kontrola logu

masterbill · Příspěvekod **masterbill** » 17 srp 2015 10:39

ahoj,
měl jsem v PC nějaký super prográmek "Great Find", který mi vyhazoval reklamy v prohlížeči - odinstaloval jsem ho přes funkce nyní dávám logy

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 9:36:30, on 17.8.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17910)

FIREFOX: 40.0 (x86 cs)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\GlassWire\GWIdlMon.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
C:\Program Files (x86)\ConMet\ConMet.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Users\Jindra\AppData\Local\Akamai\netsession_win.exe
C:\Users\Jindra\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\GlassWire\GlassWire.exe
C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
C:\Program Files (x86)\ROCCAT\Roccat Talk\Roccat Talk.exe
C:\Users\Jindra\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe
C:\Program Files (x86)\ROCCAT\Isku Keyboard\IskuMonitor.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
C:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exe
C:\Users\Jindra\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\RzCefRenderProcess.exe
C:\Users\Jindra\Desktop\HijackThis.exe
C:\Windows\SysWOW64\DllHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
O4 - HKLM\..\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
O4 - HKLM\..\Run: [Family Tree Builder Update] C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe
O4 - HKLM\..\Run: [RoccatIsku] "C:\Program Files (x86)\ROCCAT\Isku Keyboard\IskuMonitor.EXE"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKCU\..\Run: [Rainlendar2] C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - HKCU\..\Run: [iCloudDrive] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
O4 - HKCU\..\Run: [ConMet] C:\Program Files (x86)\ConMet\ConMet.exe
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Jindra\AppData\Local\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [Dropbox Update] "C:\Users\Jindra\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
O4 - HKCU\..\Run: [GlassWire] "C:\Program Files (x86)\GlassWire\glasswire.exe" -hide
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - Startup: Dropbox.lnk = Jindra\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Global Startup: Roccat Talk.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\PROGRA~2\MICROS~3\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do OneNotu - res://C:\PROGRA~2\MICROS~3\Office15\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://*.aeriagames.com
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} (JuniperSetupClientControl Class) - https://irs.vodafone.cz/dana-cached/sc/ ... Client.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter hijack: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: GlassWire Control Service (GlassWire) - SecureMix LLC - C:\Program Files (x86)\GlassWire\GWCtlSrv.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Razer Game Scanner (Razer Game Scanner Service) - Unknown owner - C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: SACSrv - SafeNet, Inc. - C:\Program Files\SafeNet\Authentication\SAC\x64\SACSrv.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINDOWS\SYSWOW64\VMNETDHCP.EXE
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\WINDOWS\SYSWOW64\VMNAT.EXE
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.4.4\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.6.12\bin\mysqld.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 16897 bytes

Reklama

masterbill · Příspěvekod **masterbill** » 17 srp 2015 10:40

ATF + TFC

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 17.8.2015
Čas skenování: 9:44
Protokol:
Správce: Ano

Verze: 2.1.8.1057
Databáze malwaru: v2015.08.17.03
Databáze rootkitů: v2015.08.16.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: Jindra

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 387928
Uplynulý čas: 31 min, 9 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 1
PUP.Optional.Hicosmea, HKU\S-1-5-21-2317624505-231285923-2312823853-1001_Classes\WOW6432NODE\CLSID\{33C53A50-F456-4884-B049-85FD643ECFED}, Do karantény, [6c7bd1386f1c62d410bf565da4609f61],

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 2
PUP.Optional.Gomita.A, C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\d17112b354f59637cb4c2f05575cc6fb, Do karantény, [ebfcc6438cff3ff77f9f85090cf9fa06],
PUP.Optional.Gomita.A, C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\d17112b354f59637cb4c2f05575cc6fb\content, Do karantény, [ebfcc6438cff3ff77f9f85090cf9fa06],

Soubory: 7
PUP.Optional.GreatFind.A, C:\Users\Jindra\AppData\Roaming\RHEng\739199BD989143BB8DF92740225FCDD5\setup.exe, Do karantény, [19ce37d22a61280e9da2aadd867f58a8],
PUP.Optional.GreatFind.A, C:\Users\Jindra\AppData\Local\Temp\{E80A7895-D608-45F0-92AD-D46C9607339A}.dll, Do karantény, [d71056b3a7e4bb7bdd628ff8e42147b9],
PUP.Optional.GreatFind.A, C:\Users\Jindra\AppData\Local\Temp\{F4466011-2DEB-492B-98C0-B9B4E4B16EF4}.dll, Do karantény, [df08bc4d0b8078be023d3e49fc094cb4],
PUP.Optional.Gomita.A, C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\d17112b354f59637cb4c2f05575cc6fb\install.rdf, Do karantény, [ebfcc6438cff3ff77f9f85090cf9fa06],
PUP.Optional.Gomita.A, C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\d17112b354f59637cb4c2f05575cc6fb\chrome.manifest, Do karantény, [ebfcc6438cff3ff77f9f85090cf9fa06],
PUP.Optional.Gomita.A, C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\d17112b354f59637cb4c2f05575cc6fb\content\load.js, Do karantény, [ebfcc6438cff3ff77f9f85090cf9fa06],
PUP.Optional.Gomita.A, C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\d17112b354f59637cb4c2f05575cc6fb\content\overlay.xul, Do karantény, [ebfcc6438cff3ff77f9f85090cf9fa06],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)

