VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

prověřit prosím, seká se mi i prohlížeč

https://forum.viry.cz:443/viewtopic.php?t=146170

Stránka 1 z 3

prověřit prosím, seká se mi i prohlížeč

Napsal: 24 zář 2015 09:50
od trader
Zdravím,

prosím o prověření, seká se mi prohlížeč. Odstranění zasuvných modulů a doplňků nepomohlo, obnova firefoxu taky ne. Občas se to sekne i v PC, sem tam vyskočí i reklama ve Firefoxu..... Díky.
Přeji hezký den....

Zde log:

Logfile of random's system information tool 1.10 (written by random/random)
Run by PC at 2015-09-24 10:40:19
Microsoft Windows 7 Home Premium
System drive C: has 53 GB (53%) free of 100 GB
Total RAM: 3949 MB (50% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:40:31, on 24.9.2015
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Users\PC\AppData\Local\Akamai\netsession_win.exe
C:\Users\PC\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Users\PC\AppData\Roaming\MetaTrader 4 IC Markets\terminal.exe
C:\Program Files\trend micro\PC.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkID= ... EF922F2AFE
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkID= ... EF922F2AFE
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\PC\AppData\Local\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [EPSON SX210 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFDE.EXE /FU "C:\Windows\TEMP\E_S50D1.tmp" /EF "HKCU"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - https://fpdownload.macromedia.com/get/s ... wflash.cab
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EPSON V5 Service4(01) (EPSON_EB_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Autodesk Moldflow Inventor Tool Suite Integration 2013 Job Manager (mitsijm2013) - - D:\Autodesk Inventor 2014\Inventor 2013\Moldflow\bin\mitsijm.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8816 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
"taskhost.exe"
"C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE"
"C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"D:\Autodesk Inventor 2014\Inventor 2013\Moldflow\bin\mitsijm.exe"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe"
C:\Windows\system32\wbem\wmiprvse.exe
ATKOSD.exe
WDC.exe
C:\Windows\system32\svchost.exe -k bthsvcs
"C:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:/Users/PC/AppData/Local/Akamai/netsession_win.exe"
"C:/Users/PC/AppData/Local/Akamai/netsession_win.exe" --client
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
taskeng.exe {F16B26AE-CE04-427B-A815-D5CAD1D4BA93}
"C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto -critical

"C:\Users\PC\AppData\Roaming\MetaTrader 4 IC Markets\terminal.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 512 516 524 65536 520
"C:\Users\PC\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\Bidaily Synchronize Task[8da6].job - c:\programdata\{47b0b122-1e77-7263-47b0-0b1221e7c488}\hqghumeaylnlf.exe --startup=1 --single
C:\Windows\tasks\Superclean.job - c:\programdata\{150327e8-1104-0f6e-1503-327e81109fa0}\hqghumeaylnlf.exe --startup=1 --single

=========Mozilla firefox=========

ProfilePath - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\cwnh3ymp.default-1435784006140

prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe� Flash� Player 19.0.0.185 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.51.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@ngm.nexoneu.com/NxGame]
"Description"=Nexon Game Controller
"Path"=C:\ProgramData\NexonEU\NGM\npNxGameEU.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe� Flash� Player 19.0.0.185 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_185.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2010-01-13 635784]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2014-08-22 1331288]
"Autodesk Sync"=C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [2012-02-05 415680]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Akamai NetSession Interface"=C:\Users\PC\AppData\Local\Akamai\netsession_win.exe [2015-09-10 4691384]
"EPSON SX210 Series"=C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFDE.EXE [2008-11-05 223232]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-11-25 98304]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-02-04 7350912]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [2010-01-05 170624]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
"SDTray"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [2014-06-24 4101576]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
""=

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2015-09-24 10:40:19 ----D---- C:\rsit
2015-09-24 10:40:19 ----D---- C:\Program Files\trend micro
2015-09-24 09:44:00 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2015-09-24 09:43:37 ----D---- C:\ProgramData\Malwarebytes
2015-09-24 09:43:37 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-09-24 09:43:37 ----A---- C:\Windows\system32\drivers\mwac.sys
2015-09-24 09:43:37 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2015-09-24 09:43:37 ----A---- C:\Windows\system32\drivers\mbam.sys
2015-09-23 21:50:42 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-09-12 10:23:07 ----D---- C:\Users\PC\AppData\Roaming\avidemux
2015-09-12 10:11:39 ----D---- C:\Program Files (x86)\Codec Pack - All In 1
2015-09-08 12:45:07 ----D---- C:\Users\PC\AppData\Roaming\MetaTrader 4 IC Markets
2015-09-06 16:35:23 ----D---- C:\Users\PC\AppData\Roaming\Nero
2015-09-06 16:34:03 ----D---- C:\ProgramData\Nero
2015-09-02 14:06:34 ----D---- C:\ProgramData\6de52b6c000016f9

