
FF DefaultSearchEngine: Google (avast)
FF SearchEngineOrder.1: Google (avast)
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin: @divx.com/DivX Plus Web Player Plug-In,version=1.0.0 -> C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Documents and Settings\Master\Data aplikací\Mozilla\Firefox\Profiles\tuiyim33.default\searchplugins\google-avast.xml
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-01-02]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-08-02]
Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.cz/"
CHR Profile: C:\Documents and Settings\Master\Local Settings\Data aplikací\Google\Chrome\User Data\Default
CHR Extension: (Peněženka Google) - C:\Documents and Settings\Master\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-04]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Documents and Settings\Master\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2013-08-08]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-01]
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2013-05-06]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-01] (AVAST Software)
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-04-14] (Oracle Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24184 2014-12-01] ()
R1 aswKbd; C:\WINDOWS\system32\Drivers\aswKbd.sys [21576 2013-03-07] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [70384 2014-12-01] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [55240 2014-12-01] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2014-12-01] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [787800 2014-12-01] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [423784 2014-12-01] (AVAST Software)
R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57928 2014-12-01] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [206248 2014-12-01] ()
S0 cercsr6; C:\WINDOWS\system32\Drivers\cercsr6.sys [39904 2005-04-06] (Adaptec, Inc.) [File not signed]
S3 ALSysIO; \??\C:\DOCUME~1\Master\LOCALS~1\Temp\ALSysIO.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-12 17:41 - 2015-02-12 17:47 - 00000000 ____D () C:\AdwCleaner
2015-02-12 17:40 - 2015-02-12 17:40 - 02112512 _____ () C:\Documents and Settings\Master\Plocha\AdwCleaner.exe
2015-02-12 17:10 - 2015-02-12 18:30 - 00000000 ____D () C:\Documents and Settings\Master\Local Settings\temp
2015-02-12 17:10 - 2015-02-12 17:10 - 00007336 _____ () C:\ComboFix.txt
2015-02-12 17:10 - 2015-02-12 17:10 - 00000000 ____D () C:\Documents and Settings\NetworkService\Local Settings\temp
2015-02-12 17:10 - 2015-02-12 17:10 - 00000000 ____D () C:\Documents and Settings\LocalService\Local Settings\temp
2015-02-12 17:10 - 2015-02-12 17:10 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\temp
2015-02-12 11:39 - 2015-02-12 18:30 - 00009174 _____ () C:\Documents and Settings\Master\Plocha\FRST.txt
2015-02-12 11:38 - 2015-02-12 11:38 - 00000000 ____D () C:\Documents and Settings\Master\Plocha\FRST-OlderVersion
2015-02-10 19:14 - 2015-02-10 19:14 - 00074827 _____ () C:\Documents and Settings\Master\Plocha\Vinařství Veritas.cdr
2015-02-10 18:15 - 2015-02-10 18:15 - 00010240 _____ () C:\Documents and Settings\Master\Plocha\Štítek Německo.xls
2015-02-10 16:58 - 2015-02-10 16:59 - 00023040 _____ () C:\Documents and Settings\Master\Plocha\Štítek.xls
2015-02-09 12:08 - 2015-02-09 13:16 - 00000000 ____D () C:\Documents and Settings\Master\Plocha\cetelem
2015-02-04 10:31 - 2015-02-12 17:47 - 00000936 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-04 10:31 - 2015-02-12 17:42 - 00000940 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-02 13:46 - 2015-02-02 13:46 - 00018944 _____ () C:\Documents and Settings\Master\Plocha\4.čtvr.2014.xlt
2015-02-02 08:04 - 2015-02-02 08:39 - 00005807 _____ () C:\Documents and Settings\Master\Plocha\201401102112.txt
2015-02-02 08:02 - 2015-02-02 07:45 - 00014151 _____ () C:\Documents and Settings\Master\Plocha\201401102112
2015-01-20 13:15 - 2015-01-20 13:31 - 00000000 ____D () C:\Documents and Settings\Master\Data aplikací\MultiBit
2015-01-20 12:42 - 2015-01-20 12:42 - 00001451 _____ () C:\Documents and Settings\All Users\Plocha\MultiBit 0.5.18.lnk
2015-01-20 12:42 - 2015-01-20 12:42 - 00000000 ____D () C:\Program Files\MultiBit-0.5.18
2015-01-20 12:42 - 2015-01-20 12:42 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\MultiBit
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-12 18:30 - 2014-01-16 18:36 - 00000000 ____D () C:\FRST
2015-02-12 18:29 - 2014-01-16 18:37 - 00028048 _____ () C:\Documents and Settings\Master\Plocha\Addition.txt
2015-02-12 18:29 - 2011-12-30 20:00 - 00000000 ____D () C:\Documents and Settings\Master\Plocha
2015-02-12 17:59 - 2013-03-22 10:01 - 00000914 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-02-12 17:48 - 2012-07-10 16:12 - 00000364 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job
2015-02-12 17:48 - 2012-03-12 13:04 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2015-02-12 17:48 - 2012-03-12 13:04 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2015-02-12 17:48 - 2011-12-30 20:00 - 00000178 ___SH () C:\Documents and Settings\Master\ntuser.ini
2015-02-12 17:48 - 2011-12-29 21:46 - 00032520 _____ () C:\WINDOWS\SchedLgU.Txt
2015-02-12 17:48 - 2011-12-29 21:40 - 01716407 _____ () C:\WINDOWS\WindowsUpdate.log
2015-02-12 17:48 - 2004-08-18 13:00 - 00013646 _____ () C:\WINDOWS\system32\wpa.dbl
2015-02-12 17:47 - 2011-12-30 20:00 - 00000000 __RHD () C:\Documents and Settings\Master\Data aplikací
2015-02-12 17:47 - 2011-12-29 21:58 - 00000000 __RHD () C:\Documents and Settings\All Users\Data aplikací