(end)

masterbill · Příspěvekod **masterbill** » 17 srp 2015 10:40

# AdwCleaner v5.000 - Logfile created 17/08/2015 at 10:32:16
# Updated 14/08/2015 by Xplode
# Database : 2015-08-16.2 [Server]
# Operating system : Windows 7 Professional Service Pack 1 (x64)
# Username : Jindra - RUBEŠOVI-PC
# Running from : C:\Users\Jindra\Desktop\adwcleaner_5.000.exe
# Option : Scan

***** [ Services ] *****

Service Found : swdumon

***** [ Folders ] *****

Folder Found : C:\Users\Jindra\AppData\Local\slimware utilities inc
Folder Found : C:\Users\Jindra\AppData\Roaming\RHEng

***** [ Files ] *****

File Found : C:\Users\Jindra\AppData\Roaming\Mozilla\Firefox\Profiles\52rbifuz.default\user.js
File Found : C:\Windows\Sysnative\drivers\swdumon.sys

***** [ Shortcuts ] *****

***** [ Scheduled tasks ] *****

***** [ Registry ] *****

Key Found : HKLM\SOFTWARE\Classes\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}
Key Found : HKCU\Software\SlimWare Utilities Inc
Key Found : HKLM\SOFTWARE\SlimWare Utilities Inc
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-00B0-0405-0000-0000000FF1CE}
Key Found : [x64] HKCU\Software\SlimWare Utilities Inc

***** [ Web browsers ] *****

*************************

C:\AdwCleaner[S8].txt - [1200 octets] - [17/08/2015 10:32:16]

########## EOF - C:\AdwCleaner[S8].txt - [1263 octets] ##########

masterbill · Příspěvekod **masterbill** » 17 srp 2015 10:58

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.5.6 (08.10.2015:1)
OS: Windows 7 Professional x64
Ran by Jindra on po 17.08.2015 at 10:50:21,61
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

Successfully deleted: [Service] swdumon [Reboot required]

~~~ Tasks
~~~ Registry Values

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer

~~~ Files

Successfully deleted: [File] C:\Windows\system32\drivers\swdumon.sys

~~~ Folders

Successfully deleted: [Folder] C:\Users\Jindra\Appdata\Local\slimware utilities inc
Successfully deleted: [Folder] C:\users\Public\Documents\downloaded installers
Successfully deleted: [Folder] C:\Windows\SysWOW64\ai_recyclebin

~~~ FireFox

Successfully deleted: [File] C:\Users\Jindra\AppData\Roaming\mozilla\firefox\profiles\52rbifuz.default\user.js

~~~ Chrome

Successfully deleted: [Folder] C:\Users\Jindra\Appdata\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod

[C:\Users\Jindra\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\Jindra\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
bigefpfhnfcobdlfbedofhhaibnlghod

[C:\Users\Jindra\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\Jindra\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[
bigefpfhnfcobdlfbedofhhaibnlghod
]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on po 17.08.2015 at 10:56:51,29
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Příspěvekod **Orcus** » 17 srp 2015 11:06

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
Klikni na „ Smazat“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.

Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

masterbill · Příspěvekod **masterbill** » 17 srp 2015 12:08

# AdwCleaner v5.000 - Logfile created 17/08/2015 at 11:15:20
# Updated 14/08/2015 by Xplode
# Database : 2015-08-16.2 [Server]
# Operating system : Windows 7 Professional Service Pack 1 (x64)
# Username : Jindra - RUBEŠOVI-PC
# Running from : C:\Users\Jindra\Desktop\adwcleaner_5.000.exe
# Option : Cleaning

***** [ Services ] *****
***** [ Folders ] *****

[-] Folder Deleted : C:\Users\Jindra\AppData\Local\slimware utilities inc
[-] Folder Deleted : C:\Users\Jindra\AppData\Roaming\RHEng

***** [ Files ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}
[-] Key Deleted : HKCU\Software\SlimWare Utilities Inc
[-] Key Deleted : HKLM\SOFTWARE\SlimWare Utilities Inc
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-00B0-0405-0000-0000000FF1CE}
[!] Key Not Deleted : [x64] HKCU\Software\SlimWare Utilities Inc

***** [ Web browsers ] *****
*************************
:: Proxy settings cleared
:: Winsock settings cleared
*************************
C:\AdwCleaner[C5].txt - [1161 octets] - [17/08/2015 11:15:20]
C:\AdwCleaner[S8].txt - [1336 octets] - [17/08/2015 10:32:16]
C:\AdwCleaner[S9].txt - [1223 octets] - [17/08/2015 11:11:50]
########## EOF - C:\AdwCleaner[C5].txt - [1350 octets] ##########

masterbill · Příspěvekod **masterbill** » 17 srp 2015 12:09

po ukončení se otevřelo toto okno v prohlížeči http://www.adlice.com/irp-hooks/

před ukončením se zeptat jestli může C:\Users\Jindra\AppData\Local\Temp\bootstrap.dmp nahrát na VirusTotal, tak jsem mu to povolil, ale nikde nevidím výsledek