======List of files/folders modified in the last 1 month======

2015-09-24 10:40:31 ----D---- C:\Windows\Prefetch
2015-09-24 10:40:19 ----RD---- C:\Program Files
2015-09-24 10:38:01 ----D---- C:\Windows\Temp
2015-09-24 10:20:22 ----SHD---- C:\Windows\Installer
2015-09-24 10:17:29 ----D---- C:\Windows\system32\drivers
2015-09-24 10:03:59 ----D---- C:\Users\PC\AppData\Roaming\rmi
2015-09-24 09:46:19 ----RD---- C:\Program Files (x86)
2015-09-24 09:46:09 ----D---- C:\Windows\system32\Tasks
2015-09-24 09:43:37 ----HD---- C:\ProgramData
2015-09-24 09:40:15 ----SHD---- C:\System Volume Information
2015-09-24 09:31:28 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-09-24 09:21:38 ----D---- C:\Windows\inf
2015-09-24 09:20:38 ----D---- C:\Windows
2015-09-23 19:48:04 ----D---- C:\Windows\System32
2015-09-23 19:48:04 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-09-22 21:43:15 ----D---- C:\Windows\system32\drivers\etc
2015-09-22 16:56:26 ----A---- C:\Windows\system32\MetaViewer64.dll
2015-09-22 16:16:33 ----D---- C:\Windows\SysWOW64
2015-09-22 16:16:30 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-09-21 18:52:01 ----D---- C:\Windows\system32\config
2015-09-18 06:09:26 ----D---- C:\Windows\system32\catroot2
2015-09-12 10:11:08 ----A---- C:\Windows\iun6002.exe
2015-09-08 09:36:28 ----D---- C:\ProgramData\Microsoft Help
2015-09-07 15:28:55 ----D---- C:\Users\PC\AppData\Roaming\MetaQuotes
2015-09-06 16:34:02 ----D---- C:\Program Files (x86)\Common Files
2015-09-05 20:22:13 ----D---- C:\Windows\Tasks
2015-09-05 20:22:13 ----D---- C:\ProgramData\{426a60e0-2d74-2090-426a-a60e02d78380}
2015-09-02 15:26:52 ----D---- C:\Windows\system32\catroot
2015-09-02 15:21:55 ----D---- C:\Program Files (x86)\Iron Man Lego Adventures
2015-09-02 14:12:02 ----D---- C:\Windows\system32\DriverStore
2015-09-02 14:11:23 ----D---- C:\Program Files\Common Files
2015-09-02 13:32:04 ----RSD---- C:\Windows\assembly
2015-09-02 13:32:00 ----D---- C:\ProgramData\SolidWorks
2015-09-02 13:29:25 ----RSD---- C:\Windows\Fonts
2015-09-02 13:29:02 ----D---- C:\Program Files\Common Files\SolidWorks Shared
2015-09-02 13:26:06 ----D---- C:\Windows\Microsoft.NET
2015-09-02 13:23:05 ----D---- C:\Program Files\SolidWorks Corp
2015-09-02 13:10:16 ----DC---- C:\Windows\system32\DRVSTORE
2015-08-30 10:48:47 ----D---- C:\Windows\Minidump
2015-08-29 21:21:21 ----SD---- C:\ProgramData\Microsoft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2014-07-17 269008]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R1 LUMDriver;LUMDriver; \??\C:\Windows\system32\drivers\LUMDriver.sys [2008-01-02 24848]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2014-07-17 125584]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-11-26 8120320]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-11-26 289792]
R3 athr;Atheros – ovladač pro zařízení pro rozšiřitelnou bezdrátovou síť LAN; C:\Windows\system32\DRIVERS\athrx.sys [2009-06-20 1394688]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-07-14 79360]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2010-01-18 128512]
R3 JME;JMicron Ethernet Adapter NDIS6.20 Driver (Amd64 Bits); C:\Windows\system32\DRIVERS\JME.sys [2013-06-20 115312]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2015-03-17 25816]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2009-05-13 15928]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-07-14 109056]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-07-14 551936]
S3 CVirtA;Cisco Systems VPN Adapter for 64-bit Windows; C:\Windows\system32\DRIVERS\CVirtA64.sys [2010-02-08 14992]
S3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2015-04-22 30352]
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2015-03-17 63704]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys []
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-07-14 32768]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448]
S3 xhunter1;xhunter1; \??\C:\Windows\xhunter1.sys []
S4 DNE;Deterministic Network Enhancer Miniport; C:\Windows\system32\DRIVERS\dne64x.sys [2008-11-16 157968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-11-26 203776]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2009-06-15 84536]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2009-12-15 96896]
R2 Autodesk Content Service;Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2012-01-31 19232]
R2 EPSON_EB_RPCV4_01;EPSON V5 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE [2007-12-17 163840]
R2 EPSON_PM_RPCV4_01;EPSON V3 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE [2007-01-11 126464]
R2 mitsijm2013;Autodesk Moldflow Inventor Tool Suite Integration 2013 Job Manager; D:\Autodesk Inventor 2014\Inventor 2013\Moldflow\bin\mitsijm.exe [2012-01-30 339776]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-08-22 23784]
R2 SDScannerService;Spybot-S&D 2 Scanner Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2014-06-24 1738168]
R2 SDUpdateService;Spybot-S&D 2 Updating Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2014-06-27 2088408]
R2 SDWSCService;Spybot-S&D 2 Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2014-04-25 171928]
R2 TeamViewer;TeamViewer 10; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2015-04-17 5448976]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2014-08-22 368624]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-09 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-09 123856]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-03-17 1080120]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-09-22 269000]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2014-04-28 1432400]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-09-18 147624]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-09 51648]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]

