Dobrý den,
nevím, zda je to problém softwarový nebo hardwarový, ale poslední dobou se počítač po zapnutí během chvíle sekne a po restartu chvíli trvá, než se znovu zapne. Systém jako kdyby nemohl naběhnout a počítač se asi 5x pořád dokola restartuje než se zapne. V nouzovém režimu se mi to zatím nestalo. Před časem se počítač párkrát z ničeho nic restartoval, pak ale fungoval normálně. Posílám log z HJT a prosím o kontrolu. Předem děkuji.
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:27:25, on 11.1.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17496)
Boot mode: Safe mode with network support
Running processes:
C:\Windows\Explorer.EXE
C:\Windows\system32\ctfmon.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\KUTIL TEAM\Downloads\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [NvBackend] "C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe"
O4 - HKLM\..\Run: [ShadowPlay] C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Programy\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Sony PC Companion] "C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe" /Background
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: globalUpdate Update Service (globalUpdate) (globalUpdate) - globalUpdate - C:\Program Files\globalUpdate\Update\GoogleUpdate.exe
O23 - Service: globalUpdate Update Service (globalUpdatem) (globalUpdatem) - globalUpdate - C:\Program Files\globalUpdate\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files\Sony\Sony PC Companion\PCCService.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
--
End of file - 6712 bytes
Prosím o kontrolu - samovolné restartování a sekání PC Vyřešeno
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu - samovolné restartování a sekání PC
Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.
- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.
Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.
Stáhni AdwCleaner (by Xplode)
http://www.bleepingcomputer.com/download/adwcleaner/
Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.
Stáhni si Malwarebytes' Anti-Malware
- Při instalaci odeber zatržítko u „Povolit bezplatnou zkušební verzi Malwarebytes' Anti-Malware Premium“
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a klikni na Skenovat nyní a
- po proběhnutí programu se ti objeví hláška vpravo dole tak klikni na b] Kopírovat do schránky [/b]a a vlož sem celý log.
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Pokud budou problémy , spusť v nouz. režimu.
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.
- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.
Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.
Stáhni AdwCleaner (by Xplode)
http://www.bleepingcomputer.com/download/adwcleaner/
Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.
Stáhni si Malwarebytes' Anti-Malware
- Při instalaci odeber zatržítko u „Povolit bezplatnou zkušební verzi Malwarebytes' Anti-Malware Premium“
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a klikni na Skenovat nyní a
- po proběhnutí programu se ti objeví hláška vpravo dole tak klikni na b] Kopírovat do schránky [/b]a a vlož sem celý log.
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Pokud budou problémy , spusť v nouz. režimu.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Prosím o kontrolu - samovolné restartování a sekání PC
Používám pouze Chrome, takže jsem ATF Cleaner vynechal...
Posílám ty 2 logy:
# AdwCleaner v4.107 - Report created 15/01/2015 at 15:33:42
# Updated 07/01/2015 by Xplode
# Database : 2015-01-13.2 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : KUTIL TEAM - KUTILTEAM-PC
# Running from : C:\Users\KUTIL TEAM\Desktop\AdwCleaner.exe
# Option : Scan
***** [ Services ] *****
Service Found : globalUpdate
Service Found : globalUpdatem
***** [ Files / Folders ] *****
Folder Found : C:\Program Files\globalUpdate
Folder Found : C:\Program Files\Torntv V9.0
Folder Found : C:\Users\KUTIL TEAM\AppData\Local\globalUpdate
***** [ Scheduled Tasks ] *****
Task Found : globalUpdateUpdateTaskMachineCore
Task Found : globalUpdateUpdateTaskMachineUA
Task Found : b343e751-e84f-4eec-80c9-cfe0b4d2f58d-1
Task Found : b343e751-e84f-4eec-80c9-cfe0b4d2f58d-11
Task Found : b343e751-e84f-4eec-80c9-cfe0b4d2f58d-2
Task Found : b343e751-e84f-4eec-80c9-cfe0b4d2f58d-4
Task Found : b343e751-e84f-4eec-80c9-cfe0b4d2f58d-5
Task Found : b343e751-e84f-4eec-80c9-cfe0b4d2f58d-6
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Found : HKCU\Software\1ClickDownload
Key Found : HKCU\Software\AppDataLow\Software\Crossrider
Key Found : HKCU\Software\GlobalUpdate
Key Found : HKCU\Software\InstalledBrowserExtensions
Key Found : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Found : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Found : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0051390.BHO
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0051390.BHO.1
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0051390.Sandbox
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0051390.Sandbox.1
Key Found : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Key Found : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Found : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Found : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555135590}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566136690}
Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Found : HKLM\SOFTWARE\GlobalUpdate
Key Found : HKLM\SOFTWARE\InstalledBrowserExtensions
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Found : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Key Found : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17496
-\\ Google Chrome v39.0.2171.95
-\\ Chromium v
*************************
AdwCleaner[R0].txt - [6670 octets] - [15/01/2015 15:33:42]
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [6730 octets] ##########
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 15.1.2015
Scan Time: 15:39:59
Logfile: log.txt
Administrator: Yes
Version: 2.00.4.1028