RogueKiller V10.10.1.0 (x64) [Aug 17 2015] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno : Normální režim
Uživatel : Jindra [Práva správce]
Started from : C:\Users\Jindra\Desktop\RogueKillerX64.exe
Mód : Prohledat -- Datum : 08/17/2015 11:44:07

¤¤¤ Procesy : 1 ¤¤¤
[Proc.Injected] Dropbox.exe(2960) -- C:\Users\Jindra\AppData\Roaming\Dropbox\bin\Dropbox.exe[7] -> Zastaveno [TermProc]

¤¤¤ Registry : 7 ¤¤¤
[PUP] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SWDUMon (system32\DRIVERS\SWDUMon.sys) -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 10.3.0.1 10.1.0.20 ([(Private Address) (XX)][(Private Address) (XX)]) -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 10.3.0.1 10.1.0.20 ([(Private Address) (XX)][(Private Address) (XX)]) -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters | DhcpNameServer : 10.3.0.1 10.1.0.20 ([(Private Address) (XX)][(Private Address) (XX)]) -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{D63EE23B-4D1C-4955-8DE3-CF6EDD85BDD5} | DhcpNameServer : 10.3.0.1 10.1.0.20 ([(Private Address) (XX)][(Private Address) (XX)]) -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{D63EE23B-4D1C-4955-8DE3-CF6EDD85BDD5} | DhcpNameServer : 10.3.0.1 10.1.0.20 ([(Private Address) (XX)][(Private Address) (XX)]) -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{D63EE23B-4D1C-4955-8DE3-CF6EDD85BDD5} | DhcpNameServer : 10.3.0.1 10.1.0.20 ([(Private Address) (XX)][(Private Address) (XX)]) -> Nalezeno

¤¤¤ Úlohy : 1 ¤¤¤
[PUP] \AFC Secure Net Cleaner -- C:\Program Files (x86)\AFC Secure Net\amjob.exe -> Nalezeno

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 1 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost

¤¤¤ Antirootkit : 7 (Driver: Nahrán) ¤¤¤
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\vdrvroot.sys - IRP_MJ_CREATE[0] : Unknown @ 0x418cd61600000000
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\vdrvroot.sys - IRP_MJ_CLOSE[2] : Unknown @ 0x418cd61600000000
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\vdrvroot.sys - IRP_MJ_DEVICE_CONTROL[14] : Unknown @ 0x418cd61600000000
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\vdrvroot.sys - IRP_MJ_INTERNAL_DEVICE_CONTROL[15] : Unknown @ 0x418cd61600000000
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\vdrvroot.sys - IRP_MJ_POWER[22] : Unknown @ 0x418cd61600000000
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\vdrvroot.sys - IRP_MJ_SYSTEM_CONTROL[23] : Unknown @ 0x418cd61600000000
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\vdrvroot.sys - IRP_MJ_PNP[27] : Unknown @ 0x418cd61600000000

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: Hitachi HDT725050VLA360 ATA Device +++++
--- User ---
[MBR] a513bc5a199fa0195aabbb0395d1f270
[BSP] 74f44c5fc2d341ad8264e60091552434 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 476939 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

Příspěvekod **jaro3** » 17 srp 2015 16:31

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB (kromě myši s klávesnice) nebo externí disky z počítače před spuštěním tohoto programu.
Spusť znovu RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Pak klikni na "Prohledat " ,po jeho skončení:

- V záložkách (Registry , Tasks , Web Browser apod.) vše zatrhni (dej zatržítka)
(musíš dát myší zatržítko do toho čtverečku vlevo od registru ap.)

- Klikni na "Smazat"
- Počkej, dokud Status box nezobrazí " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

Vypni antivir i firewall.
Stáhni
Zoek.exe

a uloz si ho na plochu.
Zavři všechny ostatní programy , okna i prohlížeče.
Spusť Zoek.exe ( u win vista , win7, 8 klikni na něj pravým a vyber : „Spustit jako správce“
- pozor , náběh programu může trvat déle.

Do okna programu vlož skript níže:

Kód: Vybrat vše

autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts;

klikni na Run Script
Program provede sken , opravu, sken i oprava může trvat i více minut ,je třeba posečkat do konce. Do okna neklikej!
Program nabídne restart , potvrď .

Po restartu se může nějaký čas ukázat pouze černá plocha , to je normální. Je třeba počkat až se vytvoří log. Ten si můžeš uložit třeba do dokumentů , jinak se sám ukládá do:
C:\zoek-results.log
Zkopíruj sem celý obsah toho logu.

masterbill · Příspěvekod **masterbill** » 17 srp 2015 17:50

RogueKiller V10.10.1.0 (x64) [Aug 17 2015] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno : Normální režim
Uživatel : Jindra [Práva správce]
Started from : C:\Users\Jindra\Desktop\RogueKillerX64.exe
Mód : Smazat -- Datum : 08/17/2015 17:02:24

