Zdravím, prosím o kontrolu logu. Poslední týden se mi nevysvětlitelně rychle plní systémový disk C: a tím pádem se razantně zpomaluje chod celého systému. :(
Mám systémový oddíl 40gb a z toho normálně 10-12gb volných. Během týdne tam přibylo 10gb- nic jsem tam nestahoval, odpad po prohlížečích a systému pravidelně mažu CCleanerem. Předem díky za pomoc.
Předem hlásím, že tenhle řádek v HJT fixnout nejde.
O4 - HKLM\..\Run: [AvastUI.exe] "D:\Programy\AVAST Software\Avast\AvastUI.exe" /nogui
Pužívám jen chrome -AFT nedělám. Přikládám log HJT, MBaM, JRT a RogueKiller.
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:49:09, on 6.4.2015
Platform: Windows 7 SP1 (WinNT )
MSIE: Internet Explorer v11.0 (11.00.9600.17689)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\Dělo\AppData\Local\Akamai\netsession_win.exe
C:\Users\Dělo\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
D:\Programy\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
D:\Programy\Trend Micro\HiJackThis\HiJackThis.exe
C:\Windows\SysWOW64\DllHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O1 - Hosts: ::1 localhost
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Programy\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\Programy\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [AvastUI.exe] "D:\Programy\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Dělo\AppData\Local\Akamai\netsession_win.exe"
O4 - HKUS\S-1-5-18\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://D:\Programy\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Programy\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Programy\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Programy\MICROS~1\Office12\REFIEBAR.DLL
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\Programy\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - D:\Programy\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Connectify - Unknown owner - C:\Program Files (x86)\Connectify\ConnectifyService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Garmin Core Update Service - Garmin Ltd or its subsidiaries - C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Sentinel Local License Manager (hasplms) - Unknown owner - C:\Windows\system32\hasplms.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MiRalinkRegistryWriter - Mediatek Inc. - C:\Program Files (x86)\XiaoMi\MiWiFi\RaRegistry.exe
O23 - Service: MiRalinkRegistryWriter64 - Mediatek Inc. - C:\Program Files (x86)\XiaoMi\MiWiFi\RaRegistry64.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - D:\Programy\VMWare\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\system32\vmnetdhcp.exe
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\system32\vmnat.exe
O23 - Service: VNC Server (vncserver) - RealVNC Ltd - D:\Programy\RealVNC\VNC Server\vncservice.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
--
End of file - 9248 bytes
____________________________________________________________________________________________________________________________________
# AdwCleaner v4.200 - Log vytvooen 06/04/2015 v 11:07:33
# Aktualizováno 29/03/2015 by Xplode
# Databáze : 2015-03-29.1 [Server]
# Operaení system : Windows 7 Ultimate (x64)
# Uživatelské jméno : Dělo - DĚLO-PC
# Spuštino z : C:\Users\Dělo\Desktop\Servis PC\adwcleaner_4.200.exe
# Nastavení : Sken
***** [ Služby ] *****
***** [ Soubory / Složky ] *****
Složka Nalezeno : C:\Users\Dělo\AppData\Roaming\Uniblue
***** [ Naplánované úlohy ] *****
***** [ Zástupci ] *****
***** [ Registry ] *****
Data Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <local>
***** [ Prohlížeee ] *****
-\\ Internet Explorer v11.00.9600.17689
-\\ Mozilla Firefox v
-\\ Google Chrome v41.0.2272.118
*************************
AdwCleaner[R3].txt - [1183 bytu] - [04/04/2015 21:42:51]
AdwCleaner[R4].txt - [1056 bytu] - [06/04/2015 11:05:47]
AdwCleaner[R5].txt - [922 bytu] - [06/04/2015 11:07:33]
AdwCleaner[S1].txt - [1154 bytu] - [04/04/2015 21:44:48]
########## EOF - C:\AdwCleaner\AdwCleaner[R5].txt - [1037 bytu] ##########
____________________________________________________________________________________________________________________________________
Malwarebytes Anti-Malware
http://www.malwarebytes.org
Datum skenování: 6.4.2015
Čas skenování: 11:10:38
Protokol: mbam.txt
Správce: Ano
Verze: 2.00.4.1028
Databáze malwaru: v2015.04.06.03
Databáze rootkitů: v2015.03.31.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Sebeobrany: Vypnuto
OS: Windows 7
CPU: x64
Souborový systém: NTFS
Uživatel: DÄ?lo
Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 373126
Uplynulý čas: 14 min, 29 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Varovat
PUM: Zapnuto
Procesy: 0
(Žádné zákerné zjištěny položek)
Moduly: 0
(Žádné zákerné zjištěny položek)
Klíče registru: 0
(Žádné zákerné zjištěny položek)
Hodnoty registru: 0
(Žádné zákerné zjištěny položek)
Data registru: 0
(Žádné zákerné zjištěny položek)
Složky: 0
(Žádné zákerné zjištěny položek)
Soubory: 0
(Žádné zákerné zjištěny položek)
Fyzické sektory: 0
(Žádné zákerné zjištěny položek)
(end)
Prosím kontrolu logu Vyřešeno
Prosím kontrolu logu
Naposledy upravil(a) Slegr dne 06 dub 2015 12:00, celkem upraveno 2 x.