-----------------EOF-----------------

Re: prověřit prosím, seká se mi i prohlížeč

Napsal: 24 zář 2015 10:14
od vyosek
Zdravim :)

:arrow: Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
  • Ulozte nejlepe na plochu
  • Ukoncete vsechny programy
  • Po spusteni probehne stazeni databaze
  • Kliknete na Scan a nasledne Clean
  • Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner[C?].txt, ten sem vlozte

Re: prověřit prosím, seká se mi i prohlížeč

Napsal: 24 zář 2015 10:29
od trader
# AdwCleaner v5.008 - Logfile created 24/09/2015 at 11:27:30
# Updated 18/09/2015 by Xplode
# Database : 2015-09-23.1 [Server]
# Operating system : Windows 7 Home Premium (x64)
# Username : PC - PC-PC
# Running from : C:\Users\PC\Desktop\adwcleaner_5.008.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****

[#] Folder Deleted : C:\Program Files (x86)\Applian Technologies
[#] Folder Deleted : C:\Program Files (x86)\DNS Unlocker
[#] Folder Deleted : C:\ProgramData\apn
[#] Folder Deleted : C:\ProgramData\11228585537696822731
[#] Folder Deleted : C:\ProgramData\46258d8a0000655b
[#] Folder Deleted : C:\ProgramData\6de52b6c000016f9
[#] Folder Deleted : C:\ProgramData\e2815d8800000c89
[#] Folder Deleted : C:\ProgramData\{068df300-372f-287f-068d-df300372cc00}
[#] Folder Deleted : C:\ProgramData\{150327e8-1104-0f6e-1503-327e81109fa0}
[#] Folder Deleted : C:\ProgramData\{28d41fd0-a24f-99bf-28d4-41fd0a247f42}
[#] Folder Deleted : C:\ProgramData\{2e30f34e-5692-d070-2e30-0f34e569cd39}
[#] Folder Deleted : C:\ProgramData\{426a60e0-2d74-2090-426a-a60e02d78380}
[#] Folder Deleted : C:\ProgramData\{433def0f-344c-267e-433d-def0f344bc3c}
[#] Folder Deleted : C:\ProgramData\{47b0b122-1e77-7263-47b0-0b1221e7c488}
[#] Folder Deleted : C:\ProgramData\{5af85d7c-9ac0-00a4-5af8-85d7c9ac75f2}
[#] Folder Deleted : C:\ProgramData\{5cf4c3a1-3256-0eae-5cf4-4c3a13250e84}
[#] Folder Deleted : C:\ProgramData\{acad939d-421c-319a-acad-d939d4214e75}
[#] Folder Deleted : C:\ProgramData\{aebaff2d-4189-6005-aeba-aff2d418fcb5}
[#] Folder Deleted : C:\ProgramData\{b43c9133-e082-140c-b43c-c9133e0844cf}
[#] Folder Deleted : C:\ProgramData\{f9fc2032-9e8d-164e-f9fc-c20329e880ca}

***** [ Files ] *****

[-] File Deleted : C:\Program Files (x86)\mozilla firefox\dbghelp.dll
[-] File Deleted : C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\cwnh3ymp.default-1435784006140\user.js

***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****

[-] Task Deleted : Superclean

***** [ Registry ] *****

[-] Key Deleted : HKCU\Software\Classes\pokki
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}
[-] Key Deleted : HKLM\SOFTWARE\5da059a482fd494db3f252126fbc3d5b
[-] Key Deleted : HKLM\SOFTWARE\64d14591-1866-4ff7-7368-efaac3e83bb0
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1F831F60-05FB-474D-93A3-42DA68E7EB8F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4DDEC9FF-96A3-4B1B-ADCA-0B31EC700151}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{995AEC82-0E5F-419A-864E-4E50012D0863}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9A44AB5B-B488-42A3-8D2B-7A0DA772F3A4}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{67B87BDE-141A-4CB3-AC00-49501C139D4A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{7EC98BCF-D6E3-45FF-9DB6-1771AE5D3016}
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
[-] Key Deleted : HKCU\Software\Conduit
[-] Key Deleted : HKCU\Software\WEBAPP
[-] Key Deleted : HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
[-] Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
[-] Key Deleted : HKLM\SOFTWARE\Conduit
[-] Key Deleted : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
[-] Key Deleted : HKLM\SOFTWARE\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A3FC46A0-9B62-0EF3-B475-743B3A2762B1}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B138259A-351E-33FA-2726-8D71704F1DA9}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F1422DAA-0829-09A1-7536-73936CAB8FFA}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E1527582-8509-4011-B922-29E3FB548882}_is1
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{53B21E29-3967-C332-57EB-C02631658584}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B696F285-F54E-2524-58B1-E06A70ABE6BE}
[!] Key Not Deleted : [x64] HKCU\Software\Conduit
[!] Key Not Deleted : [x64] HKCU\Software\WEBAPP