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 7 ¤¤¤
[PUP] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SWDUMon (system32\DRIVERS\SWDUMon.sys) -> Smazáno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 10.3.0.1 10.1.0.20 ([(Private Address) (XX)][(Private Address) (XX)]) -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 10.3.0.1 10.1.0.20 ([(Private Address) (XX)][(Private Address) (XX)]) -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters | DhcpNameServer : 10.3.0.1 10.1.0.20 ([(Private Address) (XX)][(Private Address) (XX)]) -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{D63EE23B-4D1C-4955-8DE3-CF6EDD85BDD5} | DhcpNameServer : 10.3.0.1 10.1.0.20 ([(Private Address) (XX)][(Private Address) (XX)]) -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{D63EE23B-4D1C-4955-8DE3-CF6EDD85BDD5} | DhcpNameServer : 10.3.0.1 10.1.0.20 ([(Private Address) (XX)][(Private Address) (XX)]) -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{D63EE23B-4D1C-4955-8DE3-CF6EDD85BDD5} | DhcpNameServer : 10.3.0.1 10.1.0.20 ([(Private Address) (XX)][(Private Address) (XX)]) -> Nahrazeno ()

¤¤¤ Úlohy : 1 ¤¤¤
[PUP] \AFC Secure Net Cleaner -- C:\Program Files (x86)\AFC Secure Net\amjob.exe -> Smazáno

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 1 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhostSmazáno

¤¤¤ Antirootkit : 7 (Driver: Nahrán) ¤¤¤
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\vdrvroot.sys - IRP_MJ_CREATE[0] : Unknown @ 0x418cd61600000000
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\vdrvroot.sys - IRP_MJ_CLOSE[2] : Unknown @ 0x418cd61600000000
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\vdrvroot.sys - IRP_MJ_DEVICE_CONTROL[14] : Unknown @ 0x418cd61600000000
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\vdrvroot.sys - IRP_MJ_INTERNAL_DEVICE_CONTROL[15] : Unknown @ 0x418cd61600000000
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\vdrvroot.sys - IRP_MJ_POWER[22] : Unknown @ 0x418cd61600000000
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\vdrvroot.sys - IRP_MJ_SYSTEM_CONTROL[23] : Unknown @ 0x418cd61600000000
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\vdrvroot.sys - IRP_MJ_PNP[27] : Unknown @ 0x418cd61600000000

¤¤¤ Webové prohlížeče : 2 ¤¤¤
[FIREFX:Addon] 52rbifuz.default : Avast Online Security [wrc@avast.com] -> Smazáno
[FIREFX:Addon] 52rbifuz.default : Skype Click to Call [{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}] -> Smazáno

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: Hitachi HDT725050VLA360 ATA Device +++++
--- User ---
[MBR] a513bc5a199fa0195aabbb0395d1f270
[BSP] 74f44c5fc2d341ad8264e60091552434 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 476939 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

masterbill · Příspěvekod **masterbill** » 17 srp 2015 17:50

Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by Jindra on po 17.08.2015 at 17:04:52,40.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Jindra\Desktop\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2015-03-23-192910.log 9997 bytes

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\Evernote deleted successfully
C:\Users\Jindra\AppData\Roaming\The Complete Genealogy Reporter - FTB deleted successfully
C:\Users\Jindra\AppData\Local\EmieBrowserModeList deleted successfully
C:\Users\Jindra\AppData\Local\EmieSiteList deleted successfully
C:\Users\Jindra\AppData\Local\EmieUserList deleted successfully

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== FireFox Fix ======================

Deleted from C:\Users\Jindra\AppData\Roaming\Mozilla\Firefox\Profiles\52rbifuz.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");

Added to C:\Users\Jindra\AppData\Roaming\Mozilla\Firefox\Profiles\52rbifuz.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Deleted from C:\Users\Jindra\AppData\Roaming\TomTom\HOME\Profiles\yxxhczt7.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Added to C:\Users\Jindra\AppData\Roaming\TomTom\HOME\Profiles\yxxhczt7.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Deleting Files \ Folders ======================

C:\PROGRA~2\Evernote not found
C:\PROGRA~3\Package Cache deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\Jindra\AppData\Roaming\Mozilla\Firefox\Profiles\52rbifuz.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\Jindra\AppData\Roaming\TomTom\HOME\Profiles\yxxhczt7.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [13.08.2015 06:53]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Jindra\AppData\Roaming\TomTom\HOME\Profiles\yxxhczt7.default
- Map status indicator - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com
- TomTom HOME default theme - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com
- Emulator - %ProfilePath%\extensions\Navcore.9.510.1234792@tomtom.com

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
- Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\Jindra\AppData\Roaming\Mozilla\Firefox\Profiles\52rbifuz.default
E37EAD09D28AE19D8A39B6A95F47513A - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1211151.dll - Shockwave for Director / Shockwave for Director
EC55112EDB2CE5BC2BFCACDB9C2150F4 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll - Shockwave Flash
65C1D9F74004E775F9A8598476ABE5EE - C:\Users\Jindra\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player
A523A2E4302AEB68B53F691A5C0DDE06 - C:\Users\Jindra\AppData\Local\MyComGames\npmycomdetector.dll - My.com Games Detector
54983CCB3A9AEEBC7E7A6EEB768F828E - C:\Users\Jindra\AppData\Roaming\Mozilla\plugins\npatgpc.dll - ActiveTouch General Plugin Container