Re: Prosím kontrolu logu
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.5.2 (04.06.2015:1)
OS: Windows 7 Ultimate x64
Ran by DŘlo on po 06.04.2015 at 11:30:45,70
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on po 06.04.2015 at 11:36:09,27
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
____________________________________________________________________________________________________________________________________
RogueKiller V10.5.8.0 (x64) [Mar 30 2015] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com
Operační systém : Windows 7 (6.1.7600 ) 64 bits version
Spuštěno : Normální režim
Uživatel : Dělo [Práva správce]
Started from : C:\Users\Dělo\Desktop\Servis PC\RogueKillerX64.exe
Mód : Prohledat -- Datum : 04/06/2015 11:43:21
¤¤¤ Procesy : 0 ¤¤¤
¤¤¤ Registry : 19 ¤¤¤
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.138 -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.138 -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.138 -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{2BDBCD78-6DF8-4867-AB27-D8D227EFA91C} | DhcpNameServer : 10.0.0.138 -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{502F794F-642D-407A-9AF6-29F1B810D653} | DhcpNameServer : 10.0.0.138 -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{57A72608-6C96-469E-8BEE-5FD70F49DFB3} | DhcpNameServer : 10.0.0.138 -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{895F2B2A-9E2A-4B23-A2C4-7C3A7CD3A157} | DhcpNameServer : 10.0.0.138 -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{2BDBCD78-6DF8-4867-AB27-D8D227EFA91C} | DhcpNameServer : 10.0.0.138 -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{502F794F-642D-407A-9AF6-29F1B810D653} | DhcpNameServer : 10.0.0.138 -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{57A72608-6C96-469E-8BEE-5FD70F49DFB3} | DhcpNameServer : 10.0.0.138 -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{895F2B2A-9E2A-4B23-A2C4-7C3A7CD3A157} | DhcpNameServer : 10.0.0.138 -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{2BDBCD78-6DF8-4867-AB27-D8D227EFA91C} | DhcpNameServer : 10.0.0.138 -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{502F794F-642D-407A-9AF6-29F1B810D653} | DhcpNameServer : 10.0.0.138 -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{57A72608-6C96-469E-8BEE-5FD70F49DFB3} | DhcpNameServer : 10.0.0.138 -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{895F2B2A-9E2A-4B23-A2C4-7C3A7CD3A157} | DhcpNameServer : 10.0.0.138 -> Nalezeno
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-3079359388-649288228-4257928273-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1 -> Nalezeno
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-3079359388-649288228-4257928273-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1 -> Nalezeno
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-3079359388-649288228-4257928273-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1 -> Nalezeno
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-3079359388-649288228-4257928273-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1 -> Nalezeno
¤¤¤ Úlohy : 0 ¤¤¤
¤¤¤ Soubory : 0 ¤¤¤
¤¤¤ Soubor HOSTS : 2 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost
[C:\Windows\System32\drivers\etc\hosts] ::1 localhost
¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤
¤¤¤ Webové prohlížeče : 0 ¤¤¤
¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: ST950032 5AS SCSI Disk Device +++++
--- User ---
[MBR] d727cf2b27853eba0ff365bf46699560
[BSP] a2d1ef3994f446a86f5cb85e12310062 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 39900 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 81922048 | Size: 436937 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
Error reading LL2 MBR! ([1] Nesprávná funkce. )
+++++ PhysicalDrive1: +++++
--- User ---
[MBR] 441ebdece83beb5773a7931c90869dc8
[BSP] c332311bfcfda0c7dbfe9955936f43d1 : Unknown MBR Code
Partition table:
0 - [XXXXXX] FAT32 (0xb) [VISIBLE] Offset (sectors): 135 | Size: 1884 MB
User = LL1 ... OK
Error reading LL2 MBR! ([32] Po?adavek není podporován. )
============================================
RKreport_DEL_01282015_200146.log - RKreport_SCN_01282015_120411.log - RKreport_SCN_01282015_200024.log
Junkware Removal Tool (JRT) by Thisisu
Version: 6.5.2 (04.06.2015:1)
OS: Windows 7 Ultimate x64
Ran by DŘlo on po 06.04.2015 at 11:30:45,70
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on po 06.04.2015 at 11:36:09,27
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
____________________________________________________________________________________________________________________________________
RogueKiller V10.5.8.0 (x64) [Mar 30 2015] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com
Operační systém : Windows 7 (6.1.7600 ) 64 bits version
Spuštěno : Normální režim
Uživatel : Dělo [Práva správce]
Started from : C:\Users\Dělo\Desktop\Servis PC\RogueKillerX64.exe
Mód : Prohledat -- Datum : 04/06/2015 11:43:21
¤¤¤ Procesy : 0 ¤¤¤
¤¤¤ Registry : 19 ¤¤¤
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.138 -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.138 -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.138 -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{2BDBCD78-6DF8-4867-AB27-D8D227EFA91C} | DhcpNameServer : 10.0.0.138 -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{502F794F-642D-407A-9AF6-29F1B810D653} | DhcpNameServer : 10.0.0.138 -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{57A72608-6C96-469E-8BEE-5FD70F49DFB3} | DhcpNameServer : 10.0.0.138 -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{895F2B2A-9E2A-4B23-A2C4-7C3A7CD3A157} | DhcpNameServer : 10.0.0.138 -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{2BDBCD78-6DF8-4867-AB27-D8D227EFA91C} | DhcpNameServer : 10.0.0.138 -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{502F794F-642D-407A-9AF6-29F1B810D653} | DhcpNameServer : 10.0.0.138 -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{57A72608-6C96-469E-8BEE-5FD70F49DFB3} | DhcpNameServer : 10.0.0.138 -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{895F2B2A-9E2A-4B23-A2C4-7C3A7CD3A157} | DhcpNameServer : 10.0.0.138 -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{2BDBCD78-6DF8-4867-AB27-D8D227EFA91C} | DhcpNameServer : 10.0.0.138 -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{502F794F-642D-407A-9AF6-29F1B810D653} | DhcpNameServer : 10.0.0.138 -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{57A72608-6C96-469E-8BEE-5FD70F49DFB3} | DhcpNameServer : 10.0.0.138 -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{895F2B2A-9E2A-4B23-A2C4-7C3A7CD3A157} | DhcpNameServer : 10.0.0.138 -> Nalezeno