***** [ Web browsers ] *****

[-] [C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\cwnh3ymp.default-1435784006140\prefs.js] [Preference] Deleted : user_pref("extensions.28LwWlQPOIxCf0VM.scode", "(function(){try{if(window.location.href.indexOf(\"rjs7rTg6pdn5rjn6qjr9pdC7qTn\")>-1){return;}}catch(e){}try{var d=[[\"www.ewoss.com\",\"livewebcams.xyz\[...]
[-] [C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\cwnh3ymp.default-1435784006140\prefs.js] [Preference] Deleted : user_pref("extensions.5Lg98dMjDuBtcYNp.scode", "(function(){try{if(window.location.href.indexOf(\"rjs7rTg6pdn5rjn6qjr9pdC7qTn\")>-1){return;}}catch(e){}try{var d=[[\"www.ewoss.com\",\"livewebcams.xyz\[...]
[-] [C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\cwnh3ymp.default-1435784006140\prefs.js] [Preference] Deleted : user_pref("extensions.xRK7o0306IKI8ffP.scode", "(function(){try{if(window.location.href.indexOf(\"rjr8qdw8rdU8qja4rHnGqTs6qHY\")>-1){return;}}catch(e){}try{var d=[[\"www.ewoss.com\",\"livewebcams.xyz\[...]

*************************

:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [5396 bytes] ##########


PS: zatím to nepomohlo :(

Re: prověřit prosím, seká se mi i prohlížeč

Napsal: 24 zář 2015 11:25
od vyosek
:arrow: Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu
  • Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
  • Do okna vlozte skript nize

  • Kód: Vybrat vše

    autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;
  • Nasledne kliknete na Run Script
  • PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Re: prověřit prosím, seká se mi i prohlížeč

Napsal: 24 zář 2015 12:14
od trader
Zoek.exe v5.0.0.0 Updated 23-09-2015
Tool run by PC on źt 24.09.2015 at 12:32:11,64.
Microsoft Windows 7 Home Premium 6.1.7600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\PC\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

24.9.2015 12:33:29 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\ALNO deleted successfully
C:\PROGRA~2\COMMON~1\Nero deleted successfully
C:\Program Files\Common Files\Adobe deleted successfully
C:\PROGRA~3\Oracle deleted successfully
C:\Users\PC\AppData\Roaming\DAEMON Tools Lite deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\cwnh3ymp.default-1435784006140\prefs.js:
user_pref("browser.startup.homepage", "https://www.seznam.cz/");

Added to C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\cwnh3ymp.default-1435784006140\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Deleting Files \ Folders ======================

C:\PROGRA~2\ALNO not found
C:\PROGRA~2\Iron Man Lego Adventures deleted
C:\windows\SysNative\Tasks\Bidaily Synchronize Task[8da6] deleted
C:\Users\PC\AppData\Local\BIT7EFF.tmp deleted
C:\Users\PC\AppData\Local\cache deleted
C:\Windows\tasks\Bidaily Synchronize Task[8da6].job deleted
C:\Users\PC\AppData\Local\MSGBOX.EXE deleted
"C:\Users\PC\AppData\Local\{12618C34-45D1-49D7-884C-9A5D21E7794D}" deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\cwnh3ymp.default-1435784006140
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions ======================

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\cwnh3ymp.default-1435784006140
F2CD1D7524F8E15AAC55568B9F72DE5B - C:\ProgramData\NexonEU\NGM\npNxGameeu.dll - Nexon Game Controller
F3B0E300AFC94E1A775A2D935A7D384F - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll - Shockwave for Director / Shockwave for Director
1A62BB86D17B8DC0D4339BACC8D60635 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll - Shockwave Flash


==== Fake Chromium Profiles Check ======================

Fake profile C:\Users\PC\AppData\Local\Google\Chrome deleted

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkID= ... EF922F2AFE"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkID= ... EF922F2AFE"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"

==== Reset Google Chrome ======================

Nothing found to reset

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Users\PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Users\PC\AppData\Local\Mozilla\Firefox\Profiles\cwnh3ymp.default-1435784006140\cache2 emptied successfully

==== Empty Chrome Cache ======================

No Chrome Cache found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=244 folders=5 1847174 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\PC\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp will be emptied at reboot
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\PC\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Users\PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" deleted
"C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Cookies" not found
"C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\History" not found
"C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files" not found

==== EOF on źt 24.09.2015 at 13:12:51,41 ======================

Re: prověřit prosím, seká se mi i prohlížeč

Napsal: 24 zář 2015 12:23
od vyosek
Poprosim o novy log z FRST

Re: prověřit prosím, seká se mi i prohlížeč

Napsal: 24 zář 2015 12:27
od trader
Nelze spustit FRST, přitom ho mám na ploše...