==== Chromium Look ======================

Google Chrome Version: 44.0.2403.155

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[07.03.2015 09:45]
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[01.05.2015 11:17]

Avast Online Security - Jindra\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
Skype Click to Call - Jindra\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Docs - Jindra\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake

==== Chromium Startpages ======================

C:\Users\Jindra\AppData\Local\Google\Chrome\User Data\Default\Preferences
*":{"fullscreen":1},"[*.]witcher.wikia.com,*":{"fullscreen":1},"[*.]worldoftanks.eu,*":{"fullscreen":1},"[*.]www.hrej.cz,*":{"fullscreen":1},"[*.]www.milujemeserialy.eu,*":{"fullscreen":1},"[*.]www.seberizeni.cz,*":{"fullscreen":1},"http://praha.idnes.cz:80,http://praha.idnes.cz:80":{"fullscreen":1},"http://prask.nova.cz:80,http://prask.nova.cz:80":{"fullscreen":1},"http://tn.nova.cz:80,http://tn.nova.cz:80":{"fullscreen":1},"http://www.playtvak.cz:80,http://www.playtvak.cz:80":{"fullscreen":1},"http://www.twitch.tv:80,http://www.twitch.tv:80":{"fullscreen":1},"https://[*.]owa.o2.cz:443,*":{"popups":1},"https://[*.]www.facebook.com:443,*":{"fullscreen":1},"https://[*.]www.youtube.com:443,*":{"fullscreen":1},"https://openload.io:443,http://stream-a-ams1xx2sfcdnvideo5269.cz:80":{"fullscreen":1},"https://owa.o2.cz:443,https://owa.o2.cz:443":{"ssl-cert-decisions":{"cert_exceptions_map":{"4294967094FZqL6OR6L92LE+ij7uwCFcSZ8hl/ZF3kseiBqzjAUq0=":1},"guid":"777A5222-6595-4E76-B0F9-7B182B73E886","version":1}}},"pref_version":1},"created_by_version":"41.0.2272.101","exit_type":"Normal","exited_cleanly":true,"icon_version":3,"managed_user_id":"","migrated_content_settings_exceptions":true,"migrated_default_content_settings":true,"migrated_default_media_stream_content_settings":true,"name":"Person 1","per_host_zoom_levels":{}},"protection":{"macs":{}},"savefile":{"default_directory":"C:\\Users\\Jindra\\Downloads"},"selectfile":{"last_directory":"C:\\Users\\Jindra\\Desktop\\jr"},"session":{"restore_on_startup_migrated":true,"startup_urls_migration_time":"13071612651879897"},"sync":{"memory_warning_count":667},"translate_accepted_count":{"en":0,"es":0,"pl":0,"sk":0},"translate_blocked_languages":[],"translate_denied_count":{"en":2},"translate_denied_count_for_language":{"en":2,"es":1,"pl":1,"sk":2},"translate_last_denied_time":1427224733186.658,"translate_last_denied_time_for_language":{"en":1438017571174.939,"es":1438608820208.138,"pl":1439754534183.45,"sk":1439408620314.945},"translate_site_blacklist":[],"translate_too_often_denied":true,"translate_too_often_denied_for_language":{"en":true,"sk":true},"translate_whitelists":{},"zerosuggest":{"cachedresults":""}}