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-3079359388-649288228-4257928273-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1 -> Nalezeno
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-3079359388-649288228-4257928273-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1 -> Nalezeno
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-3079359388-649288228-4257928273-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1 -> Nalezeno
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-3079359388-649288228-4257928273-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1 -> Nalezeno
¤¤¤ Úlohy : 0 ¤¤¤
¤¤¤ Soubory : 0 ¤¤¤
¤¤¤ Soubor HOSTS : 2 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost
[C:\Windows\System32\drivers\etc\hosts] ::1 localhost
¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤
¤¤¤ Webové prohlížeče : 0 ¤¤¤
¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: ST950032 5AS SCSI Disk Device +++++
--- User ---
[MBR] d727cf2b27853eba0ff365bf46699560
[BSP] a2d1ef3994f446a86f5cb85e12310062 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 39900 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 81922048 | Size: 436937 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
Error reading LL2 MBR! ([1] Nesprávná funkce. )
+++++ PhysicalDrive1: +++++
--- User ---
[MBR] 441ebdece83beb5773a7931c90869dc8
[BSP] c332311bfcfda0c7dbfe9955936f43d1 : Unknown MBR Code
Partition table:
0 - [XXXXXX] FAT32 (0xb) [VISIBLE] Offset (sectors): 135 | Size: 1884 MB
User = LL1 ... OK
Error reading LL2 MBR! ([32] Po?adavek není podporován. )
============================================
RKreport_DEL_01282015_200146.log - RKreport_SCN_01282015_120411.log - RKreport_SCN_01282015_200024.log
Re: Prosím kontrolu logu
Ahoj! :)
Tve logy vypadaji relativne v poradku.
Narust mista muze byt zpusoben systemovymi soubory jako body obnovy - zkus je promazat.
Tve logy vypadaji relativne v poradku.
Narust mista muze byt zpusoben systemovymi soubory jako body obnovy - zkus je promazat.
-
jerabina
- člen Security týmu
-
Level 6
- Příspěvky: 3647
- Registrován: březen 13
- Bydliště: Litoměřice
- Pohlaví:
- Stav:
Offline
Re: Prosím kontrolu logu
Ahoj, tvoje logy relativně v pořádku, jak již psal kolega, ale když už jsi zde, tak to dočistíme :)
Místo na disku většinou zabírají body obnovy, postupujte podle následujícího návodu:
Klikni na Start
Klikni pravým na Počítač a dej Vlastnosti
Klikni na Ochrana systému
V poli Nastavení ochrany klikni na Konfigurovat
Maximální využití si dej na 5%, to by mělo bohatě postačovat.
Klikni na Použít a následně na OK
====================================================
Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
Klikni na ,,Sken" a následně „ Smazat“, resp. nesmyslné slovo vedle skenu.
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.
====================================================
Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB nebo externí disky z počítače před spuštěním tohoto programu.
Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "
- V záložkách (Registry , Tasks , Web Browser apod.) vše zatrhni (dej zatržítka).
- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje " Mazání dokončeno "
- Klikni na "Zpráva" a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller
====================================================
Stáhni
Zoek.exe
a ulož si ho na plochu.
Zavři všechny ostatní programy, okna i prohlížeče.
Spusť Zoek.exe ( u win vista , win7, 8 klikni na něj pravým a vyber : „Spustit jako správce“
- pozor, náběh programu může trvat déle.
Do okna programu vlož tento skript:
Klikni na Run Script
Program provede sken, opravu, sken i oprava může trvat i více minut, je třeba posečkat do konce. Do okna neklikej!
Program nabídne restart , potvrď .
Po restartu se může nějaký čas ukázat pouze černá plocha , to je normální. Je třeba počkat až se vytvoří log. Ten si můžeš uložit třeba do dokumentů, jinak se sám ukládá do:
C:\zoek-results.log
Zkopíruj sem celý obsah toho logu.
====================================================
Co problémy? + nový log z HJT
Místo na disku většinou zabírají body obnovy, postupujte podle následujícího návodu:
Klikni na Start
Klikni pravým na Počítač a dej Vlastnosti
Klikni na Ochrana systému
V poli Nastavení ochrany klikni na Konfigurovat
Maximální využití si dej na 5%, to by mělo bohatě postačovat.
Klikni na Použít a následně na OK
====================================================
Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
Klikni na ,,Sken" a následně „ Smazat“, resp. nesmyslné slovo vedle skenu.
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.
====================================================
Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB nebo externí disky z počítače před spuštěním tohoto programu.
Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "
- V záložkách (Registry , Tasks , Web Browser apod.) vše zatrhni (dej zatržítka).
- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje " Mazání dokončeno "
- Klikni na "Zpráva" a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller
====================================================
Stáhni
Zoek.exe
a ulož si ho na plochu.
Zavři všechny ostatní programy, okna i prohlížeče.
Spusť Zoek.exe ( u win vista , win7, 8 klikni na něj pravým a vyber : „Spustit jako správce“
- pozor, náběh programu může trvat déle.
Do okna programu vlož tento skript:
Kód: Vybrat vše
autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts;Klikni na Run Script
Program provede sken, opravu, sken i oprava může trvat i více minut, je třeba posečkat do konce. Do okna neklikej!