Malware Database: v2015.01.15.09
Rootkit Database: v2015.01.14.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
OS: Windows 7 Service Pack 1
CPU: x86
File System: NTFS
User: KUTIL TEAM
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 295462
Time Elapsed: 5 min, 48 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 24
PUP.Optional.TornTV.A, HKLM\SOFTWARE\Torntv V9.0, , [6a4b04f3dcadf5413c8cd6dfc241df21],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0051390.BHO, , [2590ab4c7e0bc76f1841cac1a85b52ae],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0051390.BHO.1, , [05b00ee96b1e85b181d88407679c5ba5],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0051390.Sandbox, , [466fcf287415f1453722bfcc2cd7c13f],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0051390.Sandbox.1, , [83327c7b02873105f66314773ec509f7],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\GLOBALUPDATE\UPDATE, , [a1146592b4d57eb81ce8a8e5b251de22],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\3874, , [0baa30c7d4b58ea807c152553bc89b65],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\MOZILLAPLUGINS\@staging.google.com/globalUpdate Update;version=10, , [aa0b956292f786b07f62e903b94bcf31],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\MOZILLAPLUGINS\@staging.google.com/globalUpdate Update;version=4, , [6e4704f3c0c99c9ab62c6785a65e8779],
PUP.Optional.TornTV.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Torntv V9.0, , [6253a057553422148f06c7e7d92a0cf4],
PUP.Optional.1ClickDownload.A, HKU\S-1-5-21-738888244-2907936422-869211564-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\1ClickDownload, , [7e370ee9bfcaac8ac58bb219966ebd43],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738888244-2907936422-869211564-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, , [952055a2b0d9f93d46e7de0022e27987],
PUP.Optional.TornTV.A, HKU\S-1-5-21-738888244-2907936422-869211564-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Torntv V9.0, , [00b566913752dc5a4a4bbaf427dc30d0],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738888244-2907936422-869211564-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\3874, , [ffb6a255afda1323dc0a83fd3fc4916f],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738888244-2907936422-869211564-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\installdaddy, , [1d9834c37910e254ae3adfeb42c2d52b],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, , [aa0b0dea7b0ec86e8e5d391702010af6],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, , [aa0b0dea7b0ec86e8e5d391702010af6],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\globalUpdate.OneClickCtrl.10, , [aa0b0dea7b0ec86e8e5d391702010af6],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, , [aa0b0dea7b0ec86e8e5d391702010af6],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, , [aa0b0dea7b0ec86e8e5d391702010af6],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, , [aa0b0dea7b0ec86e8e5d391702010af6],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\globalUpdate.Update3WebControl.4, , [aa0b0dea7b0ec86e8e5d391702010af6],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, , [aa0b0dea7b0ec86e8e5d391702010af6],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, , [aa0b0dea7b0ec86e8e5d391702010af6],
Registry Values: 1
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\GLOBALUPDATE\UPDATE|path, C:\Program Files\globalUpdate\Update\GoogleUpdate.exe, , [a1146592b4d57eb81ce8a8e5b251de22]
Registry Data: 0
(No malicious items detected)
Folders: 7
PUP.Optional.TornTV.A, C:\Program Files\Torntv V9.0, , [0fa6a057484134026180d0689a69fb05],
PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update, , [aa0b0dea7b0ec86e8e5d391702010af6],
PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update\1.3.25.0, , [aa0b0dea7b0ec86e8e5d391702010af6],
PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update\Download, , [aa0b0dea7b0ec86e8e5d391702010af6],
PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update\Install, , [aa0b0dea7b0ec86e8e5d391702010af6],
PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update\Offline, , [aa0b0dea7b0ec86e8e5d391702010af6],
PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update\Offline\{7980EB94-6A44-4C5D-BE30-65899902B658}, , [aa0b0dea7b0ec86e8e5d391702010af6],
Files: 26
PUP.Optional.CrossRider, C:\Program Files\Torntv V9.0\utils.exe, , [e3d2b245216870c615f0c6862fd101ff],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\b343e751-e84f-4eec-80c9-cfe0b4d2f58d-1.job, , [c9ecd81f0a7f5ed8afce22c83cc8a060],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\b343e751-e84f-4eec-80c9-cfe0b4d2f58d-11.job, , [d4e147b0afda44f286f7c22812f28d73],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\b343e751-e84f-4eec-80c9-cfe0b4d2f58d-2.job, , [c4f12acd3a4f350193eaf0fab252bf41],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\b343e751-e84f-4eec-80c9-cfe0b4d2f58d-4.job, , [6d48985f1277e94dd9a4ffeb64a00cf4],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\b343e751-e84f-4eec-80c9-cfe0b4d2f58d-5.job, , [8d280becf792c86eed90f5f5d1331be5],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\b343e751-e84f-4eec-80c9-cfe0b4d2f58d-6.job, , [189d33c4c6c38da9691406e410f4c43c],
PUP.Optional.GlobalUpdate.A, C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job, , [268f6790addc6ec8ace77179f50fbc44],
PUP.Optional.GlobalUpdate.A, C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore, , [7f36ac4b0c7d1422eaaa5a90fe0633cd],
PUP.Optional.GlobalUpdate.A, C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job, , [7c39a5525b2e50e6781d17d3ad577c84],
PUP.Optional.TornTV.A, C:\Program Files\Torntv V9.0\bgNova.html, , [0fa6a057484134026180d0689a69fb05],
PUP.Optional.TornTV.A, C:\Program Files\Torntv V9.0\1293297481.mxaddon, , [0fa6a057484134026180d0689a69fb05],
PUP.Optional.TornTV.A, C:\Program Files\Torntv V9.0\360-51390.crx, , [0fa6a057484134026180d0689a69fb05],
PUP.Optional.TornTV.A, C:\Program Files\Torntv V9.0\51390.xpi, , [0fa6a057484134026180d0689a69fb05],