C:\Users\Jindra\AppData\Local\Google\Chrome\User Data\Profile 1\Preferences
{"account_tracker_service_last_update":"13084228305964008","browser":{"check_default_browser":true,"clear_lso_data_enabled":true,"last_known_google_url":"https://www.google.cz/","pepper_flash_settings_enabled":true,"window_placement":{"bottom":1050,"left":962,"maximized":true,"right":1930,"top":30,"work_area_bottom":1040,"work_area_left":0,"work_area_right":1920,"work_area_top":0}},"countryid_at_install":17242,"data_reduction":{"daily_original_length":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","903629"],"daily_original_length_via_data_reduction_proxy":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0"],"daily_original_length_with_data_reduction_proxy_enabled":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0"],"daily_received_length":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","903629"],"daily_received_length_https_with_data_reduction_proxy_enabled":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0"],"daily_received_length_long_bypass_with_data_reduction_proxy_enabled":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0"],"daily_received_length_short_bypass_with_data_reduction_proxy_enabled":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0"],"daily_received_length_unknown_with_data_reduction_proxy_enabled":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0"],"daily_received_length_via_data_reduction_proxy":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0"],"daily_received_length_with_data_reduction_proxy_enabled":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0"],"last_update_date":"13084149600000000"},"default_apps_install_state":3,"dns_prefetching":{"host_referral_list":[2,["https://accounts.google.com/",["https://accounts.google.com/",2.2733802,"https://accounts.youtube.com/",2.2733802,"https://ssl.gstatic.com/",3.2643407999999994]]],"startup_list":[1,"http://r4---sn-bg52x-2gbe.gvt1.com/","http://redirector.gvt1.com/","https://accounts.google.com/","https://accounts.youtube.com/","https://clients1.google.com/","https://clients2.google.com/","https://clients2.googleusercontent.com/","https://ssl.gstatic.com/","https://www.google.com/","https://www.googleapis.com/"]},"download":{"directory_upgrade":true},"extensions":{"alerts":{"initialized":true},"autoupdate":{"next_check":"13084248036345008"},"chrome_url_overrides":{"bookmarks":["chrome-extension://eemcgdkfndhakfknompkggombfjjjeno/main.html"]},"install_signature":{"expire_date":"2015-11-08","ids":["aohghmighlieiainnegkcijnfilokake"],"invalid_ids":[],"salt":"GC9eiuTmfQr0ubMt9l5sQ91md3gD35wuD5iu4RRRSwQ=","signature":"Aqar6LUrC+5luScnMDiwuKHkRW0ixkPzbHs9/R0c+IgUAEYaogoo7pVPBj1BIe3wXYVDXH6pdEXKbKyv67Rv/y1I4BcUkZGF4vldkAI8+ylLeIht3G2kD0OXsdjd9S18SuSGOPJ60xZy9MPfU8VCmDGwx2DyxFeBkOa+xfqqwJjyCowJLmOghrPnyOWKELHQQ8VcnAEI9OUwNSBaS3M0d7t5z3WVyYyNVK3jEt8jDsGbl3WJ2BbumgmUQ53M59rtaPeZjoH+mbbXqLUWfLq7grfu4WLZ8qkRE2kFA8zTWPJx7Tn9aUeMph7urtVt9n+/yJSTxMUUpEwSSEmZuajJ/g==","signature_format_version":2,"timestamp":"13084228311262008"},"last_chrome_version":"44.0.2403.155"},"http_original_content_length":"903629","http_received_content_length":"903629","intl":{"accept_languages":"cs-CZ,cs"},"invalidator":{"client_id":"EL++ArDUF+IeTtYMOj8IoQ=="},"media":{"device_id_salt":"YXD5HTX9DuglQLau8dBi/w=="},"partition":{"per_host_zoom_levels":{"3155232537":{}}},"plugins":{"migrated_to_pepper_flash":true,"plugins_list":[],"removed_old_component_pepper_flash_settings":true},"profile":{"avatar_bubble_tutorial_shown":2,"avatar_index":26,"content_settings":{"exceptions":{"app_banner":{},"auto_select_certificate":{},"automatic_downloads":{},"cookies":{},"fullscreen":{},"geolocation":{},"images":{},"javascript":{},"media_stream":{},"media_stream_camera":{},"media_stream_mic":{},"metro_switch_to_desktop":{},"midi_sysex":{},"mixed_script":{},"mouselock":{},"notifications":{},"plugins":{},"popups":{},"ppapi_broker":{},"protocol_handlers":{},"push_messaging":{},"ssl_cert_decisions":{}},"pattern_pairs":{},"pref_version":1},"created_by_version":"44.0.2403.155","exit_type":"Normal","exited_cleanly":true,"icon_version":3,"managed_user_id":"","migrated_content_settings_exceptions":true,"migrated_default_content_settings":true,"migrated_default_media_stream_content_settings":true,"name":"Osoba 1","per_host_zoom_levels":{}},"protection":{"macs":{}},"session":{"restore_on_startup_migrated":true,"startup_urls_migration_time":"13084228305570008"},"sync_promo":{"startup_count":1},"translate_blocked_languages":["cs"],"translate_whitelists":{}}