Program nabídne restart , potvrď .
Po restartu se může nějaký čas ukázat pouze černá plocha , to je normální. Je třeba počkat až se vytvoří log. Ten si můžeš uložit třeba do dokumentů, jinak se sám ukládá do:
C:\zoek-results.log
Zkopíruj sem celý obsah toho logu.
====================================================
Co problémy? + nový log z HJT
Když nevíš jak dál, přichází na řadu prostudovat manuál!
HJT návod
Pokud neodpovídám do vašich témat v sekci HJT když jsem online, tak je to jen proto, že jsem na mobilu kde je studování logů a psaní skriptů nemožné. Neberte to tedy prosím jako ignoraci.
HJT návod
Pokud neodpovídám do vašich témat v sekci HJT když jsem online, tak je to jen proto, že jsem na mobilu kde je studování logů a psaní skriptů nemožné. Neberte to tedy prosím jako ignoraci.
Re: Prosím kontrolu logu
Jakým způsobem promazat tyto body obnovy aby mi třeba zůstal aspoň jeden systémový aktuální? Nemyslím si, že by to bylo tím. Za roky co tenhle noťák mám, tak se mi to nestalo a žádné nastavení jsem poslední dobou neměnil.
Jinak to maximální využití bylo nastaveno na 2%.
Mám 2gb volného místa na systémovém disku a není odtud co přesunout, takže noťas jede jako šnek.
# AdwCleaner v4.200 - Log vytvooen 06/04/2015 v 14:14:32
# Aktualizováno 29/03/2015 by Xplode
# Databáze : 2015-03-29.1 [Server]
# Operaení system : Windows 7 Ultimate (x64)
# Uživatelské jméno : Dělo - DĚLO-PC
# Spuštino z : C:\Users\Dělo\Desktop\Servis PC\adwcleaner_4.200.exe
# Nastavení : Eištiní
***** [ Služby ] *****
***** [ Soubory / Složky ] *****
[!] Složka Smazáno : C:\Users\Dělo\AppData\Roaming\Uniblue
***** [ Naplánované úlohy ] *****
***** [ Zástupci ] *****
***** [ Registry ] *****
Data Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <local>
***** [ Prohlížeee ] *****
-\\ Internet Explorer v8.0.7600.16385
-\\ Mozilla Firefox v
-\\ Google Chrome v41.0.2272.118
*************************
AdwCleaner[R3].txt - [1183 bytu] - [04/04/2015 21:42:51]
AdwCleaner[R4].txt - [1056 bytu] - [06/04/2015 11:05:47]
AdwCleaner[R5].txt - [1115 bytu] - [06/04/2015 11:07:33]
AdwCleaner[R6].txt - [1173 bytu] - [06/04/2015 14:12:51]
AdwCleaner[S1].txt - [1154 bytu] - [04/04/2015 21:44:48]
AdwCleaner[S2].txt - [1101 bytu] - [06/04/2015 14:14:32]
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1159 bytu] ##########
__________________________________________________________________________________________________________________________
RogueKiller V10.5.8.0 (x64) [Mar 30 2015] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com
Operační systém : Windows 7 (6.1.7600 ) 64 bits version
Spuštěno : Normální režim
Uživatel : Dělo [Práva správce]
Started from : C:\Users\Dělo\Desktop\Servis PC\RogueKillerX64.exe
Mód : Smazat -- Datum : 04/06/2015 14:26:19
¤¤¤ Procesy : 0 ¤¤¤
¤¤¤ Registry : 19 ¤¤¤
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters | DhcpNameServer : -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{2BDBCD78-6DF8-4867-AB27-D8D227EFA91C} | DhcpNameServer : -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{502F794F-642D-407A-9AF6-29F1B810D653} | DhcpNameServer : -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{57A72608-6C96-469E-8BEE-5FD70F49DFB3} | DhcpNameServer : -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{895F2B2A-9E2A-4B23-A2C4-7C3A7CD3A157} | DhcpNameServer : -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{2BDBCD78-6DF8-4867-AB27-D8D227EFA91C} | DhcpNameServer : -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{502F794F-642D-407A-9AF6-29F1B810D653} | DhcpNameServer : -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{57A72608-6C96-469E-8BEE-5FD70F49DFB3} | DhcpNameServer : -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{895F2B2A-9E2A-4B23-A2C4-7C3A7CD3A157} | DhcpNameServer : -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{2BDBCD78-6DF8-4867-AB27-D8D227EFA91C} | DhcpNameServer : -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{502F794F-642D-407A-9AF6-29F1B810D653} | DhcpNameServer : -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{57A72608-6C96-469E-8BEE-5FD70F49DFB3} | DhcpNameServer : -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{895F2B2A-9E2A-4B23-A2C4-7C3A7CD3A157} | DhcpNameServer : -> Nahrazeno ()
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-3079359388-649288228-4257928273-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 0 -> Nahrazeno (0)
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-3079359388-649288228-4257928273-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 0 -> Nahrazeno (0)
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-3079359388-649288228-4257928273-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 0 -> Nahrazeno (0)
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-3079359388-649288228-4257928273-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 0 -> Nahrazeno (0)
¤¤¤ Úlohy : 0 ¤¤¤
¤¤¤ Soubory : 0 ¤¤¤
¤¤¤ Soubor HOSTS : 2 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost -> Smazáno
[C:\Windows\System32\drivers\etc\hosts] ::1 localhost -> Smazáno
¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤
¤¤¤ Webové prohlížeče : 0 ¤¤¤
¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: ST950032 5AS SCSI Disk Device +++++
--- User ---
[MBR] d727cf2b27853eba0ff365bf46699560
[BSP] a2d1ef3994f446a86f5cb85e12310062 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 39900 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 81922048 | Size: 436937 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
Error reading LL2 MBR! ([1] Nesprávná funkce. )
+++++ PhysicalDrive1: +++++
--- User ---
[MBR] 441ebdece83beb5773a7931c90869dc8
[BSP] c332311bfcfda0c7dbfe9955936f43d1 : Unknown MBR Code
Partition table:
0 - [XXXXXX] FAT32 (0xb) [VISIBLE] Offset (sectors): 135 | Size: 1884 MB
User = LL1 ... OK
Error reading LL2 MBR! ([32] Po?adavek není podporován. )
============================================
RKreport_DEL_01282015_200146.log - RKreport_SCN_01282015_120411.log - RKreport_SCN_01282015_200024.log - RKreport_SCN_04062015_114321.log
RKreport_SCN_04062015_142438.log - RKreport_DEL_04062015_142600.log
__________________________________________________________________________________________________________________________
Zoek.exe v5.0.0.0 Updated 02-April-2015
Tool run by DŘlo on po 06.04.2015 at 14:45:04,64.