PUP.Optional.TornTV.A, C:\Program Files\Torntv V9.0\b343e751-e84f-4eec-80c9-cfe0b4d2f58d.crx, , [0fa6a057484134026180d0689a69fb05],
PUP.Optional.TornTV.A, C:\Program Files\Torntv V9.0\background.html, , [0fa6a057484134026180d0689a69fb05],
PUP.Optional.TornTV.A, C:\Program Files\Torntv V9.0\Torntv V9.0.ico, , [0fa6a057484134026180d0689a69fb05],
PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update\1.3.25.0\GoogleCrashHandler.exe, , [aa0b0dea7b0ec86e8e5d391702010af6],
PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update\1.3.25.0\GoogleUpdate.exe, , [aa0b0dea7b0ec86e8e5d391702010af6],
PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update\1.3.25.0\GoogleUpdateBroker.exe, , [aa0b0dea7b0ec86e8e5d391702010af6],
PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update\1.3.25.0\GoogleUpdateHelper.msi, , [aa0b0dea7b0ec86e8e5d391702010af6],
PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update\1.3.25.0\GoogleUpdateOnDemand.exe, , [aa0b0dea7b0ec86e8e5d391702010af6],
PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update\1.3.25.0\goopdate.dll, , [aa0b0dea7b0ec86e8e5d391702010af6],
PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update\1.3.25.0\goopdateres_en.dll, , [aa0b0dea7b0ec86e8e5d391702010af6],
PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll, , [aa0b0dea7b0ec86e8e5d391702010af6],
PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update\1.3.25.0\psuser.dll, , [aa0b0dea7b0ec86e8e5d391702010af6],
Physical Sectors: 0
(No malicious items detected)
(end)
Posílám ty 2 logy:
# AdwCleaner v4.107 - Report created 15/01/2015 at 15:33:42
# Updated 07/01/2015 by Xplode
# Database : 2015-01-13.2 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : KUTIL TEAM - KUTILTEAM-PC
# Running from : C:\Users\KUTIL TEAM\Desktop\AdwCleaner.exe
# Option : Scan
***** [ Services ] *****
Service Found : globalUpdate
Service Found : globalUpdatem
***** [ Files / Folders ] *****
Folder Found : C:\Program Files\globalUpdate
Folder Found : C:\Program Files\Torntv V9.0
Folder Found : C:\Users\KUTIL TEAM\AppData\Local\globalUpdate
***** [ Scheduled Tasks ] *****
Task Found : globalUpdateUpdateTaskMachineCore
Task Found : globalUpdateUpdateTaskMachineUA
Task Found : b343e751-e84f-4eec-80c9-cfe0b4d2f58d-1
Task Found : b343e751-e84f-4eec-80c9-cfe0b4d2f58d-11
Task Found : b343e751-e84f-4eec-80c9-cfe0b4d2f58d-2
Task Found : b343e751-e84f-4eec-80c9-cfe0b4d2f58d-4
Task Found : b343e751-e84f-4eec-80c9-cfe0b4d2f58d-5
Task Found : b343e751-e84f-4eec-80c9-cfe0b4d2f58d-6
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Found : HKCU\Software\1ClickDownload
Key Found : HKCU\Software\AppDataLow\Software\Crossrider
Key Found : HKCU\Software\GlobalUpdate
Key Found : HKCU\Software\InstalledBrowserExtensions
Key Found : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Found : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Found : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0051390.BHO
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0051390.BHO.1
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0051390.Sandbox
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0051390.Sandbox.1
Key Found : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Key Found : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Found : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Found : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555135590}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566136690}
Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Found : HKLM\SOFTWARE\GlobalUpdate
Key Found : HKLM\SOFTWARE\InstalledBrowserExtensions
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Found : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Key Found : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17496
-\\ Google Chrome v39.0.2171.95
-\\ Chromium v
*************************
AdwCleaner[R0].txt - [6670 octets] - [15/01/2015 15:33:42]
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [6730 octets] ##########
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 15.1.2015
Scan Time: 15:39:59
Logfile: log.txt
Administrator: Yes
Version: 2.00.4.1028
Malware Database: v2015.01.15.09
Rootkit Database: v2015.01.14.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
OS: Windows 7 Service Pack 1
CPU: x86
File System: NTFS
User: KUTIL TEAM
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 295462
Time Elapsed: 5 min, 48 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 24
PUP.Optional.TornTV.A, HKLM\SOFTWARE\Torntv V9.0, , [6a4b04f3dcadf5413c8cd6dfc241df21],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0051390.BHO, , [2590ab4c7e0bc76f1841cac1a85b52ae],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0051390.BHO.1, , [05b00ee96b1e85b181d88407679c5ba5],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0051390.Sandbox, , [466fcf287415f1453722bfcc2cd7c13f],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0051390.Sandbox.1, , [83327c7b02873105f66314773ec509f7],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\GLOBALUPDATE\UPDATE, , [a1146592b4d57eb81ce8a8e5b251de22],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\3874, , [0baa30c7d4b58ea807c152553bc89b65],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\MOZILLAPLUGINS\@staging.google.com/globalUpdate Update;version=10, , [aa0b956292f786b07f62e903b94bcf31],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\MOZILLAPLUGINS\@staging.google.com/globalUpdate Update;version=4, , [6e4704f3c0c99c9ab62c6785a65e8779],
PUP.Optional.TornTV.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Torntv V9.0, , [6253a057553422148f06c7e7d92a0cf4],
PUP.Optional.1ClickDownload.A, HKU\S-1-5-21-738888244-2907936422-869211564-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\1ClickDownload, , [7e370ee9bfcaac8ac58bb219966ebd43],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738888244-2907936422-869211564-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, , [952055a2b0d9f93d46e7de0022e27987],