2015-02-12 17:47 - 2011-12-29 21:46 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-02-12 17:10 - 2014-11-04 13:57 - 00000000 ____D () C:\Qoobox
2015-02-12 17:04 - 2004-08-18 13:00 - 00000227 _____ () C:\WINDOWS\system.ini
2015-02-12 16:42 - 2014-11-04 13:53 - 05611930 ____R (Swearware) C:\Documents and Settings\Master\Plocha\ComboFix.exe
2015-02-12 16:42 - 2012-12-29 16:26 - 00000005 _____ () C:\Program Files\trl.trl
2015-02-12 16:42 - 2012-12-29 16:15 - 00000000 ____D () C:\Program Files\Trell
2015-02-12 16:42 - 2012-01-02 11:34 - 00000000 ____D () C:\Program Files\Ztrl
2015-02-12 11:38 - 2014-01-16 18:28 - 01125376 _____ (Farbar) C:\Documents and Settings\Master\Plocha\FRST.exe
2015-02-11 15:06 - 2011-12-30 20:00 - 00000000 ____D () C:\Documents and Settings\Master
2015-02-10 19:18 - 2014-08-14 18:11 - 00176474 _____ () C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-System.dat
2015-02-09 13:59 - 2013-05-18 15:38 - 00000000 ____D () C:\Documents and Settings\Master\Plocha\večerka
2015-02-09 13:39 - 2011-12-30 20:02 - 00000000 ___RD () C:\Documents and Settings\Master\Dokumenty\Obrázky
2015-02-09 08:42 - 2011-12-30 20:00 - 00000000 ___HD () C:\Documents and Settings\Master\Local Settings\Data aplikací
2015-02-06 18:40 - 2012-01-02 13:58 - 00001813 _____ () C:\Documents and Settings\All Users\Plocha\Google Chrome.lnk
2015-02-05 19:12 - 2014-08-14 18:11 - 00610624 _____ () C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-S-1-5-21-1390067357-2147094087-725345543-1003-0.dat
2015-02-05 19:07 - 2011-12-30 20:00 - 00000000 ___RD () C:\Documents and Settings\Master\Dokumenty
2015-02-05 14:44 - 2014-08-14 10:10 - 00002535 _____ () C:\Documents and Settings\All Users\Plocha\CorelDRAW X6.lnk
2015-02-05 14:39 - 2013-06-01 15:53 - 00000000 ____D () C:\Program Files\ObjednavkyJIPPlus
2015-02-05 14:18 - 2014-09-25 09:23 - 00126628 _____ () C:\WINDOWS\setupapi.log
2015-02-05 12:59 - 2013-03-22 10:01 - 00701616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2015-02-05 12:59 - 2012-01-02 14:38 - 00071344 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2015-01-27 12:19 - 2014-01-18 16:05 - 00000000 ____D () C:\Documents and Settings\Master\Plocha\vinotéka
2015-01-26 14:32 - 2012-05-19 15:34 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-01-20 12:42 - 2011-12-29 21:58 - 00000000 ___RD () C:\Documents and Settings\All Users\Nabídka Start\Programy
2015-01-20 12:42 - 2011-12-29 21:58 - 00000000 ____D () C:\Documents and Settings\All Users\Plocha
2015-01-20 09:12 - 2011-12-30 18:36 - 00000712 _____ () C:\Documents and Settings\All Users\Plocha\Mozilla Firefox.lnk
2015-01-20 09:12 - 2011-12-30 18:36 - 00000712 _____ () C:\Documents and Settings\All Users\Nabídka Start\Programy\Mozilla Firefox.lnk
==================== Files in the root of some directories =======
2012-12-29 16:26 - 2015-02-12 16:42 - 0000005 _____ () C:\Program Files\trl.trl
2011-12-30 20:13 - 2014-01-02 14:49 - 0037376 _____ () C:\Documents and Settings\Master\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-16 18:36 - 2014-01-16 18:36 - 0029696 _____ () C:\Documents and Settings\Master\Local Settings\Data aplikací\MSGBOX.EXE
2014-07-02 13:04 - 2014-07-02 13:04 - 0001817 _____ () C:\Documents and Settings\Master\Local Settings\Data aplikací\recently-used.xbel
Some content of TEMP:
====================
C:\Documents and Settings\Master\Local Settings\temp\Quarantine.exe
C:\Documents and Settings\Master\Local Settings\temp\sqlite3.dll
Some zero byte size files/folders:
==========================
C:\Windows\System32\SYSTEMMESSAGE0A.DLL
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== End Of Log ============================
Ran by Master (administrator) on X on 12-02-2015 18:29:59
Running from C:\Documents and Settings\Master\Plocha
Loaded Profiles: Master (Available profiles: Master & Administrator)
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Čeština
Internet Explorer Version 8 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Protexis Inc.) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-24] (AVAST Software)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxsrvc.dll (Intel Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
BootExecute: autocheck autochk * sdnclean.exe
CHR HKU\S-1-5-21-1390067357-2147094087-725345543-1003\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1390067357-2147094087-725345543-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-1390067357-2147094087-725345543-1003\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: AcroIEHlprObj Class -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll No File
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll No File
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll No File
Toolbar: HKU\S-1-5-21-1390067357-2147094087-725345543-1003 -> &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Documents and Settings\Master\Data aplikací\Mozilla\Firefox\Profiles\tuiyim33.default
FF DefaultSearchEngine: Google (avast)
FF SearchEngineOrder.1: Google (avast)
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin: @divx.com/DivX Plus Web Player Plug-In,version=1.0.0 -> C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Documents and Settings\Master\Data aplikací\Mozilla\Firefox\Profiles\tuiyim33.default\searchplugins\google-avast.xml
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-01-02]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-08-02]
Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.cz/"
CHR Profile: C:\Documents and Settings\Master\Local Settings\Data aplikací\Google\Chrome\User Data\Default