"128.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDCuGglK43iAz3J9BEYK/Mz6ZhloIMMDqQSAaf3vJt4eHbTbSDsu4WdQ9dQDRcKlg8nwQdePBt0C3PSUBtiSNSS37Z3qEGfS7LCju3h6pI1Yr9MQtxw+jUa7kXXIS09VV73pEFUT/F7c6Qe8L5ZxgAcBvXBh1Fie63qb02I9XQ/CQIDAQAB","name":"Gmail","options_page":"https://mail.google.com/mail/ca/#settings","permissions":["notifications"],"update_url":"http://clients2.google.com/service/update2/crx","version":"7"},"page_ordinal":"n","path":"pjkljhegncpnkpknbcohdijeoejaedia\\7_0","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":true,"was_installed_by_oem":false}}},"pinned_tabs":[],"protection":{"macs":{"browser":{"show_home_button":"31B91C9834A2D6536173084159CB505EBC66EDD385BFF2414D9A9B1B272D7376"},"default_search_provider":{"keyword":"2ECA13FF65A0B5F737A3F096BFD24EA36969E3F00C838DFB62FD2D7D746F567C","name":"943FE751781E70A64DB02BAF4CD580908365D3D4075D71712AF18574A6DD57A9","search_url":"4D0743B0D44DC3FD7C22A0BD26B242793399D1715710E92EDB6BFE02C39C252C"},"default_search_provider_data":{"template_url_data":"58752E9756A6AD11A38BBDC9D5E079345A149D332FC098E4AA86D8D5DC6B701E"},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":"E3FDDFE81DEED15581A51E14612FD9179FF8E239131B0EFE84BCF36D44BDA7F4","aohghmighlieiainnegkcijnfilokake":"FE60DED188D12B157C75E356D43B6B203D96682427DF1EB367AC5715AFBF78ED","apdfllckaahabafndbhieahigkjlhalf":"7CBB9D9AF268DC2DC5831EDABF7F38CD41A15235C26EA94595C61025C1ABEEEB","bepbmhgboaologfdajaanbcjmnhjmhfn":"486F8B9F9AE6DE2C60C8F4096BFE577A5A05C07979C75E750E2C145FEB39DB1B","blpcfgokakmgnkcojhhkbfbldkacnbeo":"FCCBDF254DB2F52B70029DBBB5685500563B39D5499CB0B1B20B63A6D331E0B4","coobgpohoikkiipiblmjeljniedjpjpf":"559FD08E1496BF820419B33D0163367852F2C597C5EEF02E49E379A93A573D97","eemcgdkfndhakfknompkggombfjjjeno":"CDF842F8FD03D4407CFB527031D923A8C84EFEB5DC0236AD87C4BE6D419A0A12","ennkphjdgehloodpbhlhldgbnhmacadg":"2AEFE56737394940EBC3304C0F68E7D6607B080B7607CEF82B5F0467C6E18FFB","gfdkimpbcpahaombhbimeihdjnejgicl":"58C91513DE44CD437B09ADBB7FF84A4200891AB25D90BF54ADD655C75AD952FE","gomekmidlodglbbmalcneegieacbdmki":"AF6C16997D46335714D9A0B1A8AAA26318755CC7C4F9B6E87A01D282CFE173CF","kmendfapggjehodndflmmgagdbamhnfd":"54404BCA41EAEC0B86C71720ED4EABB750E61022D31C15C308B71E1BA4CAE458","mfehgcgbbipciphmccgaenjidiccnmng":"ED9C45B377468333F35413BEA4959D33DF7BD9D4156AAC1BBE7785C6C2ABED2C","mfffpogegjflfpflabcdkioaeobkgjik":"438326C911556089E736D38C09F9C272458C3B69B606E5755BC904F099C36348","mgndgikekgjfcpckkfioiadnlibdjbkf":"FA80FD6B244CE0F1D73B5A40F3725D9DBBBD06BDDE71D89B191A50BEECFA5194","mhjfbmdgcfjbbpaeojofohoefgiehjai":"EAE19D028527AAE0CEC9EE344B44EA3667212DB19001D0403075E10F6DE82EFB","neajdppkdcdipfabeoofebfddakdcjhd":"009DEF4DE4524CBEB1EAD80D72A20AFEAC961788AD691113251ADDFCDD69D501","nkeimhogjdpnpccoofpliimaahmaaome":"1214B56268954BF5866958D1B7BC5B01961C1A83901936CFB9F673F4F9FB60FE","nmmhkkegccagdldgiimedpiccmgmieda":"BC3E8A9E4FA44BAC49AB286D42E17E98EC141EC42030F53F32F51D6B9EBF270D","pafkbggdmjlpgkdkcbjmhmfcdpncadgh":"7E2330C3FA690C64850CD579C5F0C88024E09B82DB4A4F65244D091461DC506E","pjkljhegncpnkpknbcohdijeoejaedia":"2B2731D915E995B40F9572C9EAAAFA6D79B35159278690036DFA73D39A410516"}},"google":{"services":{"account_id":"43EF2AF57C01463B666A054785B733A5747BAB5A8B57B62255E07DA75B03F312","last_username":"8CEC895C5A2797AAD4B7D672322CA3B1777D29F041B0EB3C43AAF3E26B017302","username":"6C1C99C8FE69EEF24E4EB10B5ACBC7E7A31A803010B50F1340B5776E6F8C8179"}},"homepage":"1F49EF5824EB830143A4E25A4BAAD7A04DD74FAD47E99FC56EEB49355E5DEA78","homepage_is_newtabpage":"91BDFDB4E45BBDD820DC3D6D4098E4676C5D22C9BC83B069286FD43CC7B04155","pinned_tabs":"D4D536CF5081492D033602662ACA3A6AB8D0A0DBFC79ACBCBA97FF07BFFF9B37","prefs":{"preference_reset_time":"953EC57BAAF04DFA428861FE09D2E5687182A345D5983B14E87DD79BB0A153B9"},"profile":{"reset_prompt_memento":"D67925405404647C607749EE3669174AA3BF4CDE8C49D995DCE68EAA79B55199"},"safebrowsing":{"incidents_sent":"91292CC7A3F85B350DCD5F304E53F78477252546D563DE3687731F0F3B9EE645"},"search_provider_overrides":"D02A687A4D83EA0636DCF4B14219D9E4A2FDFE588433E4DB4E21AD772ABDC9D3","session":{"restore_on_startup":"454BE800095E0E666778F90E1FDCA79F694F18936087EC6668F09FA62233D4CD","startup_urls":"9752C9197C347D8178CFB1993CCC33EE89D78A3CFA0CA23625C604E1EE9B9EEF"},"software_reporter":{"prompt_reason":"93C85BC418698C21940890F2C1AD5E6C5F0977DED138DA317D2CA9F4A2640D92","prompt_seed":"53EA4A4E58BEB659B8A7DCD3128F17DA07A09EF2A0A39A124B779332521BD457","prompt_version":"BA39D4EED3F3A5C4172B57B3B861A10A8795F699404767402DC5DBDA6DB134F3"},"sync":{"remaining_rollback_tries":"570249353CE0F9082D12A629DB1F25C951F44FC7DBB28B061D391AF9A2386A31"}},"super_mac":"432D6849AA1B3F799F110ADC73E3176F3AB2EEFAD8EEE7907E31AD4FCA7C9E2F"}}