Microsoft Windows 7 Ultimate 6.1.7600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\DLO~1\Desktop\Servis PC\zoek (1).exe [Scan all users] [Script inserted]
==== System Restore Info ======================
6.4.2015 14:46:06 Zoek.exe System Restore Point Created Successfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Empty Folders Check ======================
C:\PROGRA~2\AGEIA Technologies deleted successfully
C:\PROGRA~3\Mediatek deleted successfully
C:\Users\Public\AppData\\Local deleted successfully
C:\Users\DLO~1\AppData\Local\CrashDumps deleted successfully
C:\Users\DLO~1\AppData\Local\RealVNC deleted successfully
C:\Users\DLO~1\AppData\Local\VMware deleted successfully
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\DLO~1\AppData\Roaming\Mozilla\Firefox\Profiles\t6z2i8kw.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
Added to C:\Users\DLO~1\AppData\Roaming\Mozilla\Firefox\Profiles\t6z2i8kw.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Deleting Files \ Folders ======================
C:\PROGRA~2\AGEIA Technologies not found
C:\PROGRA~3\Package Cache deleted
==== Firefox Start and Search pages ======================
ProfilePath: C:\Users\DLO~1\AppData\Roaming\Mozilla\Firefox\Profiles\t6z2i8kw.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="D:\Programy\AVAST Software\Avast\WebRep\FF" [28.01.2015 09:53]
==== Firefox Extensions ======================
ProfilePath: C:\Users\DLO~1\AppData\Roaming\Mozilla\Firefox\Profiles\t6z2i8kw.default
- Undetermined - C:\Users\Dělo\AppData\Roaming\Mozilla\Firefox\Profiles\t6z2i8kw.default\extensions\foxyproxy@eric.h.jung
- FoxyProxy Basic - %ProfilePath%\extensions\foxyproxy@eric.h.jung
- DownloadHelper - %ProfilePath%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
- My-Translator - %ProfilePath%\extensions\My-Translator@eugenche.com.xpi
- Super Hide IP - %ProfilePath%\extensions\support@super-hide-ip.com.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
==== Firefox Plugins ======================
==== Chromium Look ======================
Google Chrome Version: 41.0.2272.118 (Latest Stable version: 41.0.2272.118)
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - D:\Programy\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[13.01.2015 16:44]
Avast Online Security - DLO~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
==== Chromium Startpages ======================
C:\Users\DLO~1\AppData\Local\Google\Chrome\User Data\Default\Preferences
"homepage": "https://www.seznam.cz/",
"startup_urls": [ "https://www.seznam.cz/" ]
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
==== Reset Google Chrome ======================
C:\Users\DLO~1\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\DLO~1\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\DLO~1\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\DLO~1\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\DLO~1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
==== Empty FireFox Cache ======================
No FireFox Cache found
==== Empty Chrome Cache ======================
C:\Users\DLO~1\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
No Flash Cache Found
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=77 folders=37 175873332 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Default User\AppData\Local\temp emptied successfully
C:\Users\DLO~1\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\DLO~1\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\Users\DLO~1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
==== EOF on po 06.04.2015 at 16:36:44,73 ======================
Jinak to maximální využití bylo nastaveno na 2%.
Mám 2gb volného místa na systémovém disku a není odtud co přesunout, takže noťas jede jako šnek.