CHR Extension: (Peněženka Google) - C:\Documents and Settings\Master\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-04]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Documents and Settings\Master\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2013-08-08]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-01]
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2013-05-06]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-01] (AVAST Software)
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-04-14] (Oracle Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24184 2014-12-01] ()
R1 aswKbd; C:\WINDOWS\system32\Drivers\aswKbd.sys [21576 2013-03-07] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [70384 2014-12-01] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [55240 2014-12-01] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2014-12-01] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [787800 2014-12-01] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [423784 2014-12-01] (AVAST Software)
R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57928 2014-12-01] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [206248 2014-12-01] ()
S0 cercsr6; C:\WINDOWS\system32\Drivers\cercsr6.sys [39904 2005-04-06] (Adaptec, Inc.) [File not signed]
S3 ALSysIO; \??\C:\DOCUME~1\Master\LOCALS~1\Temp\ALSysIO.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-12 17:41 - 2015-02-12 17:47 - 00000000 ____D () C:\AdwCleaner
2015-02-12 17:40 - 2015-02-12 17:40 - 02112512 _____ () C:\Documents and Settings\Master\Plocha\AdwCleaner.exe
2015-02-12 17:10 - 2015-02-12 18:30 - 00000000 ____D () C:\Documents and Settings\Master\Local Settings\temp
2015-02-12 17:10 - 2015-02-12 17:10 - 00007336 _____ () C:\ComboFix.txt
2015-02-12 17:10 - 2015-02-12 17:10 - 00000000 ____D () C:\Documents and Settings\NetworkService\Local Settings\temp
2015-02-12 17:10 - 2015-02-12 17:10 - 00000000 ____D () C:\Documents and Settings\LocalService\Local Settings\temp
2015-02-12 17:10 - 2015-02-12 17:10 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\temp
2015-02-12 11:39 - 2015-02-12 18:30 - 00009174 _____ () C:\Documents and Settings\Master\Plocha\FRST.txt
2015-02-12 11:38 - 2015-02-12 11:38 - 00000000 ____D () C:\Documents and Settings\Master\Plocha\FRST-OlderVersion
2015-02-10 19:14 - 2015-02-10 19:14 - 00074827 _____ () C:\Documents and Settings\Master\Plocha\Vinařství Veritas.cdr
2015-02-10 18:15 - 2015-02-10 18:15 - 00010240 _____ () C:\Documents and Settings\Master\Plocha\Štítek Německo.xls
2015-02-10 16:58 - 2015-02-10 16:59 - 00023040 _____ () C:\Documents and Settings\Master\Plocha\Štítek.xls
2015-02-09 12:08 - 2015-02-09 13:16 - 00000000 ____D () C:\Documents and Settings\Master\Plocha\cetelem
2015-02-04 10:31 - 2015-02-12 17:47 - 00000936 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-04 10:31 - 2015-02-12 17:42 - 00000940 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-02 13:46 - 2015-02-02 13:46 - 00018944 _____ () C:\Documents and Settings\Master\Plocha\4.čtvr.2014.xlt
2015-02-02 08:04 - 2015-02-02 08:39 - 00005807 _____ () C:\Documents and Settings\Master\Plocha\201401102112.txt
2015-02-02 08:02 - 2015-02-02 07:45 - 00014151 _____ () C:\Documents and Settings\Master\Plocha\201401102112
2015-01-20 13:15 - 2015-01-20 13:31 - 00000000 ____D () C:\Documents and Settings\Master\Data aplikací\MultiBit
2015-01-20 12:42 - 2015-01-20 12:42 - 00001451 _____ () C:\Documents and Settings\All Users\Plocha\MultiBit 0.5.18.lnk
2015-01-20 12:42 - 2015-01-20 12:42 - 00000000 ____D () C:\Program Files\MultiBit-0.5.18
2015-01-20 12:42 - 2015-01-20 12:42 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\MultiBit
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-12 18:30 - 2014-01-16 18:36 - 00000000 ____D () C:\FRST
2015-02-12 18:29 - 2014-01-16 18:37 - 00028048 _____ () C:\Documents and Settings\Master\Plocha\Addition.txt
2015-02-12 18:29 - 2011-12-30 20:00 - 00000000 ____D () C:\Documents and Settings\Master\Plocha
2015-02-12 17:59 - 2013-03-22 10:01 - 00000914 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-02-12 17:48 - 2012-07-10 16:12 - 00000364 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job
2015-02-12 17:48 - 2012-03-12 13:04 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2015-02-12 17:48 - 2012-03-12 13:04 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2015-02-12 17:48 - 2011-12-30 20:00 - 00000178 ___SH () C:\Documents and Settings\Master\ntuser.ini
2015-02-12 17:48 - 2011-12-29 21:46 - 00032520 _____ () C:\WINDOWS\SchedLgU.Txt
2015-02-12 17:48 - 2011-12-29 21:40 - 01716407 _____ () C:\WINDOWS\WindowsUpdate.log
2015-02-12 17:48 - 2004-08-18 13:00 - 00013646 _____ () C:\WINDOWS\system32\wpa.dbl
2015-02-12 17:47 - 2011-12-30 20:00 - 00000000 __RHD () C:\Documents and Settings\Master\Data aplikací
2015-02-12 17:47 - 2011-12-29 21:58 - 00000000 __RHD () C:\Documents and Settings\All Users\Data aplikací
2015-02-12 17:47 - 2011-12-29 21:46 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-02-12 17:10 - 2014-11-04 13:57 - 00000000 ____D () C:\Qoobox
2015-02-12 17:04 - 2004-08-18 13:00 - 00000227 _____ () C:\WINDOWS\system.ini
2015-02-12 16:42 - 2014-11-04 13:53 - 05611930 ____R (Swearware) C:\Documents and Settings\Master\Plocha\ComboFix.exe
2015-02-12 16:42 - 2012-12-29 16:26 - 00000005 _____ () C:\Program Files\trl.trl
2015-02-12 16:42 - 2012-12-29 16:15 - 00000000 ____D () C:\Program Files\Trell
2015-02-12 16:42 - 2012-01-02 11:34 - 00000000 ____D () C:\Program Files\Ztrl
2015-02-12 11:38 - 2014-01-16 18:28 - 01125376 _____ (Farbar) C:\Documents and Settings\Master\Plocha\FRST.exe
2015-02-11 15:06 - 2011-12-30 20:00 - 00000000 ____D () C:\Documents and Settings\Master
