cisteni notebooku

Zpráva

Hop · #1 Příspěvek od **Hop** » 29 pro 2015 22:29

Desktop.zip: (22 bajtů) Staženo 49 x

Dobry den, kamarad prosi o vysteni zpomaleneho notebooku.
Uz jsem aplikoval adwcleaner, log je v priloze. Posilam log FRST a prosim o kontrolu:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:29-12-2015
Ran by user (administrator) on TOMEK-LAPTOP (29-12-2015 22:19:28)
Running from C:\Documents and Settings\user\Desktop
Loaded Profiles: user (Available Profiles: user & Administrator)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) Language: English (United States)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Lenovo) C:\WINDOWS\system32\ibmpmsvc.exe
(Intel Corporation ) C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Lenovo Group Limited) C:\WINDOWS\system32\IPSSVC.EXE
(Lenovo ) C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
(HP) C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
(Lenovo Group Limited) C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
(Lenovo.) C:\WINDOWS\system32\TPHDEXLG.exe
(IBM) C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe
() C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
(Lenovo Group Limited) C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
() C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe
(Lenovo ) C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\System Update\SUService.exe
() C:\Program Files\Common Files\Lenovo\Logger\logmon.exe
(Lenovo ) C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
(Intel Corporation) C:\WINDOWS\system32\igfxtray.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Lenovo ) C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Farbar) C:\Documents and Settings\user\Desktop\FRST 32.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ACWLIcon] => C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe [126976 2007-07-05] (Lenovo )
HKLM\...\Run: [avast] => C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-08-30] (AVAST Software)
HKLM\...\Run: [] => [X]
Winlogon\Notify\ACNotify: C:\Program Files\ThinkPad\ConnectUtilities\ACNotify.dll [2007-07-05] (Lenovo )
Winlogon\Notify\psfus: C:\WINDOWS\system32\psqlpwd.dll [2007-03-15] (UPEK Inc.)
HKLM\...\Policies\Explorer: [NoCDBurning] 0
HKU\S-1-5-21-3927641593-2416986369-1215300548-1006\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6602152 2015-12-08] (Piriform Ltd)
Lsa: [Notification Packages] ACGina psqlpwd scecli
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2013-08-30] (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.10.1
Tcpip\..\Interfaces\{3EAFEB42-A16B-4103-99BF-1C1A71DE396E}: [DhcpNameServer] 192.168.10.1
Tcpip\..\Interfaces\{63ED7FE6-631E-4811-B0FB-5D6A2815BD1C}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo.live.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/welcome/thinkpad
HKU\S-1-5-21-3927641593-2416986369-1215300548-1006\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.gazeta.pl/0,0.html?p=164
HKU\S-1-5-21-3927641593-2416986369-1215300548-1006\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
URLSearchHook: HKLM -> Default = {CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D}
SearchScopes: HKU\S-1-5-21-3927641593-2416986369-1215300548-1006 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&entrypoint={referrer:source?}&FORM=LENIE
SearchScopes: HKU\S-1-5-21-3927641593-2416986369-1215300548-1006 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&entrypoint={referrer:source?}&FORM=LENIE
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-08-30] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Toolbar: HKLM - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-08-30] (AVAST Software)
DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

FireFox:
========
FF ProfilePath: C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\ulkww3d0.default
FF SelectedSearchEngine: Trovi search
FF Homepage: hxxp:/index.jhtml?ptb=944CAE30-2BAD-475D-ADDE-0B85C4975536&n=780bfd79&p2=^XN^yyyyyy^YYA^cz
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll [2013-10-01] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-08-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2014-08-03] (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2011-08-15] [not signed]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-10-01] [not signed]
FF HKU\S-1-5-21-3927641593-2416986369-1215300548-1006\...\Firefox\Extensions: [{FCF36B88-1BBA-487f-B64B-D2E8980A9293}] - C:\Program Files\Lenovo\Client Security Solution\PWM Firefox Extension
FF Extension: ThinkVantage Password Manager - C:\Program Files\Lenovo\Client Security Solution\PWM Firefox Extension [2013-10-01] [not signed]