# AdwCleaner v4.200 - Log vytvooen 06/04/2015 v 14:14:32
# Aktualizováno 29/03/2015 by Xplode
# Databáze : 2015-03-29.1 [Server]
# Operaení system : Windows 7 Ultimate (x64)
# Uživatelské jméno : Dělo - DĚLO-PC
# Spuštino z : C:\Users\Dělo\Desktop\Servis PC\adwcleaner_4.200.exe
# Nastavení : Eištiní
***** [ Služby ] *****
***** [ Soubory / Složky ] *****
[!] Složka Smazáno : C:\Users\Dělo\AppData\Roaming\Uniblue
***** [ Naplánované úlohy ] *****
***** [ Zástupci ] *****
***** [ Registry ] *****
Data Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <local>
***** [ Prohlížeee ] *****
-\\ Internet Explorer v8.0.7600.16385
-\\ Mozilla Firefox v
-\\ Google Chrome v41.0.2272.118
*************************
AdwCleaner[R3].txt - [1183 bytu] - [04/04/2015 21:42:51]
AdwCleaner[R4].txt - [1056 bytu] - [06/04/2015 11:05:47]
AdwCleaner[R5].txt - [1115 bytu] - [06/04/2015 11:07:33]
AdwCleaner[R6].txt - [1173 bytu] - [06/04/2015 14:12:51]
AdwCleaner[S1].txt - [1154 bytu] - [04/04/2015 21:44:48]
AdwCleaner[S2].txt - [1101 bytu] - [06/04/2015 14:14:32]
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1159 bytu] ##########
__________________________________________________________________________________________________________________________
RogueKiller V10.5.8.0 (x64) [Mar 30 2015] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com
Operační systém : Windows 7 (6.1.7600 ) 64 bits version
Spuštěno : Normální režim
Uživatel : Dělo [Práva správce]
Started from : C:\Users\Dělo\Desktop\Servis PC\RogueKillerX64.exe
Mód : Smazat -- Datum : 04/06/2015 14:26:19
¤¤¤ Procesy : 0 ¤¤¤
¤¤¤ Registry : 19 ¤¤¤
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters | DhcpNameServer : -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{2BDBCD78-6DF8-4867-AB27-D8D227EFA91C} | DhcpNameServer : -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{502F794F-642D-407A-9AF6-29F1B810D653} | DhcpNameServer : -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{57A72608-6C96-469E-8BEE-5FD70F49DFB3} | DhcpNameServer : -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{895F2B2A-9E2A-4B23-A2C4-7C3A7CD3A157} | DhcpNameServer : -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{2BDBCD78-6DF8-4867-AB27-D8D227EFA91C} | DhcpNameServer : -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{502F794F-642D-407A-9AF6-29F1B810D653} | DhcpNameServer : -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{57A72608-6C96-469E-8BEE-5FD70F49DFB3} | DhcpNameServer : -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{895F2B2A-9E2A-4B23-A2C4-7C3A7CD3A157} | DhcpNameServer : -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{2BDBCD78-6DF8-4867-AB27-D8D227EFA91C} | DhcpNameServer : -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{502F794F-642D-407A-9AF6-29F1B810D653} | DhcpNameServer : -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{57A72608-6C96-469E-8BEE-5FD70F49DFB3} | DhcpNameServer : -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{895F2B2A-9E2A-4B23-A2C4-7C3A7CD3A157} | DhcpNameServer : -> Nahrazeno ()
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-3079359388-649288228-4257928273-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 0 -> Nahrazeno (0)
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-3079359388-649288228-4257928273-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 0 -> Nahrazeno (0)
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-3079359388-649288228-4257928273-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 0 -> Nahrazeno (0)
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-3079359388-649288228-4257928273-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 0 -> Nahrazeno (0)
¤¤¤ Úlohy : 0 ¤¤¤
¤¤¤ Soubory : 0 ¤¤¤
¤¤¤ Soubor HOSTS : 2 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost -> Smazáno
[C:\Windows\System32\drivers\etc\hosts] ::1 localhost -> Smazáno
¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤
¤¤¤ Webové prohlížeče : 0 ¤¤¤
¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: ST950032 5AS SCSI Disk Device +++++
--- User ---
[MBR] d727cf2b27853eba0ff365bf46699560
[BSP] a2d1ef3994f446a86f5cb85e12310062 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 39900 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 81922048 | Size: 436937 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
Error reading LL2 MBR! ([1] Nesprávná funkce. )
+++++ PhysicalDrive1: +++++
--- User ---
[MBR] 441ebdece83beb5773a7931c90869dc8
[BSP] c332311bfcfda0c7dbfe9955936f43d1 : Unknown MBR Code
Partition table:
0 - [XXXXXX] FAT32 (0xb) [VISIBLE] Offset (sectors): 135 | Size: 1884 MB
User = LL1 ... OK
Error reading LL2 MBR! ([32] Po?adavek není podporován. )
============================================
RKreport_DEL_01282015_200146.log - RKreport_SCN_01282015_120411.log - RKreport_SCN_01282015_200024.log - RKreport_SCN_04062015_114321.log
RKreport_SCN_04062015_142438.log - RKreport_DEL_04062015_142600.log
__________________________________________________________________________________________________________________________
Zoek.exe v5.0.0.0 Updated 02-April-2015
Tool run by DŘlo on po 06.04.2015 at 14:45:04,64.