2015-02-10 19:18 - 2014-08-14 18:11 - 00176474 _____ () C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-System.dat
2015-02-09 13:59 - 2013-05-18 15:38 - 00000000 ____D () C:\Documents and Settings\Master\Plocha\večerka
2015-02-09 13:39 - 2011-12-30 20:02 - 00000000 ___RD () C:\Documents and Settings\Master\Dokumenty\Obrázky
2015-02-09 08:42 - 2011-12-30 20:00 - 00000000 ___HD () C:\Documents and Settings\Master\Local Settings\Data aplikací
2015-02-06 18:40 - 2012-01-02 13:58 - 00001813 _____ () C:\Documents and Settings\All Users\Plocha\Google Chrome.lnk
2015-02-05 19:12 - 2014-08-14 18:11 - 00610624 _____ () C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-S-1-5-21-1390067357-2147094087-725345543-1003-0.dat
2015-02-05 19:07 - 2011-12-30 20:00 - 00000000 ___RD () C:\Documents and Settings\Master\Dokumenty
2015-02-05 14:44 - 2014-08-14 10:10 - 00002535 _____ () C:\Documents and Settings\All Users\Plocha\CorelDRAW X6.lnk
2015-02-05 14:39 - 2013-06-01 15:53 - 00000000 ____D () C:\Program Files\ObjednavkyJIPPlus
2015-02-05 14:18 - 2014-09-25 09:23 - 00126628 _____ () C:\WINDOWS\setupapi.log
2015-02-05 12:59 - 2013-03-22 10:01 - 00701616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2015-02-05 12:59 - 2012-01-02 14:38 - 00071344 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2015-01-27 12:19 - 2014-01-18 16:05 - 00000000 ____D () C:\Documents and Settings\Master\Plocha\vinotéka
2015-01-26 14:32 - 2012-05-19 15:34 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-01-20 12:42 - 2011-12-29 21:58 - 00000000 ___RD () C:\Documents and Settings\All Users\Nabídka Start\Programy
2015-01-20 12:42 - 2011-12-29 21:58 - 00000000 ____D () C:\Documents and Settings\All Users\Plocha
2015-01-20 09:12 - 2011-12-30 18:36 - 00000712 _____ () C:\Documents and Settings\All Users\Plocha\Mozilla Firefox.lnk
2015-01-20 09:12 - 2011-12-30 18:36 - 00000712 _____ () C:\Documents and Settings\All Users\Nabídka Start\Programy\Mozilla Firefox.lnk
==================== Files in the root of some directories =======
2012-12-29 16:26 - 2015-02-12 16:42 - 0000005 _____ () C:\Program Files\trl.trl
2011-12-30 20:13 - 2014-01-02 14:49 - 0037376 _____ () C:\Documents and Settings\Master\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-16 18:36 - 2014-01-16 18:36 - 0029696 _____ () C:\Documents and Settings\Master\Local Settings\Data aplikací\MSGBOX.EXE
2014-07-02 13:04 - 2014-07-02 13:04 - 0001817 _____ () C:\Documents and Settings\Master\Local Settings\Data aplikací\recently-used.xbel
Some content of TEMP:
====================
C:\Documents and Settings\Master\Local Settings\temp\Quarantine.exe
C:\Documents and Settings\Master\Local Settings\temp\sqlite3.dll
Some zero byte size files/folders:
==========================
C:\Windows\System32\SYSTEMMESSAGE0A.DLL
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== End Of Log ============================
- Přílohy
-
- Addition.rar
- (5.6 KiB) Staženo 53 x
Re: Prosím o kontrolu, PC se mi zdá pomalejší
- Stahnete Crystal Disk Info (CDI) http://sourceforge.jp/frs/redir.php?m=j ... o6_2_2.zip
- archiv extrahujte a spustte vyextrahovany soubor DiskInfo.exe
- ve spustenem programu kliknete nahore na Upravy -> Kopirovat (log mate nyni zkopirovany ve schrance)
- log vlozte do dalsi odpovedi (Ctrl + V)
- Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
- ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
- znovu spustte FRST a kliknete na Fix
- po restartu na Vas vyskoci fixlog (pripadne bude ulozen na Plose), jehoz obsah mi vlozte do pristi odpovedi
Kód: Vybrat vše
Start CloseProcesses: BootExecute: autocheck autochk * sdnclean.exe CHR HKU\S-1-5-21-1390067357-2147094087-725345543-1003\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\S-1-5-21-1390067357-2147094087-725345543-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll No File BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll No File BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll No File S3 ALSysIO; \??\C:\DOCUME~1\Master\LOCALS~1\Temp\ALSysIO.sys [X] 2015-02-12 17:41 - 2015-02-12 17:47 - 00000000 ____D () C:\AdwCleaner 2015-02-12 17:40 - 2015-02-12 17:40 - 02112512 _____ () C:\Documents and Settings\Master\Plocha\AdwCleaner.exe 2015-02-12 11:38 - 2015-02-12 11:38 - 00000000 ____D () C:\Documents and Settings\Master\Plocha\FRST-OlderVersion Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe CMD: dir "C:\PROGRA~1" CMD: dir "%localappdata%" CMD: dir "%appdata%" Hosts: EmptyTemp: End
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Prosím o kontrolu, PC se mi zdá pomalejší
----------------------------------------------------------------------------
CrystalDiskInfo 6.2.2 (C) 2008-2014 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows XP Professional SP3 [5.1 Build 2600] (x86)
Date : 2015/02/13 14:29:33
-- Controller Map ----------------------------------------------------------
+ Intel(R) 82801DB Ultra ATA Storage Controller - 24CB [ATA]
+ Primární kanál IDE (0)
- WDC WD400BB-23JHC0
+ Sekundární kanál IDE (1)
- TOSHIBA ODD-DVD SD-M1802
-- Disk List ---------------------------------------------------------------
(1) WDC WD400BB-23JHC0 : 40,0 GB [0/0/0, pd1] - wd
----------------------------------------------------------------------------
(1) WDC WD400BB-23JHC0
----------------------------------------------------------------------------
Model : WDC WD400BB-23JHC0
Firmware : 06.01C06
Serial Number : WD-WMAMC5396346
Disk Size : 40,0 GB (8,4/40,0/----/40,0)
Buffer Size : 2048 KB
Queue Depth : 1
# of Sectors : 78156288
Rotation Rate : Neznámy údaj
Interface : Parallel ATA
Major Version : ATA/ATAPI-6
Minor Version : ----
Transfer Mode : PIO/DMA | UDMA/100
Power On Hours : 27107 hod.