Re: prověřit prosím, seká se mi i prohlížeč

Napsal: 24 zář 2015 12:50
od vyosek
Spustte tedy jen samotny FRST

Re: prověřit prosím, seká se mi i prohlížeč

Napsal: 24 zář 2015 12:53
od trader
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:23-09-2015
Ran by PC (administrator) on PC-PC (24-09-2015 13:49:05)
Running from C:\Users\PC\Desktop
Loaded Profiles: PC (Available Profiles: PC)
Platform: Windows 7 Home Premium (X64) Language: Čeština (Česká republika)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
( ) D:\Autodesk Inventor 2014\Inventor 2013\Moldflow\bin\mitsijm.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Akamai Technologies, Inc.) C:\Users\PC\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\PC\AppData\Local\Akamai\netsession_win.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDWare] => C:\Program Files\Elantech\ETDCtrl.exe [635784 2010-01-13] (ELAN Microelectronic Corp.)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [415680 2012-02-05] (Autodesk, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-11-25] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [7350912 2010-02-04] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-01-05] (ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35760 2009-12-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-139781314-3124158933-651485233-1001\...\Run: [Akamai NetSession Interface] => C:\Users\PC\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-139781314-3124158933-651485233-1001\...\Run: [EPSON SX210 Series] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFDE.EXE [223232 2008-11-05] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-139781314-3124158933-651485233-1001\...\Policies\Explorer: []
HKU\S-1-5-21-139781314-3124158933-651485233-1001\...\MountPoints2: {37bc4751-806a-11e4-994f-74f06da41053} - F:\LenovoUsbDriver.exe
HKU\S-1-5-21-139781314-3124158933-651485233-1001\...\MountPoints2: {a260158f-e8d7-11e4-81b3-74f06da41053} - F:\INTEL\startspk.exe
HKU\S-1-5-21-139781314-3124158933-651485233-1001\...\MountPoints2: {a260165f-e8d7-11e4-81b3-74f06da41053} - G:\INTEL\startspk.exe
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2012-02-07] (Autodesk, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
CHR HKU\S-1-5-21-139781314-3124158933-651485233-1001\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{613022DA-203C-422C-8A4E-69B1D363057B}: [NameServer] 82.163.143.172,82.163.142.174
Tcpip\..\Interfaces\{613022DA-203C-422C-8A4E-69B1D363057B}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=130856695544674862&GUID=4F1958EB-2ADC-45B2-998E-CEEF922F2AFE
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=130856695544830862&GUID=4F1958EB-2ADC-45B2-998E-CEEF922F2AFE
HKU\S-1-5-21-139781314-3124158933-651485233-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=130856695544830862&GUID=4F1958EB-2ADC-45B2-998E-CEEF922F2AFE
SearchScopes: HKU\S-1-5-21-139781314-3124158933-651485233-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-14] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-14] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-14] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-14] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\cwnh3ymp.default-1435784006140
FF NewTab: about:newtab
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_185.dll [2015-09-22] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-22] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll [2013-12-05] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-01-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-01-27] (Oracle Corporation)
FF Plugin-x32: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npNxGameEU.dll [2015-02-10] (Nexon)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [19232 2012-01-31] (Autodesk, Inc.)
R2 EPSON_EB_RPCV4_01; C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE [163840 2007-12-17] (SEIKO EPSON CORPORATION) [File not signed]
R2 EPSON_PM_RPCV4_01; C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE [126464 2007-01-11] (SEIKO EPSON CORPORATION) [File not signed]
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
R2 mitsijm2013; D:\Autodesk Inventor 2014\Inventor 2013\Moldflow\bin\mitsijm.exe [339776 2012-01-30] ( )
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5448976 2015-04-17] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30352 2015-04-22] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 LUMDriver; C:\Windows\system32\drivers\LUMDriver.sys [24848 2008-01-02] (IBM)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-03-17] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-24 13:49 - 2015-09-24 13:49 - 00012311 _____ C:\Users\PC\Desktop\FRST.txt
2015-09-24 13:48 - 2015-09-24 13:49 - 00000000 ____D C:\FRST
2015-09-24 13:48 - 2015-09-24 13:48 - 02192384 _____ (Farbar) C:\Users\PC\Desktop\FRST64.exe
2015-09-24 13:25 - 2015-09-24 13:47 - 00029696 _____ C:\Users\PC\AppData\Local\MSGBOX.EXE
2015-09-24 13:25 - 2015-09-24 13:25 - 00112640 _____ (forum.viry.cz) C:\Users\PC\Desktop\FRSTLauncher.exe
2015-09-24 13:11 - 2015-09-24 12:32 - 00024064 _____ C:\Windows\zoek-delete.exe
2015-09-24 12:33 - 2015-09-24 13:12 - 00008926 _____ C:\zoek-results.log
2015-09-24 12:33 - 2015-09-24 12:33 - 00448000 _____ C:\Users\PC\Desktop\StrengthMeter.xls
2015-09-24 12:32 - 2015-09-24 13:12 - 00000000 ____D C:\zoek_backup
2015-09-24 11:21 - 2015-09-24 11:27 - 00000000 ____D C:\AdwCleaner
2015-09-24 10:58 - 2015-09-24 10:58 - 00026352 _____ C:\Windows\System32\Tasks\DNSTRAWICK
2015-09-24 10:40 - 2015-09-24 10:40 - 00000000 ____D C:\rsit
2015-09-24 10:40 - 2015-09-24 10:40 - 00000000 ____D C:\Program Files\trend micro
2015-09-24 09:44 - 2015-09-24 09:44 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-09-24 09:43 - 2015-09-24 09:43 - 00001102 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-09-24 09:43 - 2015-09-24 09:43 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-09-24 09:43 - 2015-09-24 09:43 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-09-24 09:43 - 2015-03-17 06:15 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-09-24 09:43 - 2015-03-17 06:15 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-09-24 09:43 - 2015-03-17 06:15 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-09-24 09:20 - 2015-09-24 13:12 - 00003594 _____ C:\Windows\PFRO.log
2015-09-24 09:20 - 2015-09-24 13:12 - 00000224 _____ C:\Windows\setupact.log
2015-09-24 09:20 - 2015-09-24 09:20 - 00000000 _____ C:\Windows\setuperr.log
2015-09-23 21:50 - 2015-09-23 21:50 - 00001159 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-09-23 21:50 - 2015-09-23 21:50 - 00001147 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-09-23 21:50 - 2015-09-23 21:50 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-09-23 21:43 - 2015-09-23 21:43 - 00101570 _____ C:\Users\PC\Desktop\bookmarks-2015-09-23.json
2015-09-23 21:32 - 2015-09-23 21:32 - 00007603 _____ C:\Users\PC\AppData\Local\Resmon.ResmonCfg
2015-09-12 10:23 - 2015-09-12 10:31 - 00000000 ____D C:\Users\PC\AppData\Roaming\avidemux
2015-09-12 10:11 - 2015-09-12 10:11 - 00000000 ____D C:\Program Files (x86)\Codec Pack - All In 1
2015-09-08 12:45 - 2015-09-22 20:27 - 00000000 ____D C:\Users\PC\AppData\Roaming\MetaTrader 4 IC Markets
2015-09-08 12:45 - 2015-09-08 12:45 - 00001942 _____ C:\Users\PC\Desktop\MetaTrader 4 IC Markets.lnk
2015-09-08 12:45 - 2015-09-08 12:45 - 00000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MetaTrader 4 IC Markets
2015-09-08 12:38 - 2015-09-08 12:38 - 00000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MetaTrader 4
2015-09-06 16:35 - 2015-09-06 16:39 - 00000000 ____D C:\Users\PC\AppData\Roaming\Nero
2015-09-06 16:34 - 2015-09-21 18:10 - 00000000 ____D C:\ProgramData\Nero
2015-09-05 20:52 - 2015-09-05 20:52 - 00003164 _____ C:\Windows\System32\Tasks\{18A8225A-A9B0-4B8F-BC5F-A2983D58DA5A}
2015-09-02 14:09 - 2015-09-02 14:11 - 00001594 _____ C:\Windows\VPNUnInstall.MIF