PUP.Optional.TornTV.A, HKU\S-1-5-21-738888244-2907936422-869211564-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Torntv V9.0, , [00b566913752dc5a4a4bbaf427dc30d0],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738888244-2907936422-869211564-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\3874, , [ffb6a255afda1323dc0a83fd3fc4916f],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738888244-2907936422-869211564-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\installdaddy, , [1d9834c37910e254ae3adfeb42c2d52b],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, , [aa0b0dea7b0ec86e8e5d391702010af6],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, , [aa0b0dea7b0ec86e8e5d391702010af6],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\globalUpdate.OneClickCtrl.10, , [aa0b0dea7b0ec86e8e5d391702010af6],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, , [aa0b0dea7b0ec86e8e5d391702010af6],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, , [aa0b0dea7b0ec86e8e5d391702010af6],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, , [aa0b0dea7b0ec86e8e5d391702010af6],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\globalUpdate.Update3WebControl.4, , [aa0b0dea7b0ec86e8e5d391702010af6],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, , [aa0b0dea7b0ec86e8e5d391702010af6],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, , [aa0b0dea7b0ec86e8e5d391702010af6],
Registry Values: 1
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\GLOBALUPDATE\UPDATE|path, C:\Program Files\globalUpdate\Update\GoogleUpdate.exe, , [a1146592b4d57eb81ce8a8e5b251de22]
Registry Data: 0
(No malicious items detected)
Folders: 7
PUP.Optional.TornTV.A, C:\Program Files\Torntv V9.0, , [0fa6a057484134026180d0689a69fb05],
PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update, , [aa0b0dea7b0ec86e8e5d391702010af6],
PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update\1.3.25.0, , [aa0b0dea7b0ec86e8e5d391702010af6],
PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update\Download, , [aa0b0dea7b0ec86e8e5d391702010af6],
PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update\Install, , [aa0b0dea7b0ec86e8e5d391702010af6],
PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update\Offline, , [aa0b0dea7b0ec86e8e5d391702010af6],
PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update\Offline\{7980EB94-6A44-4C5D-BE30-65899902B658}, , [aa0b0dea7b0ec86e8e5d391702010af6],
Files: 26
PUP.Optional.CrossRider, C:\Program Files\Torntv V9.0\utils.exe, , [e3d2b245216870c615f0c6862fd101ff],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\b343e751-e84f-4eec-80c9-cfe0b4d2f58d-1.job, , [c9ecd81f0a7f5ed8afce22c83cc8a060],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\b343e751-e84f-4eec-80c9-cfe0b4d2f58d-11.job, , [d4e147b0afda44f286f7c22812f28d73],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\b343e751-e84f-4eec-80c9-cfe0b4d2f58d-2.job, , [c4f12acd3a4f350193eaf0fab252bf41],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\b343e751-e84f-4eec-80c9-cfe0b4d2f58d-4.job, , [6d48985f1277e94dd9a4ffeb64a00cf4],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\b343e751-e84f-4eec-80c9-cfe0b4d2f58d-5.job, , [8d280becf792c86eed90f5f5d1331be5],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\b343e751-e84f-4eec-80c9-cfe0b4d2f58d-6.job, , [189d33c4c6c38da9691406e410f4c43c],
PUP.Optional.GlobalUpdate.A, C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job, , [268f6790addc6ec8ace77179f50fbc44],
PUP.Optional.GlobalUpdate.A, C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore, , [7f36ac4b0c7d1422eaaa5a90fe0633cd],
PUP.Optional.GlobalUpdate.A, C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job, , [7c39a5525b2e50e6781d17d3ad577c84],
PUP.Optional.TornTV.A, C:\Program Files\Torntv V9.0\bgNova.html, , [0fa6a057484134026180d0689a69fb05],
PUP.Optional.TornTV.A, C:\Program Files\Torntv V9.0\1293297481.mxaddon, , [0fa6a057484134026180d0689a69fb05],
PUP.Optional.TornTV.A, C:\Program Files\Torntv V9.0\360-51390.crx, , [0fa6a057484134026180d0689a69fb05],
PUP.Optional.TornTV.A, C:\Program Files\Torntv V9.0\51390.xpi, , [0fa6a057484134026180d0689a69fb05],
PUP.Optional.TornTV.A, C:\Program Files\Torntv V9.0\b343e751-e84f-4eec-80c9-cfe0b4d2f58d.crx, , [0fa6a057484134026180d0689a69fb05],
PUP.Optional.TornTV.A, C:\Program Files\Torntv V9.0\background.html, , [0fa6a057484134026180d0689a69fb05],
PUP.Optional.TornTV.A, C:\Program Files\Torntv V9.0\Torntv V9.0.ico, , [0fa6a057484134026180d0689a69fb05],
PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update\1.3.25.0\GoogleCrashHandler.exe, , [aa0b0dea7b0ec86e8e5d391702010af6],
PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update\1.3.25.0\GoogleUpdate.exe, , [aa0b0dea7b0ec86e8e5d391702010af6],
PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update\1.3.25.0\GoogleUpdateBroker.exe, , [aa0b0dea7b0ec86e8e5d391702010af6],
PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update\1.3.25.0\GoogleUpdateHelper.msi, , [aa0b0dea7b0ec86e8e5d391702010af6],
PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update\1.3.25.0\GoogleUpdateOnDemand.exe, , [aa0b0dea7b0ec86e8e5d391702010af6],
PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update\1.3.25.0\goopdate.dll, , [aa0b0dea7b0ec86e8e5d391702010af6],
PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update\1.3.25.0\goopdateres_en.dll, , [aa0b0dea7b0ec86e8e5d391702010af6],
PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll, , [aa0b0dea7b0ec86e8e5d391702010af6],
PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update\1.3.25.0\psuser.dll, , [aa0b0dea7b0ec86e8e5d391702010af6],
Physical Sectors: 0
(No malicious items detected)
(end)
-
Orcus
- člen Security týmu
-
Elite Level 10.5
- Příspěvky: 10645
- Registrován: duben 10
- Bydliště: Okolo rostou 3 růže =o)
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu - samovolné restartování a sekání PC
Znovu spusť MbAM a dej Skenovat nyní
Po proběhnutí programu se ti objeví hláška, tak klikni na „Vše do karantény“ -> „Exportovat záznam“ a vyber „textový soubor“ , soubor nějak pojmenuj a ulož na Plochu.