Power On Count : 2423 krát
Temperature : 29 C (84 F)
Health Status : Dobrý
Features : S.M.A.R.T., AAM
APM Level : ----
AAM Level : 80FEh [OFF]
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chyb čtení
03 165 155 _21 000000000A94 Čas na roztočení ploten
04 _92 _92 __0 00000000231B Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 200 200 _51 000000000000 Počet chybných hledání
09 _63 _63 __0 0000000069E3 Hodin v činnosti
0A 100 100 _51 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 _51 000000000000 Počet pokusů o překalibrování
0C _98 _98 __0 000000000977 Počet cyklů zapnutí zařízení
C2 114 _78 __0 00000000001D Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 200 200 __0 000000000000 Počet neopravitelných sektorů
C7 200 _73 __0 00000003A475 Počet chyb v kontrolním součtu UltraDMA
C8 200 200 _51 000000000000 Počet chyb při zápisu sektorů
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2057 442D 574D 414D 4335 3339 3633 3436
020: 0000 1000 0042 3036 2E30 3143 3036 5744 4320 5744
030: 3430 3042 422D 3233 4A48 4330 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0000 0000 0007 3FFF 0010 003F FC10 00FB 0110
060: 9200 04A8 0000 0407 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
080: 007E 0000 346B 5B01 4003 3469 1801 4003 003F 0000
090: 0000 0000 FFFE 600B 80FE 0000 0000 0000 0000 0000
100: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
110: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
120: 0000 0000 0000 0000 0000 0000 0000 0000 0009 0000
130: 0000 0000 0000 1253 0000 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 003F 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 67A5
-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 0F 00 C8 C8 00 00 00 00 00 00 00 03 03
010: 00 A5 9B 94 0A 00 00 00 00 00 04 32 00 5C 5C 1B
020: 23 00 00 00 00 00 05 33 00 C8 C8 00 00 00 00 00
030: 00 00 07 0F 00 C8 C8 00 00 00 00 00 00 00 09 32
040: 00 3F 3F E3 69 00 00 00 00 00 0A 13 00 64 64 00
050: 00 00 00 00 00 00 0B 12 00 64 64 00 00 00 00 00
060: 00 00 0C 32 00 62 62 77 09 00 00 00 00 00 C2 22
070: 00 72 4E 1D 00 00 00 00 00 00 C4 32 00 C8 C8 00
080: 00 00 00 00 00 00 C5 12 00 C8 C8 00 00 00 00 00
090: 00 00 C6 10 00 C8 C8 00 00 00 00 00 00 00 C7 3E
0A0: 00 C8 49 75 A4 03 00 00 00 00 C8 09 00 C8 C8 00
0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 84 00 B0 04 01 7B
170: 03 00 01 00 02 16 05 00 00 00 00 00 00 00 00 00
180: 00 00 01 01 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03
-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 C8 00 00 00 00 00 00 00 00 00 03 15
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 8C 00 00 00 00 00 00 00 00
030: 00 00 07 33 C8 00 00 00 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 33 00 00 00 00
050: 00 00 00 00 00 00 0B 33 00 00 00 00 00 00 00 00
060: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 C2 00
070: 00 00 00 00 00 00 00 00 00 00 C4 00 00 00 00 00
080: 00 00 00 00 00 00 C5 00 00 00 00 00 00 00 00 00
090: 00 00 C6 00 00 00 00 00 00 00 00 00 00 00 C7 00
0A0: 00 00 00 00 00 00 00 00 00 00 C8 33 C8 00 00 00
0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 1A
CrystalDiskInfo 6.2.2 (C) 2008-2014 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows XP Professional SP3 [5.1 Build 2600] (x86)
Date : 2015/02/13 14:29:33
-- Controller Map ----------------------------------------------------------
+ Intel(R) 82801DB Ultra ATA Storage Controller - 24CB [ATA]
+ Primární kanál IDE (0)
- WDC WD400BB-23JHC0
+ Sekundární kanál IDE (1)
- TOSHIBA ODD-DVD SD-M1802
-- Disk List ---------------------------------------------------------------
(1) WDC WD400BB-23JHC0 : 40,0 GB [0/0/0, pd1] - wd
----------------------------------------------------------------------------
(1) WDC WD400BB-23JHC0
----------------------------------------------------------------------------
Model : WDC WD400BB-23JHC0
Firmware : 06.01C06
Serial Number : WD-WMAMC5396346
Disk Size : 40,0 GB (8,4/40,0/----/40,0)
Buffer Size : 2048 KB
Queue Depth : 1
# of Sectors : 78156288
Rotation Rate : Neznámy údaj
Interface : Parallel ATA
Major Version : ATA/ATAPI-6
Minor Version : ----
Transfer Mode : PIO/DMA | UDMA/100
Power On Hours : 27107 hod.
Power On Count : 2423 krát
Temperature : 29 C (84 F)
Health Status : Dobrý
Features : S.M.A.R.T., AAM
APM Level : ----
AAM Level : 80FEh [OFF]
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chyb čtení
03 165 155 _21 000000000A94 Čas na roztočení ploten
04 _92 _92 __0 00000000231B Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 200 200 _51 000000000000 Počet chybných hledání
09 _63 _63 __0 0000000069E3 Hodin v činnosti
0A 100 100 _51 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 _51 000000000000 Počet pokusů o překalibrování
0C _98 _98 __0 000000000977 Počet cyklů zapnutí zařízení
C2 114 _78 __0 00000000001D Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 200 200 __0 000000000000 Počet neopravitelných sektorů
C7 200 _73 __0 00000003A475 Počet chyb v kontrolním součtu UltraDMA
C8 200 200 _51 000000000000 Počet chyb při zápisu sektorů
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2057 442D 574D 414D 4335 3339 3633 3436
020: 0000 1000 0042 3036 2E30 3143 3036 5744 4320 5744
030: 3430 3042 422D 3233 4A48 4330 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0000 0000 0007 3FFF 0010 003F FC10 00FB 0110
060: 9200 04A8 0000 0407 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
080: 007E 0000 346B 5B01 4003 3469 1801 4003 003F 0000
090: 0000 0000 FFFE 600B 80FE 0000 0000 0000 0000 0000
100: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
110: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
120: 0000 0000 0000 0000 0000 0000 0000 0000 0009 0000
130: 0000 0000 0000 1253 0000 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 003F 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 67A5
-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 0F 00 C8 C8 00 00 00 00 00 00 00 03 03
010: 00 A5 9B 94 0A 00 00 00 00 00 04 32 00 5C 5C 1B
020: 23 00 00 00 00 00 05 33 00 C8 C8 00 00 00 00 00
030: 00 00 07 0F 00 C8 C8 00 00 00 00 00 00 00 09 32
040: 00 3F 3F E3 69 00 00 00 00 00 0A 13 00 64 64 00
050: 00 00 00 00 00 00 0B 12 00 64 64 00 00 00 00 00
060: 00 00 0C 32 00 62 62 77 09 00 00 00 00 00 C2 22
070: 00 72 4E 1D 00 00 00 00 00 00 C4 32 00 C8 C8 00
080: 00 00 00 00 00 00 C5 12 00 C8 C8 00 00 00 00 00
090: 00 00 C6 10 00 C8 C8 00 00 00 00 00 00 00 C7 3E
0A0: 00 C8 49 75 A4 03 00 00 00 00 C8 09 00 C8 C8 00
0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 84 00 B0 04 01 7B
170: 03 00 01 00 02 16 05 00 00 00 00 00 00 00 00 00
180: 00 00 01 01 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03
-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 C8 00 00 00 00 00 00 00 00 00 03 15
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 8C 00 00 00 00 00 00 00 00
030: 00 00 07 33 C8 00 00 00 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 33 00 00 00 00
050: 00 00 00 00 00 00 0B 33 00 00 00 00 00 00 00 00
060: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 C2 00
070: 00 00 00 00 00 00 00 00 00 00 C4 00 00 00 00 00
080: 00 00 00 00 00 00 C5 00 00 00 00 00 00 00 00 00
090: 00 00 C6 00 00 00 00 00 00 00 00 00 00 00 C7 00
0A0: 00 00 00 00 00 00 00 00 00 00 C8 33 C8 00 00 00
0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 1A
Re: Prosím o kontrolu, PC se mi zdá pomalejší
Kód: Vybrat vše
C7 200 _73 __0 00000003A475 Počet chyb v kontrolním součtu UltraDMAPokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Prosím o kontrolu, PC se mi zdá pomalejší
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 11-02-2015 02
Ran by Master at 2015-02-13 14:32:52 Run:2
Running from C:\Documents and Settings\Master\Plocha
Loaded Profiles: Master (Available profiles: Master & Administrator)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
CloseProcesses:
BootExecute: autocheck autochk * sdnclean.exe
CHR HKU\S-1-5-21-1390067357-2147094087-725345543-1003\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1390067357-2147094087-725345543-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll No File
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll No File
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll No File
S3 ALSysIO; \??\C:\DOCUME~1\Master\LOCALS~1\Temp\ALSysIO.sys [X]
2015-02-12 17:41 - 2015-02-12 17:47 - 00000000 ____D () C:\AdwCleaner
2015-02-12 17:40 - 2015-02-12 17:40 - 02112512 _____ () C:\Documents and Settings\Master\Plocha\AdwCleaner.exe
2015-02-12 11:38 - 2015-02-12 11:38 - 00000000 ____D () C:\Documents and Settings\Master\Plocha\FRST-OlderVersion
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
CMD: dir "C:\PROGRA~1"
CMD: dir "%localappdata%"
CMD: dir "%appdata%"
Hosts:
EmptyTemp:
End
*****************
Processes closed successfully.