Microsoft Windows 7 Ultimate 6.1.7600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\DLO~1\Desktop\Servis PC\zoek (1).exe [Scan all users] [Script inserted]
==== System Restore Info ======================
6.4.2015 14:46:06 Zoek.exe System Restore Point Created Successfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Empty Folders Check ======================
C:\PROGRA~2\AGEIA Technologies deleted successfully
C:\PROGRA~3\Mediatek deleted successfully
C:\Users\Public\AppData\\Local deleted successfully
C:\Users\DLO~1\AppData\Local\CrashDumps deleted successfully
C:\Users\DLO~1\AppData\Local\RealVNC deleted successfully
C:\Users\DLO~1\AppData\Local\VMware deleted successfully
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\DLO~1\AppData\Roaming\Mozilla\Firefox\Profiles\t6z2i8kw.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
Added to C:\Users\DLO~1\AppData\Roaming\Mozilla\Firefox\Profiles\t6z2i8kw.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Deleting Files \ Folders ======================
C:\PROGRA~2\AGEIA Technologies not found
C:\PROGRA~3\Package Cache deleted
==== Firefox Start and Search pages ======================
ProfilePath: C:\Users\DLO~1\AppData\Roaming\Mozilla\Firefox\Profiles\t6z2i8kw.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="D:\Programy\AVAST Software\Avast\WebRep\FF" [28.01.2015 09:53]
==== Firefox Extensions ======================
ProfilePath: C:\Users\DLO~1\AppData\Roaming\Mozilla\Firefox\Profiles\t6z2i8kw.default
- Undetermined - C:\Users\Dělo\AppData\Roaming\Mozilla\Firefox\Profiles\t6z2i8kw.default\extensions\foxyproxy@eric.h.jung
- FoxyProxy Basic - %ProfilePath%\extensions\foxyproxy@eric.h.jung
- DownloadHelper - %ProfilePath%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
- My-Translator - %ProfilePath%\extensions\My-Translator@eugenche.com.xpi
- Super Hide IP - %ProfilePath%\extensions\support@super-hide-ip.com.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
==== Firefox Plugins ======================
==== Chromium Look ======================
Google Chrome Version: 41.0.2272.118 (Latest Stable version: 41.0.2272.118)
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - D:\Programy\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[13.01.2015 16:44]
Avast Online Security - DLO~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
==== Chromium Startpages ======================
C:\Users\DLO~1\AppData\Local\Google\Chrome\User Data\Default\Preferences
"homepage": "https://www.seznam.cz/",
"startup_urls": [ "https://www.seznam.cz/" ]
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
==== Reset Google Chrome ======================
C:\Users\DLO~1\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\DLO~1\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\DLO~1\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\DLO~1\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\DLO~1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
==== Empty FireFox Cache ======================
No FireFox Cache found
==== Empty Chrome Cache ======================
C:\Users\DLO~1\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
No Flash Cache Found
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=77 folders=37 175873332 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Default User\AppData\Local\temp emptied successfully
C:\Users\DLO~1\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\DLO~1\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\Users\DLO~1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
==== EOF on po 06.04.2015 at 16:36:44,73 ======================
Naposledy upravil(a) Slegr dne 06 dub 2015 16:56, celkem upraveno 1 x.
Re: Prosím kontrolu logu
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:49:51, on 6.4.2015
Platform: Windows 7 SP1 (WinNT )
MSIE: Internet Explorer v11.0 (11.00.9600.17689)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\Dělo\AppData\Local\Akamai\netsession_win.exe
C:\Users\Dělo\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
D:\Programy\AVAST Software\Avast\avastui.exe
D:\Programy\Trend Micro\HiJackThis\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O1 - Hosts: ::1 localhost
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Programy\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\Programy\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [AvastUI.exe] "D:\Programy\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Dělo\AppData\Local\Akamai\netsession_win.exe"
O4 - HKUS\S-1-5-18\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://D:\Programy\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Programy\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Programy\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Programy\MICROS~1\Office12\REFIEBAR.DLL
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\Programy\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - D:\Programy\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Connectify - Unknown owner - C:\Program Files (x86)\Connectify\ConnectifyService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Garmin Core Update Service - Garmin Ltd or its subsidiaries - C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Sentinel Local License Manager (hasplms) - Unknown owner - C:\Windows\system32\hasplms.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MiRalinkRegistryWriter - Mediatek Inc. - C:\Program Files (x86)\XiaoMi\MiWiFi\RaRegistry.exe
O23 - Service: MiRalinkRegistryWriter64 - Mediatek Inc. - C:\Program Files (x86)\XiaoMi\MiWiFi\RaRegistry64.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - D:\Programy\VMWare\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\system32\vmnetdhcp.exe
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\system32\vmnat.exe
O23 - Service: VNC Server (vncserver) - RealVNC Ltd - D:\Programy\RealVNC\VNC Server\vncservice.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
--
End of file - 8910 bytes
Scan saved at 16:49:51, on 6.4.2015
Platform: Windows 7 SP1 (WinNT )
MSIE: Internet Explorer v11.0 (11.00.9600.17689)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\Dělo\AppData\Local\Akamai\netsession_win.exe
C:\Users\Dělo\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
D:\Programy\AVAST Software\Avast\avastui.exe
D:\Programy\Trend Micro\HiJackThis\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O1 - Hosts: ::1 localhost
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Programy\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\Programy\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [AvastUI.exe] "D:\Programy\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Dělo\AppData\Local\Akamai\netsession_win.exe"
O4 - HKUS\S-1-5-18\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://D:\Programy\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Programy\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Programy\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Programy\MICROS~1\Office12\REFIEBAR.DLL
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\Programy\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - D:\Programy\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Connectify - Unknown owner - C:\Program Files (x86)\Connectify\ConnectifyService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Garmin Core Update Service - Garmin Ltd or its subsidiaries - C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Sentinel Local License Manager (hasplms) - Unknown owner - C:\Windows\system32\hasplms.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MiRalinkRegistryWriter - Mediatek Inc. - C:\Program Files (x86)\XiaoMi\MiWiFi\RaRegistry.exe
O23 - Service: MiRalinkRegistryWriter64 - Mediatek Inc. - C:\Program Files (x86)\XiaoMi\MiWiFi\RaRegistry64.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - D:\Programy\VMWare\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\system32\vmnetdhcp.exe
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\system32\vmnat.exe
O23 - Service: VNC Server (vncserver) - RealVNC Ltd - D:\Programy\RealVNC\VNC Server\vncservice.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
--
End of file - 8910 bytes
Re: Prosím kontrolu logu
V pořádku. Jsou nějaké problémy?