Zkopíruj sem celý obsah toho logu.
====================================================
Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
Klikni na „ Smazat“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.
====================================================
Stáhni si Junkware Removal Tool
na svojí plochu.
Deaktivuj si svůj antivirový program.
Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.
====================================================
Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
Po proběhnutí programu se ti objeví hláška, tak klikni na „Vše do karantény“ -> „Exportovat záznam“ a vyber „textový soubor“ , soubor nějak pojmenuj a ulož na Plochu.
Zkopíruj sem celý obsah toho logu.
====================================================
Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
Klikni na „ Smazat“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.
====================================================
Stáhni si Junkware Removal Tool
na svojí plochu.
Deaktivuj si svůj antivirový program.
Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.
====================================================
Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
Láska hřeje, ale uhlí je uhlí. 
Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.
Pár rad k bezpečnosti PC.
Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix
Pokud budete spokojeni , můžete podpořit naše fórum.
Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.
Pár rad k bezpečnosti PC.
Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix
Pokud budete spokojeni , můžete podpořit naše fórum.
Re: Prosím o kontrolu - samovolné restartování a sekání PC
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 16.1.2015
Scan Time: 16:24:28
Logfile: log.txt
Administrator: Yes
Version: 0.00.0.0000
Malware Database: v2015.01.16.07
Rootkit Database: v2015.01.14.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
OS: Windows 7 Service Pack 1
CPU: x86
File System: NTFS
User: KUTIL TEAM
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 295416
Time Elapsed: 5 min, 39 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 0
(No malicious items detected)
Registry Values: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Folders: 0
(No malicious items detected)
Files: 0
(No malicious items detected)
Physical Sectors: 0
(No malicious items detected)
(end)
# AdwCleaner v4.107 - Report created 16/01/2015 at 16:31:56
# Updated 07/01/2015 by Xplode
# Database : 2015-01-13.2 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : KUTIL TEAM - KUTILTEAM-PC
# Running from : C:\Users\KUTIL TEAM\Desktop\AdwCleaner.exe
# Option : Clean
***** [ Services ] *****
[#] Service Deleted : globalUpdate
[#] Service Deleted : globalUpdatem
***** [ Files / Folders ] *****
Folder Deleted : C:\Program Files\globalUpdate
Folder Deleted : C:\Users\KUTIL TEAM\AppData\Local\globalUpdate
***** [ Scheduled Tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555135590}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566136690}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17496
-\\ Google Chrome v39.0.2171.95
-\\ Chromium v
*************************
AdwCleaner[R0].txt - [6810 octets] - [15/01/2015 15:33:42]
AdwCleaner[R1].txt - [5875 octets] - [16/01/2015 16:29:58]
AdwCleaner[S0].txt - [5936 octets] - [16/01/2015 16:31:56]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5996 octets] ##########
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.1 (12.28.2014:1)
OS: Windows 7 Home Premium x86
Ran by KUTIL TEAM on p 16.01.2015 at 16:40:33,58
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{44444444-4444-4444-4444-440544134490}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\TypeLib\{44444444-4444-4444-4444-440544134490}
~~~ Files
~~~ Folders
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on p 16.01.2015 at 16:43:26,38
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
RogueKiller V10.1.2.0 [Jan 7 2015] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com
Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno : Normální režim
Uživatel : KUTIL TEAM [Práva správce]
Mód : Prohledat -- Datum : 01/16/2015 16:55:15
¤¤¤ Procesy : 0 ¤¤¤
¤¤¤ Registry : 2 ¤¤¤
[PUM.DesktopIcons] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nalezeno
[PUM.DesktopIcons] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Nalezeno
¤¤¤ Úlohy : 0 ¤¤¤
¤¤¤ Soubory : 0 ¤¤¤
¤¤¤ Soubor HOSTS : 0 ¤¤¤
¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤
¤¤¤ Webové prohlížeče : 0 ¤¤¤
¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: SAMSUNG HD321KJ ATA Device +++++
--- User ---
[MBR] 82d359542e1ebace398153cc14a8b868
[BSP] d206dce5be29dc56ff8c57d590839261 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 63 | Size: 99998 MB
1 - [XXXXXX] EXTEN-LBA (0xf) [VISIBLE] Offset (sectors): 204796620 | Size: 205236 MB
User = LL1 ... OK