HKLM\System\CurrentControlSet\Control\Session Manager\\BootExecute => Value was restored successfully.
"HKU\S-1-5-21-1390067357-2147094087-725345543-1003\SOFTWARE\Policies\Google" => Key deleted successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-1390067357-2147094087-725345543-1003\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Local Page => Value was restored successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}" => Key deleted successfully.
"HKCR\CLSID\{326E768D-4182-46FD-9C16-1449A49795F4}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}" => Key deleted successfully.
"HKCR\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => Key deleted successfully.
"HKCR\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => Key deleted successfully.
ALSysIO => Service deleted successfully.
C:\AdwCleaner => Moved successfully.
C:\Documents and Settings\Master\Plocha\AdwCleaner.exe => Moved successfully.
C:\Documents and Settings\Master\Plocha\FRST-OlderVersion => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
========= dir "C:\PROGRA~1" =========
Svazek v jednotce C nem dnou jmenovku.
Sriov slo svazku je ECBB-D5B1.
Vpis adrese C:\PROGRA~1
09.02.2015 08:37 <DIR> .
09.02.2015 08:37 <DIR> ..
10.02.2014 08:36 <DIR> 7-Zip
30.12.2011 19:44 <DIR> Adobe
30.12.2011 18:44 <DIR> Analog Devices
05.07.2014 16:48 <DIR> AnalogX
17.02.2014 17:56 <DIR> Apophysis 2.0
02.01.2012 13:55 <DIR> AVAST Software
19.03.2014 15:45 <DIR> Avery Dennison
23.12.2014 10:39 <DIR> Avidemux 2.6
06.01.2015 11:32 <DIR> Brainwave Generator 3.1.9
29.08.2013 09:45 <DIR> CCleaner
12.02.2015 16:56 <DIR> Common Files
29.12.2011 21:38 <DIR> ComPlus Applications
14.05.2013 13:22 <DIR> Core Temp
14.08.2014 09:26 <DIR> Corel
02.08.2013 15:39 <DIR> DivX
15.09.2014 15:09 <DIR> Electric Sheep
15.08.2014 12:47 <DIR> Fractron 9000
06.02.2014 10:55 <DIR> GIMP 2
02.01.2012 13:58 <DIR> Google
13.03.2012 18:37 <DIR> ICQ7.7
15.09.2014 15:09 <DIR> Inkscape
30.12.2011 18:46 <DIR> Intel
14.11.2013 19:04 <DIR> Internet Explorer
17.04.2014 16:08 <DIR> Java
07.10.2014 11:51 <DIR> KASTNER software
27.02.2012 09:03 <DIR> keyspy
20.03.2014 09:58 <DIR> LabelTasks GO
15.08.2014 12:48 <DIR> Mandelbulber
20.02.2014 14:30 <DIR> Maxthon
15.11.2014 16:27 <DIR> Messenger
29.12.2011 21:42 <DIR> microsoft frontpage
14.08.2014 09:56 <DIR> Microsoft SDKs
19.04.2014 15:45 <DIR> Microsoft Silverlight
14.08.2014 09:58 <DIR> Microsoft Visual Studio 9.0
14.08.2014 09:56 <DIR> Microsoft.NET
16.05.2013 18:20 <DIR> Movie Maker
22.11.2014 18:52 <DIR> Mozilla Firefox
26.01.2015 14:32 <DIR> Mozilla Maintenance Service
12.04.2013 16:11 <DIR> MSBuild
29.12.2011 21:38 <DIR> MSN Gaming Zone
20.01.2015 12:42 <DIR> MultiBit-0.5.18
16.10.2014 13:59 <DIR> MyPhoneExplorer
30.12.2011 19:43 <DIR> NetMeeting
05.02.2015 14:39 <DIR> ObjednavkyJIPPlus
29.12.2011 21:40 <DIR> Online Services
12.05.2014 14:50 <DIR> OpenOffice 4
16.01.2014 15:07 <DIR> OpenOffice.org 3
16.05.2013 18:03 <DIR> Outlook Express
15.09.2014 15:09 <DIR> PDFCreator
06.03.2014 11:19 <DIR> Photo Pos Pro
02.07.2014 13:05 <DIR> Poster-Printery 4
02.07.2014 12:26 <DIR> PosteRazor
12.04.2013 16:11 <DIR> Reference Assemblies
17.01.2014 16:43 <DIR> Spybot - Search & Destroy 2
31.01.2014 18:34 <DIR> SystemRequirementsLab
16.01.2014 09:38 <DIR> Total Uninstall 6
12.02.2015 18:59 <DIR> Trell
16.01.2014 09:38 <DIR> trend micro
12.02.2015 18:58 5 trl.trl
15.09.2014 15:09 <DIR> Ultra Fractal 5
30.12.2011 19:10 <DIR> VideoLAN
01.02.2013 12:15 <DIR> Webteh
29.11.2013 16:13 <DIR> WhoCrashed
24.02.2012 18:46 <DIR> WideStep Software
30.12.2011 19:53 <DIR> Windows Media Player
30.12.2011 19:43 <DIR> Windows NT
15.09.2014 15:09 <DIR> WinRAR
29.12.2011 21:42 <DIR> xerox
31.01.2014 10:50 <DIR> Yamicsoft
18.03.2014 15:19 <DIR> Zoner
12.02.2015 18:58 <DIR> Ztrl
1 soubor, 5 bajt
Adres: 72, Volnch bajt: 2209210368
========= End of CMD: =========
========= dir "%localappdata%" =========
Svazek v jednotce C nem dnou jmenovku.