-
jerabina
- člen Security týmu
-
Level 6
- Příspěvky: 3647
- Registrován: březen 13
- Bydliště: Litoměřice
- Pohlaví:
- Stav:
Offline
Re: Prosím kontrolu logu
Pokud nejsou problémy, tak odstraníme čistící nástroje, vyčistíme body obnovy a vytvoříme nový + poslední dodělávky :)
Zavři ostatní programy/prohlížeče, odpoj se od internetu a v HJT fixni:
NÁVOD
Vyčisti počítač CCleanerem
Stáhni si zde DelFix
https://toolslib.net/downloads/viewdownload/2-delfix/
ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7 a 8, musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore) .
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci.
Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem. Jinak je zpráva zde:
v C: \ DelFix.txt
Pokud nejsou problémy, je to vše a můžeš dát vyřešeno - zelenou "fajfku"
Zavři ostatní programy/prohlížeče, odpoj se od internetu a v HJT fixni:
NÁVOD
Kód: Vybrat vše
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O1 - Hosts: ::1 localhostVyčisti počítač CCleanerem
Stáhni si zde DelFix
https://toolslib.net/downloads/viewdownload/2-delfix/
ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7 a 8, musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore) .
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci.
Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem. Jinak je zpráva zde:
v C: \ DelFix.txt
Pokud nejsou problémy, je to vše a můžeš dát vyřešeno - zelenou "fajfku"
Když nevíš jak dál, přichází na řadu prostudovat manuál!
HJT návod
Pokud neodpovídám do vašich témat v sekci HJT když jsem online, tak je to jen proto, že jsem na mobilu kde je studování logů a psaní skriptů nemožné. Neberte to tedy prosím jako ignoraci.
HJT návod
Pokud neodpovídám do vašich témat v sekci HJT když jsem online, tak je to jen proto, že jsem na mobilu kde je studování logů a psaní skriptů nemožné. Neberte to tedy prosím jako ignoraci.
Re: Prosím kontrolu logu
Z vašeho pohledu tam asi problém není, ale z mého přetrvává. Stále nevím jak se mi mohla jen tak zaplnit 1/4 systémového disku. Zkusím na to přijít sám. Jinak děkuji za váš čas. :) Dávám fajfku.
DelFix v10.9 - Logfile created 06/04/2015 at 17:16:55
# Updated 27/02/2015 by Xplode
# Username : Dělo - DĚLO-PC
# Operating System : Windows 7 Ultimate (64 bits)
~ Removing disinfection tools ...
Deleted : C:\zoek_backup
Deleted : C:\AdwCleaner
Deleted : C:\zoek-results.log
Deleted : C:\Users\Dělo\Desktop\AdwCleaner[S2].txt
Deleted : C:\Users\Dělo\Desktop\JRT.txt
Deleted : C:\Users\Dělo\Desktop\hijackthis.log
Deleted : C:\Users\Dělo\Desktop\hijackthis1
Deleted : C:\Users\Dělo\Desktop\RKreport_DEL_04062015_142619.log
Deleted : HKLM\SOFTWARE\AdwCleaner
Deleted : HKLM\SOFTWARE\Swearware
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis
Error when deleting (1) : HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ASWMBR
~ Cleaning system restore ...
New restore point created !
########## - EOF - ##########
DelFix v10.9 - Logfile created 06/04/2015 at 17:16:55
# Updated 27/02/2015 by Xplode
# Username : Dělo - DĚLO-PC
# Operating System : Windows 7 Ultimate (64 bits)
~ Removing disinfection tools ...
Deleted : C:\zoek_backup
Deleted : C:\AdwCleaner
Deleted : C:\zoek-results.log
Deleted : C:\Users\Dělo\Desktop\AdwCleaner[S2].txt
Deleted : C:\Users\Dělo\Desktop\JRT.txt
Deleted : C:\Users\Dělo\Desktop\hijackthis.log
Deleted : C:\Users\Dělo\Desktop\hijackthis1
Deleted : C:\Users\Dělo\Desktop\RKreport_DEL_04062015_142619.log
Deleted : HKLM\SOFTWARE\AdwCleaner
Deleted : HKLM\SOFTWARE\Swearware
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis
Error when deleting (1) : HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ASWMBR
~ Cleaning system restore ...
New restore point created !
########## - EOF - ##########
-
jerabina
- člen Security týmu
-
Level 6
- Příspěvky: 3647
- Registrován: březen 13
- Bydliště: Litoměřice
- Pohlaví:
- Stav:
Offline
Re: Prosím kontrolu logu
Může se jednat o systémovou aktualizaci, body obnovy ... teď by se mělo nějaké místo uvolnit po smazání bodů obnovy.
Když nevíš jak dál, přichází na řadu prostudovat manuál!
HJT návod
Pokud neodpovídám do vašich témat v sekci HJT když jsem online, tak je to jen proto, že jsem na mobilu kde je studování logů a psaní skriptů nemožné. Neberte to tedy prosím jako ignoraci.
HJT návod
Pokud neodpovídám do vašich témat v sekci HJT když jsem online, tak je to jen proto, že jsem na mobilu kde je studování logů a psaní skriptů nemožné. Neberte to tedy prosím jako ignoraci.
Re: Prosím kontrolu logu
No stačilo říct, že nejsme hotovi. 
Otevři si administrátorskou konzoli: http://forums.avg.com/cz-cs/avg-forums? ... ow&id=1787
Do ní zadej:
Výstup?
Otevři si administrátorskou konzoli: http://forums.avg.com/cz-cs/avg-forums? ... ow&id=1787
Do ní zadej:
Kód: Vybrat vše
vssadmin list shadowstorageVýstup?
Re: Prosím kontrolu logu
Psal jsem v příspěvku ještě před HJT logem. :) Jinak místa je ještě míň. Teď jsou volné necelé 1,4gb.
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 92 hostů