User = LL2 ... OK
+++++ PhysicalDrive1: WD 1600BEV External USB Device +++++
--- User ---
[MBR] c812946038f9338dcc542ee3b9f8205a
[BSP] d0ec2211ba2260ee6d54a28c5292c11f : Windows XP MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 152625 MB
User = LL1 ... OK
Error reading LL2 MBR! ([32] Po?adavek není podporován. )
www.malwarebytes.org
Scan Date: 16.1.2015
Scan Time: 16:24:28
Logfile: log.txt
Administrator: Yes
Version: 0.00.0.0000
Malware Database: v2015.01.16.07
Rootkit Database: v2015.01.14.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
OS: Windows 7 Service Pack 1
CPU: x86
File System: NTFS
User: KUTIL TEAM
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 295416
Time Elapsed: 5 min, 39 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 0
(No malicious items detected)
Registry Values: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Folders: 0
(No malicious items detected)
Files: 0
(No malicious items detected)
Physical Sectors: 0
(No malicious items detected)
(end)
# AdwCleaner v4.107 - Report created 16/01/2015 at 16:31:56
# Updated 07/01/2015 by Xplode
# Database : 2015-01-13.2 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : KUTIL TEAM - KUTILTEAM-PC
# Running from : C:\Users\KUTIL TEAM\Desktop\AdwCleaner.exe
# Option : Clean
***** [ Services ] *****
[#] Service Deleted : globalUpdate
[#] Service Deleted : globalUpdatem
***** [ Files / Folders ] *****
Folder Deleted : C:\Program Files\globalUpdate
Folder Deleted : C:\Users\KUTIL TEAM\AppData\Local\globalUpdate
***** [ Scheduled Tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555135590}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566136690}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17496
-\\ Google Chrome v39.0.2171.95
-\\ Chromium v
*************************
AdwCleaner[R0].txt - [6810 octets] - [15/01/2015 15:33:42]
AdwCleaner[R1].txt - [5875 octets] - [16/01/2015 16:29:58]
AdwCleaner[S0].txt - [5936 octets] - [16/01/2015 16:31:56]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5996 octets] ##########
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.1 (12.28.2014:1)
OS: Windows 7 Home Premium x86
Ran by KUTIL TEAM on p 16.01.2015 at 16:40:33,58
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{44444444-4444-4444-4444-440544134490}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\TypeLib\{44444444-4444-4444-4444-440544134490}
~~~ Files
~~~ Folders
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on p 16.01.2015 at 16:43:26,38
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
RogueKiller V10.1.2.0 [Jan 7 2015] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com
Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno : Normální režim
Uživatel : KUTIL TEAM [Práva správce]
Mód : Prohledat -- Datum : 01/16/2015 16:55:15
¤¤¤ Procesy : 0 ¤¤¤
¤¤¤ Registry : 2 ¤¤¤
[PUM.DesktopIcons] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nalezeno
[PUM.DesktopIcons] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Nalezeno
¤¤¤ Úlohy : 0 ¤¤¤
¤¤¤ Soubory : 0 ¤¤¤
¤¤¤ Soubor HOSTS : 0 ¤¤¤
¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤
¤¤¤ Webové prohlížeče : 0 ¤¤¤
¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: SAMSUNG HD321KJ ATA Device +++++
--- User ---
[MBR] 82d359542e1ebace398153cc14a8b868
[BSP] d206dce5be29dc56ff8c57d590839261 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 63 | Size: 99998 MB
1 - [XXXXXX] EXTEN-LBA (0xf) [VISIBLE] Offset (sectors): 204796620 | Size: 205236 MB
User = LL1 ... OK
User = LL2 ... OK
+++++ PhysicalDrive1: WD 1600BEV External USB Device +++++
--- User ---
[MBR] c812946038f9338dcc542ee3b9f8205a
[BSP] d0ec2211ba2260ee6d54a28c5292c11f : Windows XP MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 152625 MB
User = LL1 ... OK
Error reading LL2 MBR! ([32] Po?adavek není podporován. )
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu - samovolné restartování a sekání PC
Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB (kromě myši s klávesnice) nebo externí disky z počítače před spuštěním tohoto programu.
Spusť znovu RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Pak klikni na "Prohledat " ,po jeho skončení:
- V záložkách (Registry , Tasks , Web Browser apod.) vše zatrhni (dej zatržítka)
(musíš dát myší zatržítko do toho čtverečku vlevo od registru ap.)
- Klikni na "Smazat"
- Počkej, dokud Status box nezobrazí " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller
Vypni antivir
Stáhni
Zoek.exe
a uloz si ho na plochu.
Zavři všechny ostatní programy , okna i prohlížeče.
Spusť Zoek.exe ( u win vista , win7, 8 klikni na něj pravým a vyber : „Spustit jako správce“
- pozor , náběh programu může trvat déle.
Do okna programu vlož skript níže:
klikni na Run Script
Program provede sken , opravu, sken i oprava může trvat i více minut ,je třeba posečkat do konce. Do okna neklikej!
Program nabídne restart , potvrď .