Sriov slo svazku je ECBB-D5B1.
Vpis adrese C:\Documents and Settings\Master\Plocha
Soubor nebyl nalezen.
========= End of CMD: =========
========= dir "%appdata%" =========
Svazek v jednotce C nem dnou jmenovku.
Sriov slo svazku je ECBB-D5B1.
Vpis adrese C:\Documents and Settings\Master\Data aplikac
15.06.2013 17:43 <DIR> Adobe
31.01.2012 12:41 <DIR> AdobeUM
06.12.2013 15:34 <DIR> AVAST Software
22.03.2014 09:34 <DIR> Avery
23.12.2014 10:41 <DIR> avidemux
03.06.2014 11:10 <DIR> CasaPortale.de
03.04.2012 10:05 <DIR> ChaosPro
14.08.2014 10:20 <DIR> Corel
30.01.2012 09:56 <DIR> DDMSettings
23.01.2012 12:56 <DIR> DivX
14.02.2012 14:35 <DIR> dvdcss
03.04.2012 14:18 <DIR> fltk.org
31.01.2014 16:44 <DIR> Fractron 9000
16.05.2013 15:21 <DIR> Help
15.11.2012 13:23 <DIR> ICQ
30.12.2011 20:05 <DIR> Identities
13.03.2014 10:47 <DIR> Indigo Renderer
20.05.2013 17:25 <DIR> inkscape
12.04.2013 16:34 <DIR> IsolatedStorage
07.10.2014 11:51 <DIR> Kastner software
02.01.2012 14:13 <DIR> Macromedia
27.01.2014 13:44 <DIR> Malwarebytes
07.03.2014 16:24 <DIR> Maxthon3
30.12.2011 21:10 <DIR> Mozilla
20.01.2015 13:31 <DIR> MultiBit
16.10.2014 13:59 <DIR> MyPhoneExplorer
01.06.2013 15:54 <DIR> ObjednavkyJIPPlus
29.11.2013 16:12 <DIR> ObjednavkySPAR
16.01.2014 15:11 <DIR> OpenOffice
30.12.2011 21:20 <DIR> OpenOffice.org
14.05.2013 10:55 <DIR> PDF Architect
31.01.2014 16:38 <DIR> Software Informer
09.01.2012 18:52 <DIR> Sun
14.05.2013 10:46 <DIR> TuneUp Software
09.04.2014 15:50 <DIR> Ultra Fractal 5
27.08.2012 11:51 <DIR> vlc
05.01.2012 19:13 <DIR> WinRAR
26.06.2012 09:09 <DIR> wtxpcom
18.03.2014 15:39 <DIR> Zoner
0 soubor, 0 bajt
Adres: 39, Volnch bajt: 2209206272
========= End of CMD: =========
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 826.2 MB temporary data.
The system needed a reboot.
==== End of Fixlog 14:35:04 ====
Ran by Master at 2015-02-13 14:32:52 Run:2
Running from C:\Documents and Settings\Master\Plocha
Loaded Profiles: Master (Available profiles: Master & Administrator)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
CloseProcesses:
BootExecute: autocheck autochk * sdnclean.exe
CHR HKU\S-1-5-21-1390067357-2147094087-725345543-1003\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1390067357-2147094087-725345543-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll No File
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll No File
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll No File
S3 ALSysIO; \??\C:\DOCUME~1\Master\LOCALS~1\Temp\ALSysIO.sys [X]
2015-02-12 17:41 - 2015-02-12 17:47 - 00000000 ____D () C:\AdwCleaner
2015-02-12 17:40 - 2015-02-12 17:40 - 02112512 _____ () C:\Documents and Settings\Master\Plocha\AdwCleaner.exe
2015-02-12 11:38 - 2015-02-12 11:38 - 00000000 ____D () C:\Documents and Settings\Master\Plocha\FRST-OlderVersion
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
CMD: dir "C:\PROGRA~1"
CMD: dir "%localappdata%"
CMD: dir "%appdata%"
Hosts:
EmptyTemp:
End
*****************
Processes closed successfully.
HKLM\System\CurrentControlSet\Control\Session Manager\\BootExecute => Value was restored successfully.
"HKU\S-1-5-21-1390067357-2147094087-725345543-1003\SOFTWARE\Policies\Google" => Key deleted successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-1390067357-2147094087-725345543-1003\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Local Page => Value was restored successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}" => Key deleted successfully.
"HKCR\CLSID\{326E768D-4182-46FD-9C16-1449A49795F4}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}" => Key deleted successfully.
"HKCR\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => Key deleted successfully.
"HKCR\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => Key deleted successfully.
ALSysIO => Service deleted successfully.
C:\AdwCleaner => Moved successfully.
C:\Documents and Settings\Master\Plocha\AdwCleaner.exe => Moved successfully.
C:\Documents and Settings\Master\Plocha\FRST-OlderVersion => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
========= dir "C:\PROGRA~1" =========
Svazek v jednotce C nem dnou jmenovku.
Sriov slo svazku je ECBB-D5B1.
Vpis adrese C:\PROGRA~1
09.02.2015 08:37 <DIR> .
09.02.2015 08:37 <DIR> ..