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

==== Reset Google Chrome ======================

C:\Users\Jindra\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Jindra\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Jindra\AppData\Local\Google\Chrome\User Data\Profile 1\Preferences was reset successfully
C:\Users\Jindra\AppData\Local\Google\Chrome\User Data\Profile 1\Secure Preferences was reset successfully
C:\Users\Jindra\AppData\Roaming\Opera Software\Opera Stable\Preferences was reset successfully
C:\Users\Jindra\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Jindra\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
C:\Users\Jindra\AppData\Local\Google\Chrome\User Data\Profile 1\Web Data was reset successfully
C:\Users\Jindra\AppData\Local\Google\Chrome\User Data\Profile 1\Web Data-journal was reset successfully
C:\Users\Jindra\AppData\Roaming\Opera Software\Opera Stable\Web Data was reset successfully
C:\Users\Jindra\AppData\Roaming\Opera Software\Opera Stable\Web Data-journal was reset successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Jindra\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Jindra\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\Jindra\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully
C:\Users\Jindra\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\Jindra\AppData\Local\Google\Chrome\User Data\Profile 1\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=24 folders=23 14673654 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Default User\AppData\Local\temp emptied successfully
C:\Users\Jindra\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Jindra\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted

==== EOF on po 17.08.2015 at 17:41:04,69 ======================

Příspěvekod **jaro3** » 17 srp 2015 19:04

Vlož nový log z HJT + informuj o problémech.

masterbill · Příspěvekod **masterbill** » 18 srp 2015 17:26

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 17:21:40, on 18.8.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17910)

FIREFOX: 40.0 (x86 cs)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
C:\Program Files (x86)\ConMet\ConMet.exe
C:\Users\Jindra\AppData\Local\Akamai\netsession_win.exe
C:\Users\Jindra\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\GlassWire\GlassWire.exe
C:\Program Files (x86)\ROCCAT\Roccat Talk\Roccat Talk.exe
C:\Users\Jindra\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe
C:\Program Files (x86)\ROCCAT\Isku Keyboard\IskuMonitor.exe
C:\Program Files (x86)\GlassWire\GWIdlMon.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
C:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exe
C:\Users\Jindra\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\RzCefRenderProcess.exe
C:\Users\Jindra\Desktop\HijackThis.exe
C:\Windows\SysWOW64\DllHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O1 - Hosts: ::1 localhost
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
O4 - HKLM\..\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
O4 - HKLM\..\Run: [Family Tree Builder Update] C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe
O4 - HKLM\..\Run: [RoccatIsku] "C:\Program Files (x86)\ROCCAT\Isku Keyboard\IskuMonitor.EXE"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKCU\..\Run: [Rainlendar2] C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - HKCU\..\Run: [iCloudDrive] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
O4 - HKCU\..\Run: [ConMet] C:\Program Files (x86)\ConMet\ConMet.exe
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Jindra\AppData\Local\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [Dropbox Update] "C:\Users\Jindra\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
O4 - HKCU\..\Run: [GlassWire] "C:\Program Files (x86)\GlassWire\glasswire.exe" -hide
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - Startup: Dropbox.lnk = Jindra\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Global Startup: Roccat Talk.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\PROGRA~2\MICROS~3\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do OneNotu - res://C:\PROGRA~2\MICROS~3\Office15\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://*.aeriagames.com
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} (JuniperSetupClientControl Class) - https://irs.vodafone.cz/dana-cached/sc/ ... Client.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter hijack: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: GlassWire Control Service (GlassWire) - SecureMix LLC - C:\Program Files (x86)\GlassWire\GWCtlSrv.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Razer Game Scanner (Razer Game Scanner Service) - Unknown owner - C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: SACSrv - SafeNet, Inc. - C:\Program Files\SafeNet\Authentication\SAC\x64\SACSrv.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINDOWS\SYSWOW64\VMNETDHCP.EXE
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\WINDOWS\SYSWOW64\VMNAT.EXE
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.4.4\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.6.12\bin\mysqld.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 16924 bytes

Reklamy nevyskakují... ale objevil se problém při přesměrování přes platební brány na internetu, dneska jsem prováděl více plateb a jen v jednom případě bylo přesměrování úplně v pořádku upay.com - > mojebanka.cz (služba moje platba) dříve jsem tento problém nezaznamenal

kontrola logu

kontrola logu

Re: kontrola logu

Re: kontrola logu

Re: kontrola logu

Re: kontrola logu

Re: kontrola logu

Re: kontrola logu

Re: kontrola logu

Re: kontrola logu

Re: kontrola logu

Re: kontrola logu

Re: kontrola logu

Kdo je online