Po restartu se může nějaký čas ukázat pouze černá plocha , to je normální. Je třeba počkat až se vytvoří log. Ten si můžeš uložit třeba do dokumentů , jinak se sám ukládá do:
C:\zoek-results.log
Zkopíruj sem celý obsah toho logu.
Prosím, odpoj všechny USB (kromě myši s klávesnice) nebo externí disky z počítače před spuštěním tohoto programu.
Spusť znovu RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Pak klikni na "Prohledat " ,po jeho skončení:
- V záložkách (Registry , Tasks , Web Browser apod.) vše zatrhni (dej zatržítka)
(musíš dát myší zatržítko do toho čtverečku vlevo od registru ap.)
- Klikni na "Smazat"
- Počkej, dokud Status box nezobrazí " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller
Vypni antivir
Stáhni
Zoek.exe
a uloz si ho na plochu.
Zavři všechny ostatní programy , okna i prohlížeče.
Spusť Zoek.exe ( u win vista , win7, 8 klikni na něj pravým a vyber : „Spustit jako správce“
- pozor , náběh programu může trvat déle.
Do okna programu vlož skript níže:
Kód: Vybrat vše
autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts; klikni na Run Script
Program provede sken , opravu, sken i oprava může trvat i více minut ,je třeba posečkat do konce. Do okna neklikej!
Program nabídne restart , potvrď .
Po restartu se může nějaký čas ukázat pouze černá plocha , to je normální. Je třeba počkat až se vytvoří log. Ten si můžeš uložit třeba do dokumentů , jinak se sám ukládá do:
C:\zoek-results.log
Zkopíruj sem celý obsah toho logu.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Prosím o kontrolu - samovolné restartování a sekání PC
RogueKiller V10.1.2.0 [Jan 7 2015] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com
Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno : Normální režim
Uživatel : KUTIL TEAM [Práva správce]
Mód : Smazat -- Datum : 01/16/2015 22:22:37
¤¤¤ Procesy : 0 ¤¤¤
¤¤¤ Registry : 2 ¤¤¤
[PUM.DesktopIcons] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nahrazeno (0)
[PUM.DesktopIcons] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Nahrazeno (0)
¤¤¤ Úlohy : 0 ¤¤¤
¤¤¤ Soubory : 0 ¤¤¤
¤¤¤ Soubor HOSTS : 0 ¤¤¤
¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤
¤¤¤ Webové prohlížeče : 1 ¤¤¤
[IE:Addon] System : Google Toolbar [{2318C2B1-4965-11d4-9B18-009027A5CD4F}] -> Smazáno
¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: SAMSUNG HD321KJ ATA Device +++++
--- User ---
[MBR] 82d359542e1ebace398153cc14a8b868
[BSP] d206dce5be29dc56ff8c57d590839261 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 63 | Size: 99998 MB
1 - [XXXXXX] EXTEN-LBA (0xf) [VISIBLE] Offset (sectors): 204796620 | Size: 205236 MB
User = LL1 ... OK
User = LL2 ... OK
============================================
RKreport_SCN_01162015_165510.log - RKreport_SCN_01162015_222047.log
Druhý log posílám v příloze - obsahoval příliš mnoho znaků...
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com
Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno : Normální režim
Uživatel : KUTIL TEAM [Práva správce]
Mód : Smazat -- Datum : 01/16/2015 22:22:37
¤¤¤ Procesy : 0 ¤¤¤
¤¤¤ Registry : 2 ¤¤¤
[PUM.DesktopIcons] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nahrazeno (0)
[PUM.DesktopIcons] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Nahrazeno (0)
¤¤¤ Úlohy : 0 ¤¤¤
¤¤¤ Soubory : 0 ¤¤¤
¤¤¤ Soubor HOSTS : 0 ¤¤¤
¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤
¤¤¤ Webové prohlížeče : 1 ¤¤¤
[IE:Addon] System : Google Toolbar [{2318C2B1-4965-11d4-9B18-009027A5CD4F}] -> Smazáno
¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: SAMSUNG HD321KJ ATA Device +++++
--- User ---
[MBR] 82d359542e1ebace398153cc14a8b868
[BSP] d206dce5be29dc56ff8c57d590839261 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 63 | Size: 99998 MB
1 - [XXXXXX] EXTEN-LBA (0xf) [VISIBLE] Offset (sectors): 204796620 | Size: 205236 MB
User = LL1 ... OK
User = LL2 ... OK
============================================
RKreport_SCN_01162015_165510.log - RKreport_SCN_01162015_222047.log
Druhý log posílám v příloze - obsahoval příliš mnoho znaků...
- Přílohy
-
- Nový Dokument aplikace Microsoft Word.docx
- Zoek log
- (78.19 KiB) Staženo 27 x
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu - samovolné restartování a sekání PC
Vlož nový log z HJT + info o problémech.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Prosím o kontrolu - samovolné restartování a sekání PC
V posledních dnech se žádný problém neobjevil, vše funguje jak má 
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:29:38, on 17.1.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17496)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe
C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\explorer.exe
C:\Users\KUTIL TEAM\Downloads\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [NvBackend] "C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe"
O4 - HKLM\..\Run: [ShadowPlay] C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Programy\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Sony PC Companion] "C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe" /Background
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files\Sony\Sony PC Companion\PCCService.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
--
End of file - 6215 bytes
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:29:38, on 17.1.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17496)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe
C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\explorer.exe
C:\Users\KUTIL TEAM\Downloads\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [NvBackend] "C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe"
O4 - HKLM\..\Run: [ShadowPlay] C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Programy\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Sony PC Companion] "C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe" /Background
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files\Sony\Sony PC Companion\PCCService.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
--
End of file - 6215 bytes
-
Orcus
- člen Security týmu
-
Elite Level 10.5
- Příspěvky: 10645
- Registrován: duben 10
- Bydliště: Okolo rostou 3 růže =o)
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu - samovolné restartování a sekání PC
V HJT fixni:
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
====================================================
Stáhni si zde DelFix
http://general-changelog-team.fr/fr/dow ... e/9-delfix
ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7 a 8, musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore) .