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-24 13:20 - 2009-07-14 06:45 - 00014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-09-24 13:20 - 2009-07-14 06:45 - 00014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-09-24 13:16 - 2014-01-27 02:10 - 01886915 _____ C:\Windows\WindowsUpdate.log
2015-09-24 13:12 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-09-24 13:05 - 2014-01-27 02:26 - 00000000 ____D C:\Users\PC\AppData\Local\Google
2015-09-24 12:59 - 2015-07-06 15:42 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-09-24 11:27 - 2015-02-11 21:47 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-09-24 10:20 - 2014-01-27 11:46 - 00000000 ____D C:\Users\PC\AppData\Local\Akamai
2015-09-24 10:03 - 2014-01-27 21:22 - 00000000 ____D C:\Users\PC\AppData\Roaming\rmi
2015-09-23 19:48 - 2009-07-14 17:18 - 00671630 _____ C:\Windows\system32\perfh005.dat
2015-09-23 19:48 - 2009-07-14 17:18 - 00142194 _____ C:\Windows\system32\perfc005.dat
2015-09-23 19:48 - 2009-07-14 07:13 - 01590850 _____ C:\Windows\system32\PerfStringBackup.INI
2015-09-22 20:59 - 2014-06-24 13:28 - 00000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-09-22 16:56 - 2014-03-25 09:53 - 06003720 _____ (MetaQuotes Software Corp.) C:\Windows\system32\MetaViewer64.dll
2015-09-22 16:16 - 2015-07-06 15:42 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-09-22 16:16 - 2015-07-06 15:42 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-09-22 16:16 - 2015-07-06 15:42 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-09-20 19:12 - 2015-08-10 12:20 - 00000866 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-09-12 10:11 - 2014-01-27 12:42 - 00737280 _____ (Indigo Rose Corporation) C:\Windows\iun6002.exe
2015-09-12 10:11 - 2014-01-27 12:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Codec Pack
2015-09-08 09:36 - 2014-03-29 19:22 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-09-07 15:28 - 2014-01-27 02:26 - 00000000 ____D C:\Users\PC\AppData\Roaming\MetaQuotes
2015-09-05 21:42 - 2014-01-27 02:08 - 00000000 ____D C:\Users\PC
2015-09-05 20:53 - 2014-01-27 02:08 - 00000000 ____D C:\Users\PC\AppData\Local\VirtualStore
2015-09-02 17:14 - 2009-07-14 06:45 - 00404296 _____ C:\Windows\system32\FNTCACHE.DAT
2015-09-02 14:07 - 2014-01-27 02:14 - 00115616 _____ C:\Users\PC\AppData\Local\GDIPFONTCACHEV1.DAT
2015-09-02 13:32 - 2015-05-04 11:34 - 00000000 ____D C:\ProgramData\SolidWorks
2015-09-02 13:29 - 2015-05-03 13:24 - 00000000 ____D C:\Program Files\Common Files\SolidWorks Shared
2015-09-02 13:23 - 2015-05-03 13:23 - 00000000 ____D C:\Program Files\SolidWorks Corp
2015-08-30 10:48 - 2014-02-15 12:38 - 00000000 ____D C:\Windows\Minidump
2015-08-27 18:05 - 2014-06-24 13:28 - 00000000 ____D C:\Users\PC\Documents\GTA San Andreas User Files