Chrome:
=======
CHR Profile: C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\User Data\Default
CHR Extension: (Google Wallet) - C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-31]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AcPrfMgrSvc; C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe [65536 2007-07-05] (Lenovo ) [File not signed]
R2 AcSvc; C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe [184320 2007-07-05] (Lenovo ) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-08-30] (AVAST Software)
R2 EvtEng; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [647168 2007-04-16] (Intel Corporation) [File not signed]
S3 HP DS Service; C:\Program Files\HP\HPBDSService\HPBDSService.exe [13824 2011-10-17] (Hewlett-Packard Company) [File not signed]
R2 HP LaserJet Service; C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe [164864 2012-05-02] (HP) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 IPSSVC; C:\WINDOWS\system32\IPSSVC.EXE [108080 2007-01-30] (Lenovo Group Limited)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.266\McCHSvc.exe [235696 2015-12-02] (McAfee, Inc.)
R2 Net Driver HPZ12; C:\WINDOWS\system32\HPZinw12.dll [45568 2011-04-13] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.dll [55808 2011-04-13] (Hewlett-Packard) [File not signed]
R2 RegSrvc; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [327680 2007-04-16] (Intel Corporation) [File not signed]
R2 S24EventMonitor; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [983040 2007-04-16] (Intel Corporation ) [File not signed]
R2 SUService; c:\program files\lenovo\system update\suservice.exe [28672 2011-07-25] (Lenovo Group Limited) [File not signed]
R2 TSSCoreService; C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe [722232 2007-08-04] (IBM)
R2 TVT Backup Protection Service; C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe [569344 2007-02-08] () [File not signed]
R2 TVT Backup Service; C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe [950272 2007-02-08] (Lenovo Group Limited) [File not signed]
R2 TVT Scheduler; c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe [1122304 2008-03-04] (Lenovo Group Limited) [File not signed]
R2 tvtnetwk; C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe [45056 2007-02-08] () [File not signed]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 abp480n5; C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS [23552 2001-08-17] (Microsoft Corporation)
S3 ac97intc; C:\WINDOWS\System32\drivers\ac97intc.sys [96256 2001-08-17] (Intel Corporation)
R2 AegisP; C:\WINDOWS\System32\DRIVERS\AegisP.sys [21393 2011-08-11] (Cisco Systems, Inc.)
R1 ANC; C:\WINDOWS\System32\drivers\ANC.SYS [11520 2005-11-08] (IBM Corp.) [File not signed]
R2 aswFsBlk; C:\WINDOWS\system32\Drivers\aswFsBlk.sys [29816 2013-08-30] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [66336 2013-08-30] (AVAST Software)
R1 AswRdr; C:\WINDOWS\system32\Drivers\AswRdr.sys [49760 2013-08-30] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49376 2013-08-30] ()
R1 aswSnx; C:\WINDOWS\system32\Drivers\aswSnx.sys [770344 2013-08-30] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\Drivers\aswSP.sys [369584 2013-08-30] (AVAST Software)
R1 aswTdi; C:\WINDOWS\system32\Drivers\aswTdi.sys [56080 2013-08-30] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [177864 2013-08-30] ()
R3 atmeltpm; C:\WINDOWS\System32\DRIVERS\atmeltpm.sys [15872 2005-05-17] (Atmel, Inc.)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R3 HSFHWAZL; C:\WINDOWS\System32\DRIVERS\HSFHWAZL.sys [209664 2006-12-22] (Conexant Systems, Inc.)
R3 HSF_DPV; C:\WINDOWS\System32\DRIVERS\HSF_DPV.sys [988800 2006-12-22] (Conexant Systems, Inc.)
R1 IBMTPCHK; C:\WINDOWS\system32\Drivers\IBMBLDID.sys [4224 2007-04-02] () [File not signed]
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R3 NETw4x32; C:\WINDOWS\System32\DRIVERS\NETw4x32.sys [2206976 2007-04-30] (Intel Corporation)
R2 pmem; C:\WINDOWS\System32\drivers\pmemnt.sys [7012 2011-08-11] (Microsoft Corporation) [File not signed]
R2 PROCDD; C:\WINDOWS\System32\DRIVERS\PROCDD.SYS [12080 2006-11-06] (Lenovo Group Limited)
R2 s24trans; C:\WINDOWS\System32\DRIVERS\s24trans.sys [12416 2007-03-29] (Intel Corporation) [File not signed]
R2 smihlp; C:\Program Files\Common Files\ThinkVantage Fingerprint Software\Drivers\smihlp.sys [11152 2007-03-15] (UPEK Inc.)
R3 SNP2UVC; C:\WINDOWS\System32\DRIVERS\snp2uvc.sys [9598080 2007-02-16] ()
R1 TPPWRIF; C:\WINDOWS\System32\drivers\Tppwrif.sys [4442 2007-12-06] () [File not signed]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
U5 Sdbus; C:\Windows\System32\Drivers\Sdbus.sys [79232 2008-04-13] (Microsoft Corporation)
S3 TVTPktFilter; system32\DRIVERS\tvtpktfilter.sys [X]
S3 UIUSys; system32\DRIVERS\UIUSYS.SYS [X]
U1 WS2IFSL; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-12-29 22:19 - 2015-12-29 22:19 - 00014158 _____ C:\Documents and Settings\user\Desktop\FRST.txt
2015-12-29 22:19 - 2015-12-29 22:19 - 00000000 ____D C:\FRST
2015-12-29 22:19 - 2015-12-29 22:18 - 01721856 _____ (Farbar) C:\Documents and Settings\user\Desktop\FRST 32.exe
2015-12-29 22:15 - 2015-12-13 16:03 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\user\Desktop\FRSTLauncher.exe
2015-12-29 22:06 - 2015-12-29 22:09 - 00000000 ____D C:\Documents and Settings\user\Desktop\videa
2015-12-29 21:52 - 2015-12-29 21:53 - 00000000 ____D C:\AdwCleaner
2015-12-29 21:51 - 2015-12-13 15:45 - 01738240 _____ C:\Documents and Settings\user\Desktop\adwcleaner_5.024.exe
2015-12-29 21:37 - 2015-12-29 21:37 - 00000000 ____D C:\WINDOWS\pss
2015-12-29 21:13 - 2015-12-29 21:13 - 00000770 _____ C:\Documents and Settings\user\Desktop\FreeCommander XE.lnk
2015-12-29 21:13 - 2015-12-29 21:13 - 00000000 ____D C:\Program Files\FreeCommander XE
2015-12-29 21:13 - 2015-12-29 21:13 - 00000000 ____D C:\Documents and Settings\user\Local Settings\Application Data\FreeCommanderXE
2015-12-29 21:13 - 2015-12-29 21:13 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\FreeCommander XE
2015-12-29 21:11 - 2015-12-29 21:11 - 00000930 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-12-29 21:09 - 2015-12-29 21:09 - 00000689 _____ C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
2015-12-29 21:09 - 2015-12-29 21:09 - 00000000 ____D C:\Program Files\CCleaner
2015-12-29 21:09 - 2015-12-29 21:09 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\CCleaner
2015-12-29 20:55 - 2015-12-29 20:55 - 00001696 _____ C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
2015-12-29 20:55 - 2015-12-29 20:55 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\avast! Free Antivirus
2015-12-23 07:58 - 2015-12-25 10:42 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-12-20 14:20 - 2015-12-20 14:20 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\McAfee Security Scan Plus