10.02.2014 08:36 <DIR> 7-Zip
30.12.2011 19:44 <DIR> Adobe
30.12.2011 18:44 <DIR> Analog Devices
05.07.2014 16:48 <DIR> AnalogX
17.02.2014 17:56 <DIR> Apophysis 2.0
02.01.2012 13:55 <DIR> AVAST Software
19.03.2014 15:45 <DIR> Avery Dennison
23.12.2014 10:39 <DIR> Avidemux 2.6
06.01.2015 11:32 <DIR> Brainwave Generator 3.1.9
29.08.2013 09:45 <DIR> CCleaner
12.02.2015 16:56 <DIR> Common Files
29.12.2011 21:38 <DIR> ComPlus Applications
14.05.2013 13:22 <DIR> Core Temp
14.08.2014 09:26 <DIR> Corel
02.08.2013 15:39 <DIR> DivX
15.09.2014 15:09 <DIR> Electric Sheep
15.08.2014 12:47 <DIR> Fractron 9000
06.02.2014 10:55 <DIR> GIMP 2
02.01.2012 13:58 <DIR> Google
13.03.2012 18:37 <DIR> ICQ7.7
15.09.2014 15:09 <DIR> Inkscape
30.12.2011 18:46 <DIR> Intel
14.11.2013 19:04 <DIR> Internet Explorer
17.04.2014 16:08 <DIR> Java
07.10.2014 11:51 <DIR> KASTNER software
27.02.2012 09:03 <DIR> keyspy
20.03.2014 09:58 <DIR> LabelTasks GO
15.08.2014 12:48 <DIR> Mandelbulber
20.02.2014 14:30 <DIR> Maxthon
15.11.2014 16:27 <DIR> Messenger
29.12.2011 21:42 <DIR> microsoft frontpage
14.08.2014 09:56 <DIR> Microsoft SDKs
19.04.2014 15:45 <DIR> Microsoft Silverlight
14.08.2014 09:58 <DIR> Microsoft Visual Studio 9.0
14.08.2014 09:56 <DIR> Microsoft.NET
16.05.2013 18:20 <DIR> Movie Maker
22.11.2014 18:52 <DIR> Mozilla Firefox
26.01.2015 14:32 <DIR> Mozilla Maintenance Service
12.04.2013 16:11 <DIR> MSBuild
29.12.2011 21:38 <DIR> MSN Gaming Zone
20.01.2015 12:42 <DIR> MultiBit-0.5.18
16.10.2014 13:59 <DIR> MyPhoneExplorer
30.12.2011 19:43 <DIR> NetMeeting
05.02.2015 14:39 <DIR> ObjednavkyJIPPlus
29.12.2011 21:40 <DIR> Online Services
12.05.2014 14:50 <DIR> OpenOffice 4
16.01.2014 15:07 <DIR> OpenOffice.org 3
16.05.2013 18:03 <DIR> Outlook Express
15.09.2014 15:09 <DIR> PDFCreator
06.03.2014 11:19 <DIR> Photo Pos Pro
02.07.2014 13:05 <DIR> Poster-Printery 4
02.07.2014 12:26 <DIR> PosteRazor
12.04.2013 16:11 <DIR> Reference Assemblies
17.01.2014 16:43 <DIR> Spybot - Search & Destroy 2
31.01.2014 18:34 <DIR> SystemRequirementsLab
16.01.2014 09:38 <DIR> Total Uninstall 6
12.02.2015 18:59 <DIR> Trell
16.01.2014 09:38 <DIR> trend micro
12.02.2015 18:58 5 trl.trl
15.09.2014 15:09 <DIR> Ultra Fractal 5
30.12.2011 19:10 <DIR> VideoLAN
01.02.2013 12:15 <DIR> Webteh
29.11.2013 16:13 <DIR> WhoCrashed
24.02.2012 18:46 <DIR> WideStep Software
30.12.2011 19:53 <DIR> Windows Media Player
30.12.2011 19:43 <DIR> Windows NT
15.09.2014 15:09 <DIR> WinRAR
29.12.2011 21:42 <DIR> xerox
31.01.2014 10:50 <DIR> Yamicsoft
18.03.2014 15:19 <DIR> Zoner
12.02.2015 18:58 <DIR> Ztrl
1 soubor, 5 bajt
Adres: 72, Volnch bajt: 2209210368
========= End of CMD: =========
========= dir "%localappdata%" =========
Svazek v jednotce C nem dnou jmenovku.
Sriov slo svazku je ECBB-D5B1.
Vpis adrese C:\Documents and Settings\Master\Plocha
Soubor nebyl nalezen.
========= End of CMD: =========
========= dir "%appdata%" =========
Svazek v jednotce C nem dnou jmenovku.
Sriov slo svazku je ECBB-D5B1.
Vpis adrese C:\Documents and Settings\Master\Data aplikac
15.06.2013 17:43 <DIR> Adobe
31.01.2012 12:41 <DIR> AdobeUM
06.12.2013 15:34 <DIR> AVAST Software
22.03.2014 09:34 <DIR> Avery
23.12.2014 10:41 <DIR> avidemux
03.06.2014 11:10 <DIR> CasaPortale.de
03.04.2012 10:05 <DIR> ChaosPro
14.08.2014 10:20 <DIR> Corel
30.01.2012 09:56 <DIR> DDMSettings
23.01.2012 12:56 <DIR> DivX
14.02.2012 14:35 <DIR> dvdcss
03.04.2012 14:18 <DIR> fltk.org
31.01.2014 16:44 <DIR> Fractron 9000
16.05.2013 15:21 <DIR> Help
15.11.2012 13:23 <DIR> ICQ
30.12.2011 20:05 <DIR> Identities
13.03.2014 10:47 <DIR> Indigo Renderer
20.05.2013 17:25 <DIR> inkscape
12.04.2013 16:34 <DIR> IsolatedStorage
07.10.2014 11:51 <DIR> Kastner software
02.01.2012 14:13 <DIR> Macromedia
27.01.2014 13:44 <DIR> Malwarebytes
07.03.2014 16:24 <DIR> Maxthon3
30.12.2011 21:10 <DIR> Mozilla
20.01.2015 13:31 <DIR> MultiBit
16.10.2014 13:59 <DIR> MyPhoneExplorer
01.06.2013 15:54 <DIR> ObjednavkyJIPPlus
29.11.2013 16:12 <DIR> ObjednavkySPAR
16.01.2014 15:11 <DIR> OpenOffice
30.12.2011 21:20 <DIR> OpenOffice.org
14.05.2013 10:55 <DIR> PDF Architect
31.01.2014 16:38 <DIR> Software Informer
09.01.2012 18:52 <DIR> Sun
14.05.2013 10:46 <DIR> TuneUp Software
09.04.2014 15:50 <DIR> Ultra Fractal 5
27.08.2012 11:51 <DIR> vlc
05.01.2012 19:13 <DIR> WinRAR
26.06.2012 09:09 <DIR> wtxpcom
18.03.2014 15:39 <DIR> Zoner
0 soubor, 0 bajt
Adres: 39, Volnch bajt: 2209206272
========= End of CMD: =========
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 826.2 MB temporary data.
The system needed a reboot.
==== End of Fixlog 14:35:04 ====
Re: Prosím o kontrolu, PC se mi zdá pomalejší
Ted uz bych jen uklidil pouzite nastroje - logy jsou ciste... zlepsil se stav PC ci budeme patrat dal?
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Přispějete na provoz fóra?