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci.
Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem. Jinak je zpráva zde:
v C: \ DelFix.txt
Pokud nejsou problémy, je to vše a můžeš dát vyřešeno , zelenou fajfku.
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
====================================================
Stáhni si zde DelFix
http://general-changelog-team.fr/fr/dow ... e/9-delfix
ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7 a 8, musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore) .
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci.
Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem. Jinak je zpráva zde:
v C: \ DelFix.txt
Pokud nejsou problémy, je to vše a můžeš dát vyřešeno , zelenou fajfku.
Láska hřeje, ale uhlí je uhlí.
Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.
Pár rad k bezpečnosti PC.
Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix
Pokud budete spokojeni , můžete podpořit naše fórum.
Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.
Pár rad k bezpečnosti PC.
Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix
Pokud budete spokojeni , můžete podpořit naše fórum.
Re: Prosím o kontrolu - samovolné restartování a sekání PC Vyřešeno
# DelFix v10.8 - Logfile created 22/01/2015 at 23:42:41
# Updated 29/07/2014 by Xplode
# Username : KUTIL TEAM - KUTILTEAM-PC
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
~ Removing disinfection tools ...
Deleted : C:\zoek_backup
Deleted : C:\AdwCleaner
Deleted : C:\zoek-results.log
Deleted : C:\Users\KUTIL TEAM\Desktop\AdwCleaner.exe
Deleted : C:\Users\KUTIL TEAM\Desktop\JRT.exe
Deleted : C:\Users\KUTIL TEAM\Desktop\RogueKiller.exe
Deleted : C:\Users\KUTIL TEAM\Desktop\Zoek log.txt
Deleted : C:\Users\KUTIL TEAM\Desktop\zoek.exe
Deleted : C:\Users\KUTIL TEAM\Downloads\HijackThis.exe
Deleted : C:\Users\KUTIL TEAM\Downloads\hijackthis.log
Deleted : C:\Users\KUTIL TEAM\Downloads\TFC.exe
Deleted : HKLM\SOFTWARE\OldTimer Tools
Deleted : HKLM\SOFTWARE\AdwCleaner
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis
~ Cleaning system restore ...
Deleted : RP #104 [Installed SWAT 4. | 01/02/2015 11:08:27]
Deleted : RP #105 [Windows Update | 01/06/2015 08:45:55]
Deleted : RP #106 [Windows Update | 01/09/2015 15:38:38]
Deleted : RP #107 [Windows Update | 01/14/2015 22:16:40]
Deleted : RP #108 [Windows Update | 01/14/2015 22:19:26]
Deleted : RP #109 [zoek.exe restore point | 01/16/2015 21:27:36]
Deleted : RP #110 [Windows Update | 01/20/2015 08:21:11]
New restore point created !
########## - EOF - ##########
Žádné problémy nejsou. Mockrát děkuji za pomoc!
# Updated 29/07/2014 by Xplode
# Username : KUTIL TEAM - KUTILTEAM-PC
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
~ Removing disinfection tools ...
Deleted : C:\zoek_backup
Deleted : C:\AdwCleaner
Deleted : C:\zoek-results.log
Deleted : C:\Users\KUTIL TEAM\Desktop\AdwCleaner.exe
Deleted : C:\Users\KUTIL TEAM\Desktop\JRT.exe
Deleted : C:\Users\KUTIL TEAM\Desktop\RogueKiller.exe
Deleted : C:\Users\KUTIL TEAM\Desktop\Zoek log.txt
Deleted : C:\Users\KUTIL TEAM\Desktop\zoek.exe
Deleted : C:\Users\KUTIL TEAM\Downloads\HijackThis.exe
Deleted : C:\Users\KUTIL TEAM\Downloads\hijackthis.log
Deleted : C:\Users\KUTIL TEAM\Downloads\TFC.exe
Deleted : HKLM\SOFTWARE\OldTimer Tools
Deleted : HKLM\SOFTWARE\AdwCleaner
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis
~ Cleaning system restore ...
Deleted : RP #104 [Installed SWAT 4. | 01/02/2015 11:08:27]
Deleted : RP #105 [Windows Update | 01/06/2015 08:45:55]
Deleted : RP #106 [Windows Update | 01/09/2015 15:38:38]
Deleted : RP #107 [Windows Update | 01/14/2015 22:16:40]
Deleted : RP #108 [Windows Update | 01/14/2015 22:19:26]
Deleted : RP #109 [zoek.exe restore point | 01/16/2015 21:27:36]
Deleted : RP #110 [Windows Update | 01/20/2015 08:21:11]
New restore point created !
########## - EOF - ##########
Žádné problémy nejsou. Mockrát děkuji za pomoc!
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 92 hostů