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-12-29 22:19 - 2013-10-01 17:17 - 00001036 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-29 22:19 - 2013-10-01 17:17 - 00000360 ____H C:\WINDOWS\Tasks\avast! Emergency Update.job
2015-12-29 22:19 - 2013-10-01 16:52 - 00000000 ____D C:\Documents and Settings\user\Local Settings\Temp
2015-12-29 22:19 - 2006-04-29 17:57 - 00000000 ____D C:\WINDOWS
2015-12-29 22:17 - 2006-04-30 01:04 - 00526726 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-12-29 22:16 - 2014-08-14 20:39 - 00007680 _____ C:\Documents and Settings\user\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-12-29 22:16 - 2011-08-15 07:16 - 00000426 ____H C:\WINDOWS\Tasks\User_Feed_Synchronization-{352F88C5-1543-4C71-83EC-EBC23C5832C2}.job
2015-12-29 22:14 - 2015-07-11 08:28 - 00000220 _____ C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2015-12-29 22:14 - 2013-10-01 17:17 - 00001032 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-29 22:14 - 2006-04-30 07:56 - 00002278 _____ C:\WINDOWS\system32\wpa.dbl
2015-12-29 22:13 - 2007-07-27 07:37 - 00025269 _____ C:\WINDOWS\system32\PROCDB.INI
2015-12-29 22:13 - 2007-07-27 07:37 - 00000380 _____ C:\WINDOWS\system32\IPSCtrl.INI
2015-12-29 22:13 - 2006-04-30 08:20 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-12-29 22:12 - 2013-10-01 16:52 - 00000178 ___SH C:\Documents and Settings\user\ntuser.ini
2015-12-29 22:12 - 2006-04-30 08:20 - 00032506 _____ C:\WINDOWS\SchedLgU.Txt
2015-12-29 22:05 - 2011-08-11 06:10 - 00000000 ____D C:\drivers end programs install
2015-12-29 21:25 - 2011-08-11 12:59 - 00000000 ____D C:\WINDOWS\Minidump
2015-12-29 21:22 - 2011-08-11 06:21 - 00000316 _____ C:\WINDOWS\Tasks\PMTask.job
2015-12-29 21:11 - 2013-10-01 17:40 - 00796864 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2015-12-29 21:11 - 2013-10-01 17:40 - 00142528 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2015-12-29 21:09 - 2013-10-01 16:52 - 00000000 ____D C:\Documents and Settings\user\Local Settings\Application Data\Adobe
2015-12-29 20:55 - 2006-04-30 08:13 - 00002577 _____ C:\WINDOWS\system32\CONFIG.NT
2015-12-29 20:45 - 2015-08-16 23:27 - 00000374 _____ C:\WINDOWS\Tasks\At2.job
2015-12-29 20:08 - 2015-07-09 18:39 - 00065536 _____ C:\WINDOWS\system32\config\OAlerts.evt
2015-12-29 14:30 - 2015-08-16 23:27 - 00000374 _____ C:\WINDOWS\Tasks\At4.job
2015-12-29 10:15 - 2015-08-16 23:27 - 00000374 _____ C:\WINDOWS\Tasks\At1.job
2015-12-29 00:27 - 2015-08-16 23:27 - 00000374 _____ C:\WINDOWS\Tasks\At3.job
2015-12-28 16:58 - 2011-08-11 06:36 - 00000000 ____D C:\SWSHARE
2015-12-28 16:56 - 2013-10-01 17:08 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2015-12-25 10:36 - 2015-07-09 19:14 - 00002547 _____ C:\Documents and Settings\user\Desktop\Microsoft Word 2010.lnk
2015-12-20 14:20 - 2015-11-15 14:04 - 00000000 ____D C:\Program Files\McAfee Security Scan
2015-12-20 14:20 - 2015-07-12 13:27 - 00001819 _____ C:\Documents and Settings\All Users\Desktop\McAfee Security Scan Plus.lnk
2015-12-16 17:03 - 2013-10-01 16:52 - 00000000 ___RD C:\Documents and Settings\user\My Documents
2015-12-14 12:47 - 2006-04-30 01:20 - 00000000 __SHD C:\Documents and Settings\NetworkService
2015-12-14 12:47 - 2006-04-30 01:20 - 00000000 __SHD C:\Documents and Settings\LocalService
2015-12-12 17:03 - 2014-11-24 16:17 - 00000556 ____N C:\Documents and Settings\user\Desktop\Shortcut to Labels.lnk
2015-12-10 07:03 - 2011-08-11 12:35 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Microsoft Help
2015-12-10 06:56 - 2015-07-11 02:18 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-12-10 06:50 - 2011-08-14 13:00 - 137798368 ____N (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-12-08 15:00 - 2015-07-11 08:28 - 00000214 ____N C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job