==================== Files in the root of some directories =======

2015-03-05 14:27 - 2015-03-05 14:27 - 0003584 _____ () C:\Users\PC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-09-24 13:25 - 2015-09-24 13:47 - 0029696 _____ () C:\Users\PC\AppData\Local\MSGBOX.EXE
2015-09-23 21:32 - 2015-09-23 21:32 - 0007603 _____ () C:\Users\PC\AppData\Local\Resmon.ResmonCfg
2015-06-04 10:18 - 2015-06-04 10:18 - 0000000 _____ () C:\Users\PC\AppData\Local\Temp.dat
2014-04-28 10:32 - 2014-04-28 10:32 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2015-02-19 15:16 - 2015-02-19 15:16 - 0000115 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-09-21 18:33

==================== End of FRST.txt ============================

Re: prověřit prosím, seká se mi i prohlížeč

Napsal: 25 zář 2015 06:58
od vyosek
:arrow: OdinstalujteSpybot - Search & Destroy - program ma uz nejlepsi leta davno za sebou a posledni cca 3 roky neni schopen celit aktualnim hrozbam

:arrow: Tvorba fixlistu pro FRST
  • Spustte poznamkovy blok (Start-spustit-notepad)
  • Zkopirujte skript nize

  • Kód: Vybrat vše

    Start
CloseProcesses:
CreateRestorePoint:

HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35760 2009-12-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-139781314-3124158933-651485233-1001\...\Run: [Akamai NetSession Interface] => C:\Users\PC\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-139781314-3124158933-651485233-1001\...\Policies\Explorer: []
HKU\S-1-5-21-139781314-3124158933-651485233-1001\...\MountPoints2: {37bc4751-806a-11e4-994f-74f06da41053} - F:\LenovoUsbDriver.exe
HKU\S-1-5-21-139781314-3124158933-651485233-1001\...\MountPoints2: {a260158f-e8d7-11e4-81b3-74f06da41053} - F:\INTEL\startspk.exe
HKU\S-1-5-21-139781314-3124158933-651485233-1001\...\MountPoints2: {a260165f-e8d7-11e4-81b3-74f06da41053} - G:\INTEL\startspk.exe
BootExecute: autocheck autochk * sdnclean64.exe
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
CHR HKU\S-1-5-21-139781314-3124158933-651485233-1001\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID= ... EF922F2AFE
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID= ... EF922F2AFE
HKU\S-1-5-21-139781314-3124158933-651485233-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID= ... EF922F2AFE

R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X

C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-09-24 13:49 - 2015-09-24 13:49 - 00012311 _____ C:\Users\PC\Desktop\FRST.txt
2015-09-24 13:25 - 2015-09-24 13:47 - 00029696 _____ C:\Users\PC\AppData\Local\MSGBOX.EXE
2015-09-24 13:25 - 2015-09-24 13:25 - 00112640 _____ (forum.viry.cz) C:\Users\PC\Desktop\FRSTLauncher.exe
2015-09-24 13:11 - 2015-09-24 12:32 - 00024064 _____ C:\Windows\zoek-delete.exe
2015-09-24 12:33 - 2015-09-24 13:12 - 00008926 _____ C:\zoek-results.log
2015-09-24 12:32 - 2015-09-24 13:12 - 00000000 ____D C:\zoek_backup
2015-09-24 11:21 - 2015-09-24 11:27 - 00000000 ____D C:\AdwCleaner
2015-09-24 10:40 - 2015-09-24 10:40 - 00000000 ____D C:\rsit
2015-09-24 10:40 - 2015-09-24 10:40 - 00000000 ____D C:\Program Files\trend micro

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Hosts:
EmptyTemp:
Reboot:
End
  • Ulozte vytvoreny TXT jako fixlist.txt
  • Presunte vytvoreny fixlist vedle FRST
:arrow: Spustte znovu FRST.exe
  • Kliknete na Fix
  • Probehne oprava a vytvori log Fixlog.txt
:arrow: Restart PC a dejte mi sem fixlog.txt

Re: prověřit prosím, seká se mi i prohlížeč

Napsal: 25 zář 2015 09:25
od trader
Fix result of Farbar Recovery Scan Tool (x64) Version:23-09-2015
Ran by PC (2015-09-25 10:21:38) Run:1
Running from C:\Users\PC\Desktop
Loaded Profiles: PC (Available Profiles: PC)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35760 2009-12-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-139781314-3124158933-651485233-1001\...\Run: [Akamai NetSession Interface] => C:\Users\PC\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-139781314-3124158933-651485233-1001\...\Policies\Explorer: []
HKU\S-1-5-21-139781314-3124158933-651485233-1001\...\MountPoints2: {37bc4751-806a-11e4-994f-74f06da41053} - F:\LenovoUsbDriver.exe
HKU\S-1-5-21-139781314-3124158933-651485233-1001\...\MountPoints2: {a260158f-e8d7-11e4-81b3-74f06da41053} - F:\INTEL\startspk.exe
HKU\S-1-5-21-139781314-3124158933-651485233-1001\...\MountPoints2: {a260165f-e8d7-11e4-81b3-74f06da41053} - G:\INTEL\startspk.exe
BootExecute: autocheck autochk * sdnclean64.exe
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
CHR HKU\S-1-5-21-139781314-3124158933-651485233-1001\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID= ... EF922F2AFE
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID= ... EF922F2AFE
HKU\S-1-5-21-139781314-3124158933-651485233-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID= ... EF922F2AFE