==================== Files in the root of some directories =======

2014-08-14 20:39 - 2015-12-29 22:16 - 0007680 _____ () C:\Documents and Settings\user\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-08-28 08:49 - 2011-08-28 08:49 - 0000000 ____N () C:\Documents and Settings\All Users\Application Data\Bass Reduction
2011-09-27 10:48 - 2013-10-01 16:29 - 0000000 ____H () C:\Documents and Settings\All Users\Application Data\PKP_DLdu.DAT
2011-08-28 08:41 - 2011-08-28 08:49 - 0000000 ____H () C:\Documents and Settings\All Users\Application Data\PKP_DLes.DAT
2011-08-28 08:41 - 2011-08-28 08:49 - 0000000 ____H () C:\Documents and Settings\All Users\Application Data\PKP_DLet.DAT
2011-08-28 08:41 - 2011-08-28 08:49 - 0000000 ____H () C:\Documents and Settings\All Users\Application Data\PKP_DLev.DAT

Files to move or delete:
====================
C:\Windows\Tasks\At1.job
C:\Windows\Tasks\At2.job
C:\Windows\Tasks\At3.job
C:\Windows\Tasks\At4.job

Some files in TEMP:
====================
C:\Documents and Settings\user\Local Settings\Temp\sqlite3.dll

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of FRST.txt ============================

#2 Příspěvek od **Márty84** » 31 pro 2015 10:35

Zdravim

Log z ADWCleaneru jsem nenasel, takze preventivne...

Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Spustte ho.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner[C?].txt ). Ten mi sem zkopirujte.

Udelejte !!!kompletni!!! kontrolu s MBAM http://www.bleepingcomputer.com/downloa ... re/dl/241/ (musite stahnout verzi 1.75, odmitnout upgrade na novejsi verzi a aktualizovat jen virovou databazi) a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce. Navod zde http://forum.viry.cz/viewtopic.php?f=29&t=115222

20.2. pro neaktivitu

http://forum.viry.cz/viewtopic.php?f=12&t=123975

VIRY.CZ

cisteni notebooku

cisteni notebooku

Re: cisteni notebooku