R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X

C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-09-24 13:49 - 2015-09-24 13:49 - 00012311 _____ C:\Users\PC\Desktop\FRST.txt
2015-09-24 13:25 - 2015-09-24 13:47 - 00029696 _____ C:\Users\PC\AppData\Local\MSGBOX.EXE
2015-09-24 13:25 - 2015-09-24 13:25 - 00112640 _____ (forum.viry.cz) C:\Users\PC\Desktop\FRSTLauncher.exe
2015-09-24 13:11 - 2015-09-24 12:32 - 00024064 _____ C:\Windows\zoek-delete.exe
2015-09-24 12:33 - 2015-09-24 13:12 - 00008926 _____ C:\zoek-results.log
2015-09-24 12:32 - 2015-09-24 13:12 - 00000000 ____D C:\zoek_backup
2015-09-24 11:21 - 2015-09-24 11:27 - 00000000 ____D C:\AdwCleaner
2015-09-24 10:40 - 2015-09-24 10:40 - 00000000 ____D C:\rsit
2015-09-24 10:40 - 2015-09-24 10:40 - 00000000 ____D C:\Program Files\trend micro

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SDTray => value not found.
HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SDWinLogon => key not found.
HKU\S-1-5-21-139781314-3124158933-651485233-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Akamai NetSession Interface => value removed successfully
HKU\S-1-5-21-139781314-3124158933-651485233-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\ => value removed successfully
"HKU\S-1-5-21-139781314-3124158933-651485233-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{37bc4751-806a-11e4-994f-74f06da41053}" => key removed successfully
HKCR\CLSID\{37bc4751-806a-11e4-994f-74f06da41053} => key not found.
"HKU\S-1-5-21-139781314-3124158933-651485233-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a260158f-e8d7-11e4-81b3-74f06da41053}" => key removed successfully
HKCR\CLSID\{a260158f-e8d7-11e4-81b3-74f06da41053} => key not found.
"HKU\S-1-5-21-139781314-3124158933-651485233-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a260165f-e8d7-11e4-81b3-74f06da41053}" => key removed successfully
HKCR\CLSID\{a260165f-e8d7-11e4-81b3-74f06da41053} => key not found.
hklm\System\CurrentControlSet\Control\Session Manager\\BootExecute => value restored successfully
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
"HKU\S-1-5-21-139781314-3124158933-651485233-1001\SOFTWARE\Policies\Google" => key removed successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\S-1-5-21-139781314-3124158933-651485233-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
SDScannerService => service not found.
SDUpdateService => service not found.
SDWSCService => service not found.
EagleX64 => service removed successfully
pccsmcfd => service removed successfully
xhunter1 => service removed successfully
C:\Program Files (x86)\Spybot - Search & Destroy 2 => moved successfully
C:\Users\PC\Desktop\FRST.txt => moved successfully
C:\Users\PC\AppData\Local\MSGBOX.EXE => moved successfully
C:\Users\PC\Desktop\FRSTLauncher.exe => moved successfully
C:\Windows\zoek-delete.exe => moved successfully
C:\zoek-results.log => moved successfully
C:\zoek_backup => moved successfully
C:\AdwCleaner => moved successfully
C:\rsit => moved successfully
C:\Program Files\trend micro => moved successfully
C:\Windows\Tasks\Adobe Flash Player Updater.job => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
EmptyTemp: => 180.3 MB temporary data Removed.


The system needed a reboot..

==== End of Fixlog 10:22:15 ====

PS: firefox mi žere skoro 600 MB ram, něco je tam špatně, když rozkliknu víc panelů, tak je to zasekané, internetem to není, na tabletu a jiném PC to jede v pohodě... :(

Re: prověřit prosím, seká se mi i prohlížeč

Napsal: 30 zář 2015 21:52
od vyosek
Omlouvam se, nejak mi to zapadlo :oops: :oops: :oops:

Seka se jen firefox nebo vsechny prohlizece :???:

Re: prověřit prosím, seká se mi i prohlížeč

Napsal: 30 zář 2015 21:56
od trader
Problém bude hlavně ve Firefoxu....explorer je aktuálně v pořádku.....
Vyskakuji mi reklamy pri kliknuti na jiny odkaz....vyskakuje i dns unlocker

Reinstal firefoxuu do jineho adresare nepomohl

Re: prověřit prosím, seká se mi i prohlížeč

Napsal: 30 zář 2015 21:59
od vyosek
Odinstalujte Firefox, smazte jeho profily C:\Users\PC\AppData\Roaming\Mozilla, znovu nainstalujte a napiste stav

Re: prověřit prosím, seká se mi i prohlížeč

Napsal: 30 zář 2015 22:02
od trader
Pri pustenem firefoxu se nekdy i sekne prace v PC, jelikoz firefox zere velke mnozstvi ram aktualne.

Adresar C:\Users\PC\AppData\Roaming\Mozilla tam není .....


Jak jsem psal vyse, reinstal firefoxu nepomohl. Instaloval jsem i do jineho adresare :/
Všechny časy jsou v UTC+01:00
Stránka 1 z 3

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz