Zdravím, prosím o pomoc.
Už několikrát v posledních dnech se mi stalo, že absolutně zamzrl počítač, nešlo dělat nic, na nic nereagoval a musel jsem ho natvrdo vypnout a znova spustit.
tady log:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:42:23, on 11.7.2015
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
FIREFOX: 39.0 (x86 cs)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\System32\wudfhost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\OSCAR Editor X7\OscarEditor.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRAM FILES\DAEMON TOOLS\DAEMON.EXE
C:\PROGRAM FILES\GAMEPARK2\GPCL.EXE
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Documents and Settings\Honzik\Data aplikací\Dropbox\bin\Dropbox.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Evernote\Evernote\EvernoteClipper.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Documents and Settings\Honzik\Plocha\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
O1 - Hosts: ˙ţ
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (file missing)
O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (file missing)
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll (file missing)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (file missing)
O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files\Evernote\Evernote\EvernoteIE.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (file missing)
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll (file missing)
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [IMSS] "C:\Program Files\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [OscarEditor] "C:\Program Files\OSCAR Editor X7\OscarEditor.exe" Minimum
O4 - HKCU\..\Run: [Dropbox Update] "C:\Documents and Settings\Honzik\Local Settings\Data aplikací\Dropbox\Update\DropboxUpdate.exe" /c
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Dropbox.lnk = ?
O4 - Startup: EvernoteClipper.lnk = C:\Program Files\Evernote\Evernote\EvernoteClipper.exe
O8 - Extra context menu item: Clip selection - C:\Program Files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3
O8 - Extra context menu item: Clip this page - C:\Program Files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1
O8 - Extra context menu item: Clip URL - C:\Program Files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0
O8 - Extra context menu item: Download with GetRight - C:\Program Files\GetRight\GRdownload.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint - Náhled - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint - Přidat na seznam k tisku - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint - Tisk - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint - Vysokorychlostní tisk - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O8 - Extra context menu item: Nová poznámka - C:\Program Files\Evernote\Evernote\\EvernoteIERes\NewNote.html
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Open with GetRight Browser - C:\Program Files\GetRight\GRbrowse.htm
O9 - Extra button: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra 'Tools' menuitem: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O17 - HKLM\System\CCS\Services\Tcpip\..\{48C3E7D4-42F5-491A-9FF0-BDC622AFD4C2}: NameServer = 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\..\{645A233A-9386-4466-8F2B-A73774C6CB09}: NameServer = 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\..\{B24B0124-61EE-4332-84B3-732C45BE057C}: NameServer = 8.8.8.8
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Advanced SystemCare Service 5 (AdvancedSystemCareService5) - IObit - C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Futuremark SystemInfo Service - Futuremark Corporation - C:\Program Files\Futuremark\Futuremark SystemInfo\FMSISvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SF FrontLine Drivers Auto Removal (v1) (sfrem01) - Protection Technology (StarForce) - C:\WINDOWS\system32\sfrem01.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Sony Ericsson PCCompanion - Avanquest Software - C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
--
End of file - 11201 bytes
Prosím o knotrolu, problém: zamzrnutí PC Vyřešeno
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o knotrolu, problém: zamzrnutí PC
Odinstaluj IObit Advanced SystemCare 5
Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.
- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.
Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.
Stáhni AdwCleaner (by Xplode)
http://www.bleepingcomputer.com/download/adwcleaner/
Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.
Stáhni si Malwarebytes' Anti-Malware
- Při instalaci odeber zatržítko u „Povolit bezplatnou zkušební verzi Malwarebytes' Anti-Malware Premium“
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a klikni na Skenovat nyní a
- po proběhnutí programu se ti objeví hláška vpravo dole tak klikni na b] Kopírovat do schránky [/b]a a vlož sem celý log.
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Pokud budou problémy , spusť v nouz. režimu.
Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.
- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.
Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.
Stáhni AdwCleaner (by Xplode)
http://www.bleepingcomputer.com/download/adwcleaner/
Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.
Stáhni si Malwarebytes' Anti-Malware
- Při instalaci odeber zatržítko u „Povolit bezplatnou zkušební verzi Malwarebytes' Anti-Malware Premium“
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a klikni na Skenovat nyní a
- po proběhnutí programu se ti objeví hláška vpravo dole tak klikni na b] Kopírovat do schránky [/b]a a vlož sem celý log.
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Pokud budou problémy , spusť v nouz. režimu.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Prosím o knotrolu, problém: zamzrnutí PC
# AdwCleaner v4.208 - Log vytvořen 11/07/2015 v 10:02:18
# Aktualizováno 09/07/2015 by Xplode
# Databáze : 2015-07-09.2 [Local]
# Operační system : Microsoft Windows XP Service Pack 3 (x86)
# Uživatelské jméno : Honzik - JENIK
# Spuštěno z : C:\Documents and Settings\Honzik\Plocha\AdwCleaner.exe
# Nastavení : Sken
***** [ Služby ] *****
***** [ Soubory / Složky ] *****
Složka Nalezeno : C:\Documents and Settings\All Users\Data aplikací\apn
Složka Nalezeno : C:\Documents and Settings\All Users\Data aplikací\AskPartnerNetwork
Složka Nalezeno : C:\Documents and Settings\All Users\Data aplikací\ICQ\ICQToolbar
Složka Nalezeno : C:\Documents and Settings\All Users\Data aplikací\Premium
Složka Nalezeno : C:\Documents and Settings\Honzik\Data aplikací\pdfforge
Složka Nalezeno : C:\Documents and Settings\Honzik\Local Settings\Data aplikací\AskPartnerNetwork
Složka Nalezeno : C:\Program Files\AskPartnerNetwork
Složka Nalezeno : C:\Program Files\ICQ6Toolbar
Složka Nalezeno : C:\Program Files\icqtoolbar
Složka Nalezeno : C:\Program Files\Trymedia
Soubor Nalezeno : C:\Documents and Settings\Honzik\Data aplikací\Mozilla\Firefox\Profiles\52184y9o.default\invalidprefs.js
Soubor Nalezeno : C:\Documents and Settings\Honzik\Data aplikací\Mozilla\Firefox\Profiles\52184y9o.default\searchplugins\icqplugin.xml
Soubor Nalezeno : C:\Documents and Settings\Honzik\Data aplikací\Mozilla\Firefox\Profiles\52184y9o.default\searchplugins\qip-search.xml
Soubor Nalezeno : C:\Documents and Settings\Honzik\Data aplikací\Mozilla\Firefox\Profiles\52184y9o.default\searchplugins\SweetIm.xml
Soubor Nalezeno : C:\Documents and Settings\Honzik\Data aplikací\Mozilla\Firefox\Profiles\52184y9o.default\user.js
Soubor Nalezeno : C:\Documents and Settings\Honzik\Data aplikací\Opera Software\Opera Stable\Local Storage\hxxp_plarium.com_0.localstorage
Soubor Nalezeno : C:\Documents and Settings\Honzik\Data aplikací\Opera Software\Opera Stable\Local Storage\hxxp_plarium.com_0.localstorage-journal
***** [ Naplánované úlohy ] *****
***** [ Zástupci ] *****
***** [ Registry ] *****
Hodnota Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Hodnota Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]
Hodnota Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Hodnota Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Hodnota Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{327C2873-E90D-4C37-AA9D-10AC9BABA46C}]
Klíč Nalezeno : HKCU\Software\APN PIP
Klíč Nalezeno : HKCU\Software\AskPartnerNetwork
Klíč Nalezeno : HKCU\Software\Headlight
Klíč Nalezeno : HKCU\Software\ICQToolbar
Klíč Nalezeno : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Klíč Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Klíč Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{055FD26D-3A88-4E15-963D-DC8493744B1D}
Klíč Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Klíč Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{327C2873-E90D-4C37-AA9D-10AC9BABA46C}
Klíč Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Klíč Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Klíč Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Klíč Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95289393-33EA-4F8D-B952-483415B9C955}
Klíč Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Klíč Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Klíč Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Klíč Nalezeno : HKCU\Software\PIP
Klíč Nalezeno : HKCU\Software\Softonic
Klíč Nalezeno : HKCU\Software\SweetIM
Klíč Nalezeno : HKCU\Software\WEDLMNGR
Klíč Nalezeno : HKCU\Software\YahooPartnerToolbar
Klíč Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{059EACC2-1ABE-49E8-928D-DC8BD355B7A9}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{327C2873-E90D-4C37-AA9D-10AC9BABA46C}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\toolband.eb_explorerbar
Klíč Nalezeno : HKLM\SOFTWARE\Classes\toolband.eb_explorerbar.1
Klíč Nalezeno : HKLM\SOFTWARE\Classes\toolband.fh_hookeventsink
Klíč Nalezeno : HKLM\SOFTWARE\Classes\toolband.fh_hookeventsink.1
Klíč Nalezeno : HKLM\SOFTWARE\Classes\toolband.ipm_printlistitem
Klíč Nalezeno : HKLM\SOFTWARE\Classes\toolband.ipm_printlistitem.1
Klíč Nalezeno : HKLM\SOFTWARE\Classes\toolband.pm_dialogeventshandler
Klíč Nalezeno : HKLM\SOFTWARE\Classes\toolband.pm_dialogeventshandler.1
Klíč Nalezeno : HKLM\SOFTWARE\Classes\toolband.pm_launcher
Klíč Nalezeno : HKLM\SOFTWARE\Classes\toolband.pm_launcher.1
Klíč Nalezeno : HKLM\SOFTWARE\Classes\toolband.pm_printmanager
Klíč Nalezeno : HKLM\SOFTWARE\Classes\toolband.pm_printmanager.1
Klíč Nalezeno : HKLM\SOFTWARE\Classes\toolband.pr_bindstatuscallback
Klíč Nalezeno : HKLM\SOFTWARE\Classes\toolband.pr_bindstatuscallback.1
Klíč Nalezeno : HKLM\SOFTWARE\Classes\toolband.pr_cancelbuttoneventhandler
Klíč Nalezeno : HKLM\SOFTWARE\Classes\toolband.pr_cancelbuttoneventhandler.1
Klíč Nalezeno : HKLM\SOFTWARE\Classes\toolband.pr_printdialogcallback
Klíč Nalezeno : HKLM\SOFTWARE\Classes\toolband.pr_printdialogcallback.1
Klíč Nalezeno : HKLM\SOFTWARE\Classes\toolband.tbtoolband
Klíč Nalezeno : HKLM\SOFTWARE\Classes\toolband.tbtoolband.1
Klíč Nalezeno : HKLM\SOFTWARE\Classes\toolband.useroptions
Klíč Nalezeno : HKLM\SOFTWARE\Classes\toolband.useroptions.1
Klíč Nalezeno : HKLM\SOFTWARE\Driver-Soft
Klíč Nalezeno : HKLM\SOFTWARE\Headlight
Klíč Nalezeno : HKLM\SOFTWARE\ICQ\ICQToolbar
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Driver Genius Professional Edition_is1
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Driver Genius Professional Edition_is1
Klíč Nalezeno : HKLM\SOFTWARE\PIP
Klíč Nalezeno : HKLM\SOFTWARE\SweetIM
Klíč Nalezeno : HKU\.DEFAULT\Software\AskPartnerNetwork
***** [ Prohlížeče ] *****
-\\ Internet Explorer v6.0.2900.5512
Nastavení Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search] - hxxp://www.icq.com/search/results.php?q={searchTerms}&ch_id=osd
-\\ Mozilla Firefox v39.0 (x86 cs)
[52184y9o.default] - Řádek Nalezeno : user_pref("extensions.xpiState", "{\"app-profile\":{\"toolbar_ATU4-V7@apn.ask.com\":{\"d\":\"C:\\\\Documents and Settings\\\\Honzik\\\\Data aplikací\\\\Mozilla\\\\Firefox\\\\Profiles\\\\52184y9o.defau[...]
-\\ Google Chrome v
-\\ Chromium v
-\\ Opera v30.0.1835.88
*************************
AdwCleaner[R0].txt - [7652 bytů] - [11/07/2015 10:02:18]
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [7710 bytů] ##########
# Aktualizováno 09/07/2015 by Xplode
# Databáze : 2015-07-09.2 [Local]
# Operační system : Microsoft Windows XP Service Pack 3 (x86)
# Uživatelské jméno : Honzik - JENIK
# Spuštěno z : C:\Documents and Settings\Honzik\Plocha\AdwCleaner.exe
# Nastavení : Sken
***** [ Služby ] *****
***** [ Soubory / Složky ] *****
Složka Nalezeno : C:\Documents and Settings\All Users\Data aplikací\apn
Složka Nalezeno : C:\Documents and Settings\All Users\Data aplikací\AskPartnerNetwork
Složka Nalezeno : C:\Documents and Settings\All Users\Data aplikací\ICQ\ICQToolbar
Složka Nalezeno : C:\Documents and Settings\All Users\Data aplikací\Premium
Složka Nalezeno : C:\Documents and Settings\Honzik\Data aplikací\pdfforge
Složka Nalezeno : C:\Documents and Settings\Honzik\Local Settings\Data aplikací\AskPartnerNetwork
Složka Nalezeno : C:\Program Files\AskPartnerNetwork
Složka Nalezeno : C:\Program Files\ICQ6Toolbar
Složka Nalezeno : C:\Program Files\icqtoolbar
Složka Nalezeno : C:\Program Files\Trymedia
Soubor Nalezeno : C:\Documents and Settings\Honzik\Data aplikací\Mozilla\Firefox\Profiles\52184y9o.default\invalidprefs.js
Soubor Nalezeno : C:\Documents and Settings\Honzik\Data aplikací\Mozilla\Firefox\Profiles\52184y9o.default\searchplugins\icqplugin.xml
Soubor Nalezeno : C:\Documents and Settings\Honzik\Data aplikací\Mozilla\Firefox\Profiles\52184y9o.default\searchplugins\qip-search.xml
Soubor Nalezeno : C:\Documents and Settings\Honzik\Data aplikací\Mozilla\Firefox\Profiles\52184y9o.default\searchplugins\SweetIm.xml
Soubor Nalezeno : C:\Documents and Settings\Honzik\Data aplikací\Mozilla\Firefox\Profiles\52184y9o.default\user.js
Soubor Nalezeno : C:\Documents and Settings\Honzik\Data aplikací\Opera Software\Opera Stable\Local Storage\hxxp_plarium.com_0.localstorage
Soubor Nalezeno : C:\Documents and Settings\Honzik\Data aplikací\Opera Software\Opera Stable\Local Storage\hxxp_plarium.com_0.localstorage-journal
***** [ Naplánované úlohy ] *****
***** [ Zástupci ] *****
***** [ Registry ] *****
Hodnota Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Hodnota Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]
Hodnota Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Hodnota Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Hodnota Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{327C2873-E90D-4C37-AA9D-10AC9BABA46C}]
Klíč Nalezeno : HKCU\Software\APN PIP
Klíč Nalezeno : HKCU\Software\AskPartnerNetwork
Klíč Nalezeno : HKCU\Software\Headlight
Klíč Nalezeno : HKCU\Software\ICQToolbar
Klíč Nalezeno : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Klíč Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Klíč Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{055FD26D-3A88-4E15-963D-DC8493744B1D}
Klíč Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Klíč Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{327C2873-E90D-4C37-AA9D-10AC9BABA46C}
Klíč Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Klíč Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Klíč Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Klíč Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95289393-33EA-4F8D-B952-483415B9C955}
Klíč Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Klíč Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Klíč Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Klíč Nalezeno : HKCU\Software\PIP
Klíč Nalezeno : HKCU\Software\Softonic
Klíč Nalezeno : HKCU\Software\SweetIM
Klíč Nalezeno : HKCU\Software\WEDLMNGR
Klíč Nalezeno : HKCU\Software\YahooPartnerToolbar
Klíč Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{059EACC2-1ABE-49E8-928D-DC8BD355B7A9}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{327C2873-E90D-4C37-AA9D-10AC9BABA46C}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\toolband.eb_explorerbar
Klíč Nalezeno : HKLM\SOFTWARE\Classes\toolband.eb_explorerbar.1
Klíč Nalezeno : HKLM\SOFTWARE\Classes\toolband.fh_hookeventsink
Klíč Nalezeno : HKLM\SOFTWARE\Classes\toolband.fh_hookeventsink.1
Klíč Nalezeno : HKLM\SOFTWARE\Classes\toolband.ipm_printlistitem
Klíč Nalezeno : HKLM\SOFTWARE\Classes\toolband.ipm_printlistitem.1
Klíč Nalezeno : HKLM\SOFTWARE\Classes\toolband.pm_dialogeventshandler
Klíč Nalezeno : HKLM\SOFTWARE\Classes\toolband.pm_dialogeventshandler.1
Klíč Nalezeno : HKLM\SOFTWARE\Classes\toolband.pm_launcher
Klíč Nalezeno : HKLM\SOFTWARE\Classes\toolband.pm_launcher.1
Klíč Nalezeno : HKLM\SOFTWARE\Classes\toolband.pm_printmanager
Klíč Nalezeno : HKLM\SOFTWARE\Classes\toolband.pm_printmanager.1
Klíč Nalezeno : HKLM\SOFTWARE\Classes\toolband.pr_bindstatuscallback
Klíč Nalezeno : HKLM\SOFTWARE\Classes\toolband.pr_bindstatuscallback.1
Klíč Nalezeno : HKLM\SOFTWARE\Classes\toolband.pr_cancelbuttoneventhandler
Klíč Nalezeno : HKLM\SOFTWARE\Classes\toolband.pr_cancelbuttoneventhandler.1
Klíč Nalezeno : HKLM\SOFTWARE\Classes\toolband.pr_printdialogcallback
Klíč Nalezeno : HKLM\SOFTWARE\Classes\toolband.pr_printdialogcallback.1
Klíč Nalezeno : HKLM\SOFTWARE\Classes\toolband.tbtoolband
Klíč Nalezeno : HKLM\SOFTWARE\Classes\toolband.tbtoolband.1
Klíč Nalezeno : HKLM\SOFTWARE\Classes\toolband.useroptions
Klíč Nalezeno : HKLM\SOFTWARE\Classes\toolband.useroptions.1
Klíč Nalezeno : HKLM\SOFTWARE\Driver-Soft
Klíč Nalezeno : HKLM\SOFTWARE\Headlight
Klíč Nalezeno : HKLM\SOFTWARE\ICQ\ICQToolbar
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Driver Genius Professional Edition_is1
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Driver Genius Professional Edition_is1
Klíč Nalezeno : HKLM\SOFTWARE\PIP
Klíč Nalezeno : HKLM\SOFTWARE\SweetIM
Klíč Nalezeno : HKU\.DEFAULT\Software\AskPartnerNetwork
***** [ Prohlížeče ] *****
-\\ Internet Explorer v6.0.2900.5512
Nastavení Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search] - hxxp://www.icq.com/search/results.php?q={searchTerms}&ch_id=osd
-\\ Mozilla Firefox v39.0 (x86 cs)
[52184y9o.default] - Řádek Nalezeno : user_pref("extensions.xpiState", "{\"app-profile\":{\"toolbar_ATU4-V7@apn.ask.com\":{\"d\":\"C:\\\\Documents and Settings\\\\Honzik\\\\Data aplikací\\\\Mozilla\\\\Firefox\\\\Profiles\\\\52184y9o.defau[...]
-\\ Google Chrome v
-\\ Chromium v
-\\ Opera v30.0.1835.88
*************************
AdwCleaner[R0].txt - [7652 bytů] - [11/07/2015 10:02:18]
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [7710 bytů] ##########
Re: Prosím o knotrolu, problém: zamzrnutí PC
u Malwarebytes' Anti-Malware je problém, nejde to spustit, dokonce ani v nouz. režimu. Už během instalace to párkrát hlásilo chybu, něco jako runtime error, ale když jsem klikl OK tak instalace pokračovala, když to pak chci spustit napíše to Microsoft viusal C++ Runtime library:Runtime Error! Zhis application has requested the runtime to terminate it in an unusual way.
* ještě bych dodal, že jsem to zkoušel i istalovat znova, i v nouz. režimu, co je zajímavý, že to podobnou chybu hodí i když se to snažím odinstalovat
* ještě bych dodal, že jsem to zkoušel i istalovat znova, i v nouz. režimu, co je zajímavý, že to podobnou chybu hodí i když se to snažím odinstalovat
-
Orcus
- člen Security týmu
-
Elite Level 10.5
- Příspěvky: 10645
- Registrován: duben 10
- Bydliště: Okolo rostou 3 růže =o)
- Pohlaví:
- Stav:
Offline
Re: Prosím o knotrolu, problém: zamzrnutí PC
MBAM má na XP občas potíže. Přeskočíme.
Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
Klikni na „ Smazat“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.
====================================================
Stáhni si Junkware Removal Tool by Thisisu
na svojí plochu.
Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.
====================================================
Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus
Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
Klikni na „ Smazat“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.
====================================================
Stáhni si Junkware Removal Tool by Thisisu
na svojí plochu.
Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.
====================================================
Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus
Láska hřeje, ale uhlí je uhlí. 
Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.
Pár rad k bezpečnosti PC.
Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix
Pokud budete spokojeni , můžete podpořit naše fórum.
Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.
Pár rad k bezpečnosti PC.
Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix
Pokud budete spokojeni , můžete podpořit naše fórum.
Re: Prosím o knotrolu, problém: zamzrnutí PC
# AdwCleaner v4.208 - Log vytvořen 11/07/2015 v 16:38:59
# Aktualizováno 09/07/2015 by Xplode
# Databáze : 2015-07-09.2 [Local]
# Operační system : Microsoft Windows XP Service Pack 3 (x86)
# Uživatelské jméno : Honzik - JENIK
# Spuštěno z : C:\Documents and Settings\Honzik\Plocha\AdwCleaner.exe
# Nastavení : Čištění
***** [ Služby ] *****
***** [ Soubory / Složky ] *****
Složka Smazáno : C:\Documents and Settings\All Users\Data aplikací\apn
Složka Smazáno : C:\Documents and Settings\All Users\Data aplikací\AskPartnerNetwork
Složka Smazáno : C:\Documents and Settings\All Users\Data aplikací\ICQ\ICQToolbar
Složka Smazáno : C:\Documents and Settings\All Users\Data aplikací\Premium
Složka Smazáno : C:\Program Files\AskPartnerNetwork
Složka Smazáno : C:\Program Files\ICQ6Toolbar
Složka Smazáno : C:\Program Files\icqtoolbar
Složka Smazáno : C:\Program Files\Trymedia
Složka Smazáno : C:\Documents and Settings\Honzik\Local Settings\Data aplikací\AskPartnerNetwork
Složka Smazáno : C:\Documents and Settings\Honzik\Data aplikací\pdfforge
Soubor Smazáno : C:\Documents and Settings\Honzik\Data aplikací\Mozilla\Firefox\Profiles\52184y9o.default\invalidprefs.js
Soubor Smazáno : C:\Documents and Settings\Honzik\Data aplikací\Mozilla\Firefox\Profiles\52184y9o.default\searchplugins\qip-search.xml
Soubor Smazáno : C:\Documents and Settings\Honzik\Data aplikací\Mozilla\Firefox\Profiles\52184y9o.default\searchplugins\SweetIm.xml
Soubor Smazáno : C:\Documents and Settings\Honzik\Data aplikací\Mozilla\Firefox\Profiles\52184y9o.default\user.js
Soubor Smazáno : C:\Documents and Settings\Honzik\Data aplikací\Mozilla\Firefox\Profiles\52184y9o.default\searchplugins\icqplugin.xml
Soubor Smazáno : C:\Documents and Settings\Honzik\Data aplikací\Opera Software\Opera Stable\Local Storage\hxxp_plarium.com_0.localstorage
Soubor Smazáno : C:\Documents and Settings\Honzik\Data aplikací\Opera Software\Opera Stable\Local Storage\hxxp_plarium.com_0.localstorage-journal
***** [ Naplánované úlohy ] *****
***** [ Zástupci ] *****
***** [ Registry ] *****
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Hodnota Smazáno : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Klíč Smazáno : HKLM\SOFTWARE\Classes\toolband.eb_explorerbar
Klíč Smazáno : HKLM\SOFTWARE\Classes\toolband.eb_explorerbar.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\toolband.fh_hookeventsink
Klíč Smazáno : HKLM\SOFTWARE\Classes\toolband.fh_hookeventsink.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\toolband.ipm_printlistitem
Klíč Smazáno : HKLM\SOFTWARE\Classes\toolband.ipm_printlistitem.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\toolband.pm_dialogeventshandler
Klíč Smazáno : HKLM\SOFTWARE\Classes\toolband.pm_dialogeventshandler.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\toolband.pm_launcher
Klíč Smazáno : HKLM\SOFTWARE\Classes\toolband.pm_launcher.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\toolband.pm_printmanager
Klíč Smazáno : HKLM\SOFTWARE\Classes\toolband.pm_printmanager.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\toolband.pr_bindstatuscallback
Klíč Smazáno : HKLM\SOFTWARE\Classes\toolband.pr_bindstatuscallback.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\toolband.pr_cancelbuttoneventhandler
Klíč Smazáno : HKLM\SOFTWARE\Classes\toolband.pr_cancelbuttoneventhandler.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\toolband.pr_printdialogcallback
Klíč Smazáno : HKLM\SOFTWARE\Classes\toolband.pr_printdialogcallback.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\toolband.tbtoolband
Klíč Smazáno : HKLM\SOFTWARE\Classes\toolband.tbtoolband.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\toolband.useroptions
Klíč Smazáno : HKLM\SOFTWARE\Classes\toolband.useroptions.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{059EACC2-1ABE-49E8-928D-DC8BD355B7A9}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{327C2873-E90D-4C37-AA9D-10AC9BABA46C}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{055FD26D-3A88-4E15-963D-DC8493744B1D}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{327C2873-E90D-4C37-AA9D-10AC9BABA46C}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95289393-33EA-4F8D-B952-483415B9C955}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Hodnota Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{327C2873-E90D-4C37-AA9D-10AC9BABA46C}]
Hodnota Smazáno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]
Hodnota Smazáno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Hodnota Smazáno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Klíč Smazáno : HKCU\Software\APN PIP
Klíč Smazáno : HKCU\Software\AskPartnerNetwork
Klíč Smazáno : HKCU\Software\Headlight
Klíč Smazáno : HKCU\Software\ICQToolbar
Klíč Smazáno : HKCU\Software\PIP
Klíč Smazáno : HKCU\Software\Softonic
Klíč Smazáno : HKCU\Software\SweetIM
Klíč Smazáno : HKCU\Software\WEDLMNGR
Klíč Smazáno : HKCU\Software\YahooPartnerToolbar
Klíč Smazáno : HKLM\SOFTWARE\Driver-Soft
Klíč Smazáno : HKLM\SOFTWARE\Headlight
Klíč Smazáno : HKLM\SOFTWARE\ICQ\ICQToolbar
Klíč Smazáno : HKLM\SOFTWARE\PIP
Klíč Smazáno : HKLM\SOFTWARE\SweetIM
Klíč Smazáno : HKU\.DEFAULT\Software\AskPartnerNetwork
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Driver Genius Professional Edition_is1
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Driver Genius Professional Edition_is1
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
***** [ Prohlížeče ] *****
-\\ Internet Explorer v6.0.2900.5512
Nastavení Obnoveno : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
-\\ Mozilla Firefox v39.0 (x86 cs)
[52184y9o.default\prefs.js] - Řádek Smazáno : user_pref("extensions.xpiState", "{\"app-profile\":{\"toolbar_ATU4-V7@apn.ask.com\":{\"d\":\"C:\\\\Documents and Settings\\\\Honzik\\\\Data aplikací\\\\Mozilla\\\\Firefox\\\\Profiles\\\\52184y9o.defau[...]
-\\ Google Chrome v
-\\ Chromium v
-\\ Opera v30.0.1835.88
*************************
AdwCleaner[R0].txt - [7788 bytů] - [11/07/2015 10:02:18]
AdwCleaner[R1].txt - [7846 bytů] - [11/07/2015 16:37:45]
AdwCleaner[S0].txt - [7633 bytů] - [11/07/2015 16:38:59]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [7691 bytů] ##########
# Aktualizováno 09/07/2015 by Xplode
# Databáze : 2015-07-09.2 [Local]
# Operační system : Microsoft Windows XP Service Pack 3 (x86)
# Uživatelské jméno : Honzik - JENIK
# Spuštěno z : C:\Documents and Settings\Honzik\Plocha\AdwCleaner.exe
# Nastavení : Čištění
***** [ Služby ] *****
***** [ Soubory / Složky ] *****
Složka Smazáno : C:\Documents and Settings\All Users\Data aplikací\apn
Složka Smazáno : C:\Documents and Settings\All Users\Data aplikací\AskPartnerNetwork
Složka Smazáno : C:\Documents and Settings\All Users\Data aplikací\ICQ\ICQToolbar
Složka Smazáno : C:\Documents and Settings\All Users\Data aplikací\Premium
Složka Smazáno : C:\Program Files\AskPartnerNetwork
Složka Smazáno : C:\Program Files\ICQ6Toolbar
Složka Smazáno : C:\Program Files\icqtoolbar
Složka Smazáno : C:\Program Files\Trymedia
Složka Smazáno : C:\Documents and Settings\Honzik\Local Settings\Data aplikací\AskPartnerNetwork
Složka Smazáno : C:\Documents and Settings\Honzik\Data aplikací\pdfforge
Soubor Smazáno : C:\Documents and Settings\Honzik\Data aplikací\Mozilla\Firefox\Profiles\52184y9o.default\invalidprefs.js
Soubor Smazáno : C:\Documents and Settings\Honzik\Data aplikací\Mozilla\Firefox\Profiles\52184y9o.default\searchplugins\qip-search.xml
Soubor Smazáno : C:\Documents and Settings\Honzik\Data aplikací\Mozilla\Firefox\Profiles\52184y9o.default\searchplugins\SweetIm.xml
Soubor Smazáno : C:\Documents and Settings\Honzik\Data aplikací\Mozilla\Firefox\Profiles\52184y9o.default\user.js
Soubor Smazáno : C:\Documents and Settings\Honzik\Data aplikací\Mozilla\Firefox\Profiles\52184y9o.default\searchplugins\icqplugin.xml
Soubor Smazáno : C:\Documents and Settings\Honzik\Data aplikací\Opera Software\Opera Stable\Local Storage\hxxp_plarium.com_0.localstorage
Soubor Smazáno : C:\Documents and Settings\Honzik\Data aplikací\Opera Software\Opera Stable\Local Storage\hxxp_plarium.com_0.localstorage-journal
***** [ Naplánované úlohy ] *****
***** [ Zástupci ] *****
***** [ Registry ] *****
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Hodnota Smazáno : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Klíč Smazáno : HKLM\SOFTWARE\Classes\toolband.eb_explorerbar
Klíč Smazáno : HKLM\SOFTWARE\Classes\toolband.eb_explorerbar.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\toolband.fh_hookeventsink
Klíč Smazáno : HKLM\SOFTWARE\Classes\toolband.fh_hookeventsink.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\toolband.ipm_printlistitem
Klíč Smazáno : HKLM\SOFTWARE\Classes\toolband.ipm_printlistitem.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\toolband.pm_dialogeventshandler
Klíč Smazáno : HKLM\SOFTWARE\Classes\toolband.pm_dialogeventshandler.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\toolband.pm_launcher
Klíč Smazáno : HKLM\SOFTWARE\Classes\toolband.pm_launcher.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\toolband.pm_printmanager
Klíč Smazáno : HKLM\SOFTWARE\Classes\toolband.pm_printmanager.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\toolband.pr_bindstatuscallback
Klíč Smazáno : HKLM\SOFTWARE\Classes\toolband.pr_bindstatuscallback.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\toolband.pr_cancelbuttoneventhandler
Klíč Smazáno : HKLM\SOFTWARE\Classes\toolband.pr_cancelbuttoneventhandler.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\toolband.pr_printdialogcallback
Klíč Smazáno : HKLM\SOFTWARE\Classes\toolband.pr_printdialogcallback.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\toolband.tbtoolband
Klíč Smazáno : HKLM\SOFTWARE\Classes\toolband.tbtoolband.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\toolband.useroptions
Klíč Smazáno : HKLM\SOFTWARE\Classes\toolband.useroptions.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{059EACC2-1ABE-49E8-928D-DC8BD355B7A9}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{327C2873-E90D-4C37-AA9D-10AC9BABA46C}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{055FD26D-3A88-4E15-963D-DC8493744B1D}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{327C2873-E90D-4C37-AA9D-10AC9BABA46C}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95289393-33EA-4F8D-B952-483415B9C955}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Hodnota Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{327C2873-E90D-4C37-AA9D-10AC9BABA46C}]
Hodnota Smazáno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]
Hodnota Smazáno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Hodnota Smazáno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Klíč Smazáno : HKCU\Software\APN PIP
Klíč Smazáno : HKCU\Software\AskPartnerNetwork
Klíč Smazáno : HKCU\Software\Headlight
Klíč Smazáno : HKCU\Software\ICQToolbar
Klíč Smazáno : HKCU\Software\PIP
Klíč Smazáno : HKCU\Software\Softonic
Klíč Smazáno : HKCU\Software\SweetIM
Klíč Smazáno : HKCU\Software\WEDLMNGR
Klíč Smazáno : HKCU\Software\YahooPartnerToolbar
Klíč Smazáno : HKLM\SOFTWARE\Driver-Soft
Klíč Smazáno : HKLM\SOFTWARE\Headlight
Klíč Smazáno : HKLM\SOFTWARE\ICQ\ICQToolbar
Klíč Smazáno : HKLM\SOFTWARE\PIP
Klíč Smazáno : HKLM\SOFTWARE\SweetIM
Klíč Smazáno : HKU\.DEFAULT\Software\AskPartnerNetwork
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Driver Genius Professional Edition_is1
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Driver Genius Professional Edition_is1
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
***** [ Prohlížeče ] *****
-\\ Internet Explorer v6.0.2900.5512
Nastavení Obnoveno : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
-\\ Mozilla Firefox v39.0 (x86 cs)
[52184y9o.default\prefs.js] - Řádek Smazáno : user_pref("extensions.xpiState", "{\"app-profile\":{\"toolbar_ATU4-V7@apn.ask.com\":{\"d\":\"C:\\\\Documents and Settings\\\\Honzik\\\\Data aplikací\\\\Mozilla\\\\Firefox\\\\Profiles\\\\52184y9o.defau[...]
-\\ Google Chrome v
-\\ Chromium v
-\\ Opera v30.0.1835.88
*************************
AdwCleaner[R0].txt - [7788 bytů] - [11/07/2015 10:02:18]
AdwCleaner[R1].txt - [7846 bytů] - [11/07/2015 16:37:45]
AdwCleaner[S0].txt - [7633 bytů] - [11/07/2015 16:38:59]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [7691 bytů] ##########
Re: Prosím o knotrolu, problém: zamzrnutí PC
TOHLE TEDA BYLO HNED :)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.4.3 (07.11.2015:1)
OS: Microsoft Windows XP x86
Ran by Honzik on so 11.07.2015 at 16:49:25,31
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Tasks
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Search Page
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\158D6D9E3FE81FA428925F22ACB3A965
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\15E6C514FEFC09F45BAFAAE1D7546ED4
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1DB42320A8525634AA089F0BEC86473B
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\22468B0D6050B2E46B9C4B67A8F59577
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2251BF05A2F606D43BB064BD63CBD87E
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3CDF313E9B28C944FBC7579CF4949414
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\71E54748EDD3DC1468548785DC856EDA
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\754590DD06DE8D249B526503432F99D4
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8036C72171EF4BA46856BF57969F6A36
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CBC85D72B148084ABE8C2F072F781F4
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CC5A38A64D6098468BC8395BA0EFF03
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8DF9A1AC557F56C49B56F6B83E293C15
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CFA51B44D54927C4E9B7BC1D3FD1E49F
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D14A7F65792054F418578C78367D13F7
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DFE9F0BD163D827438CB6AD6B100EC48
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F739A19A8327DC64C9A8B641A9E89646
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{15C4DF55-4B67-495A-A3D3-A497C4A49EE0}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{15C4DF55-4B67-495A-A3D3-A497C4A49EE0}
~~~ Files
~~~ Informational
C:\WINDOWS\system32\tasklist.exe doesn't exist [Process check skipped . Windows XP Home Edition?]
~~~ Folders
Successfully deleted: [Folder] C:\Program Files\driver-soft
Successfully deleted: [Folder] C:\WINDOWS\System32\c2mp
~~~ FireFox
Successfully deleted the following from C:\Documents and Settings\Honzik\Data aplikací\mozilla\firefox\profiles\52184y9o.default\prefs.js
user_pref(extensions.xpiState, {\app-profile\:{\toolbar_ATU4-V7@apn.ask.com\:{\d\:\C:\\\\Documents and Settings\\\\Honzik\\\\Data aplikacĂ\\\\Mozilla\\\\Firefox\\\\
Emptied folder: C:\Documents and Settings\Honzik\Data aplikací\mozilla\firefox\profiles\52184y9o.default\minidumps [16 files]
~~~ Chrome
[C:\Documents and Settings\Honzik\local settings\application data\\Google\Chrome\User Data\Default\Preferences] - default search provider reset
[C:\Documents and Settings\Honzik\local settings\application data\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
[C:\Documents and Settings\Honzik\local settings\application data\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
[C:\Documents and Settings\Honzik\local settings\application data\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on so 11.07.2015 at 16:52:13,06
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.4.3 (07.11.2015:1)
OS: Microsoft Windows XP x86
Ran by Honzik on so 11.07.2015 at 16:49:25,31
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Tasks
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Search Page
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\158D6D9E3FE81FA428925F22ACB3A965
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\15E6C514FEFC09F45BAFAAE1D7546ED4
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1DB42320A8525634AA089F0BEC86473B
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\22468B0D6050B2E46B9C4B67A8F59577
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2251BF05A2F606D43BB064BD63CBD87E
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3CDF313E9B28C944FBC7579CF4949414
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\71E54748EDD3DC1468548785DC856EDA
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\754590DD06DE8D249B526503432F99D4
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8036C72171EF4BA46856BF57969F6A36
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CBC85D72B148084ABE8C2F072F781F4
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CC5A38A64D6098468BC8395BA0EFF03
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8DF9A1AC557F56C49B56F6B83E293C15
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CFA51B44D54927C4E9B7BC1D3FD1E49F
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D14A7F65792054F418578C78367D13F7
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DFE9F0BD163D827438CB6AD6B100EC48
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F739A19A8327DC64C9A8B641A9E89646
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{15C4DF55-4B67-495A-A3D3-A497C4A49EE0}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{15C4DF55-4B67-495A-A3D3-A497C4A49EE0}
~~~ Files
~~~ Informational
C:\WINDOWS\system32\tasklist.exe doesn't exist [Process check skipped . Windows XP Home Edition?]
~~~ Folders
Successfully deleted: [Folder] C:\Program Files\driver-soft
Successfully deleted: [Folder] C:\WINDOWS\System32\c2mp
~~~ FireFox
Successfully deleted the following from C:\Documents and Settings\Honzik\Data aplikací\mozilla\firefox\profiles\52184y9o.default\prefs.js
user_pref(extensions.xpiState, {\app-profile\:{\toolbar_ATU4-V7@apn.ask.com\:{\d\:\C:\\\\Documents and Settings\\\\Honzik\\\\Data aplikacĂ\\\\Mozilla\\\\Firefox\\\\
Emptied folder: C:\Documents and Settings\Honzik\Data aplikací\mozilla\firefox\profiles\52184y9o.default\minidumps [16 files]
~~~ Chrome
[C:\Documents and Settings\Honzik\local settings\application data\\Google\Chrome\User Data\Default\Preferences] - default search provider reset
[C:\Documents and Settings\Honzik\local settings\application data\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
[C:\Documents and Settings\Honzik\local settings\application data\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
[C:\Documents and Settings\Honzik\local settings\application data\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on so 11.07.2015 at 16:52:13,06
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Re: Prosím o knotrolu, problém: zamzrnutí PC
RogueKiller V10.9.1.0 [Jul 9 2015] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com
Opera?ní systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spu?t?no : Normální re?im
U?ivatel : Honzik [Práva správce]
Started from : C:\Documents and Settings\Honzik\Plocha\RogueKiller.exe
Mód : Prohledat -- Datum : 07/11/2015 17:07:20
¤¤¤ Procesy : 0 ¤¤¤
¤¤¤ Registry : 0 ¤¤¤
¤¤¤ Úlohy : 0 ¤¤¤
¤¤¤ Soubory : 3 ¤¤¤
[Suspicious.Startup|VT.Unknown][Soubor] C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spu?t?ní\GamePark klient 2.lnk -> Nalezeno
[Suspicious.Startup|VT.Unknown][Soubor] C:\Documents and Settings\Honzik\Nabídka Start\Programy\Po spu?t?ní\Dropbox.lnk -> Nalezeno
[Suspicious.Startup|VT.Unknown][Soubor] C:\Documents and Settings\Honzik\Nabídka Start\Programy\Po spu?t?ní\EvernoteClipper.lnk -> Nalezeno
¤¤¤ Soubor HOSTS : 0 ¤¤¤
¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤
¤¤¤ Webové prohlí?e?e : 0 ¤¤¤
¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: ST3320820AS +++++
--- User ---
[MBR] 698dd22c9dc514dec03b42f09ca004e2
[BSP] 8d8f241100608db870676cc849d36ee3 : Windows XP|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 63 | Size: 305242 MB [Windows XP Bootstrap | Windows XP Bootloader]
User = LL1 ... OK
User = LL2 ... OK
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com
Opera?ní systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spu?t?no : Normální re?im
U?ivatel : Honzik [Práva správce]
Started from : C:\Documents and Settings\Honzik\Plocha\RogueKiller.exe
Mód : Prohledat -- Datum : 07/11/2015 17:07:20
¤¤¤ Procesy : 0 ¤¤¤
¤¤¤ Registry : 0 ¤¤¤
¤¤¤ Úlohy : 0 ¤¤¤
¤¤¤ Soubory : 3 ¤¤¤
[Suspicious.Startup|VT.Unknown][Soubor] C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spu?t?ní\GamePark klient 2.lnk -> Nalezeno
[Suspicious.Startup|VT.Unknown][Soubor] C:\Documents and Settings\Honzik\Nabídka Start\Programy\Po spu?t?ní\Dropbox.lnk -> Nalezeno
[Suspicious.Startup|VT.Unknown][Soubor] C:\Documents and Settings\Honzik\Nabídka Start\Programy\Po spu?t?ní\EvernoteClipper.lnk -> Nalezeno
¤¤¤ Soubor HOSTS : 0 ¤¤¤
¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤
¤¤¤ Webové prohlí?e?e : 0 ¤¤¤
¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: ST3320820AS +++++
--- User ---
[MBR] 698dd22c9dc514dec03b42f09ca004e2
[BSP] 8d8f241100608db870676cc849d36ee3 : Windows XP|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 63 | Size: 305242 MB [Windows XP Bootstrap | Windows XP Bootloader]
User = LL1 ... OK
User = LL2 ... OK
-
jerabina
- člen Security týmu
-
Level 6
- Příspěvky: 3647
- Registrován: březen 13
- Bydliště: Litoměřice
- Pohlaví:
- Stav:
Offline
Re: Prosím o knotrolu, problém: zamzrnutí PC
Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB (kromě myši s klávesnice) nebo externí disky z počítače před spuštěním tohoto programu.
Spusť znovu RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Pak klikni na "Prohledat " ,po jeho skončení:
- V záložkách (Registry , Tasks , Web Browser apod.) vše zatrhni (dej zatržítka)
(musíš dát myší zatržítko do toho čtverečku vlevo od registru ap.)
- Klikni na "Smazat"
- Počkej, dokud Status box nezobrazí " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller
Vypni antivir
Stáhni
Zoek.exe
a uloz si ho na plochu.
Zavři všechny ostatní programy , okna i prohlížeče.
Spusť Zoek.exe ( u win vista , win7, 8 klikni na něj pravým a vyber : „Spustit jako správce“
- pozor , náběh programu může trvat déle.
Do okna programu vlož skript níže:
klikni na Run Script
Program provede sken , opravu, sken i oprava může trvat i více minut ,je třeba posečkat do konce. Do okna neklikej!
Program nabídne restart , potvrď .
Po restartu se může nějaký čas ukázat pouze černá plocha , to je normální. Je třeba počkat až se vytvoří log. Ten si můžeš uložit třeba do dokumentů , jinak se sám ukládá do:
C:\zoek-results.log
Zkopíruj sem celý obsah toho logu.
Vlož nový log z HJT + informuj o problémech.
Prosím, odpoj všechny USB (kromě myši s klávesnice) nebo externí disky z počítače před spuštěním tohoto programu.
Spusť znovu RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Pak klikni na "Prohledat " ,po jeho skončení:
- V záložkách (Registry , Tasks , Web Browser apod.) vše zatrhni (dej zatržítka)
(musíš dát myší zatržítko do toho čtverečku vlevo od registru ap.)
- Klikni na "Smazat"
- Počkej, dokud Status box nezobrazí " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller
Vypni antivir
Stáhni
Zoek.exe
a uloz si ho na plochu.
Zavři všechny ostatní programy , okna i prohlížeče.
Spusť Zoek.exe ( u win vista , win7, 8 klikni na něj pravým a vyber : „Spustit jako správce“
- pozor , náběh programu může trvat déle.
Do okna programu vlož skript níže:
Kód: Vybrat vše
autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts; klikni na Run Script
Program provede sken , opravu, sken i oprava může trvat i více minut ,je třeba posečkat do konce. Do okna neklikej!
Program nabídne restart , potvrď .
Po restartu se může nějaký čas ukázat pouze černá plocha , to je normální. Je třeba počkat až se vytvoří log. Ten si můžeš uložit třeba do dokumentů , jinak se sám ukládá do:
C:\zoek-results.log
Zkopíruj sem celý obsah toho logu.
Vlož nový log z HJT + informuj o problémech.
Když nevíš jak dál, přichází na řadu prostudovat manuál!
HJT návod
Pokud neodpovídám do vašich témat v sekci HJT když jsem online, tak je to jen proto, že jsem na mobilu kde je studování logů a psaní skriptů nemožné. Neberte to tedy prosím jako ignoraci.
HJT návod
Pokud neodpovídám do vašich témat v sekci HJT když jsem online, tak je to jen proto, že jsem na mobilu kde je studování logů a psaní skriptů nemožné. Neberte to tedy prosím jako ignoraci.
Re: Prosím o knotrolu, problém: zamzrnutí PC
ogueKiller V10.9.1.0 [Jul 9 2015] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com
Opera?ní systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spu?t?no : Normální re?im
U?ivatel : Honzik [Práva správce]
Started from : C:\Documents and Settings\Honzik\Plocha\RogueKiller.exe
Mód : Smazat -- Datum : 07/12/2015 18:00:39
¤¤¤ Procesy : 0 ¤¤¤
¤¤¤ Registry : 0 ¤¤¤
¤¤¤ Úlohy : 0 ¤¤¤
¤¤¤ Soubory : 3 ¤¤¤
[Suspicious.Startup|VT.Unknown][Soubor] C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spu?t?ní\GamePark klient 2.lnk -> Smazáno
[Suspicious.Startup|VT.Unknown][Soubor] C:\Documents and Settings\Honzik\Nabídka Start\Programy\Po spu?t?ní\Dropbox.lnk -> Smazáno
[Suspicious.Startup|VT.Unknown][Soubor] C:\Documents and Settings\Honzik\Nabídka Start\Programy\Po spu?t?ní\EvernoteClipper.lnk -> Smazáno
¤¤¤ Soubor HOSTS : 0 ¤¤¤
¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤
¤¤¤ Webové prohlí?e?e : 7 ¤¤¤
[FIREFX:Addon] 52184y9o.default : Adblock Plus [{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}] -> Smazáno
[FIREFX:Addon] 52184y9o.default : Microsoft .NET Framework Assistant [{20a82645-c095-46ed-80e3-08825760534b}] -> Smazáno
[FIREFX:Addon] 52184y9o.default : DivX Plus Web Player HTML5 <video> [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] -> Smazáno
[FIREFX:Addon] 52184y9o.default : DivX HiQ [{6904342A-8307-11DF-A508-4AE2DFD72085}] -> Smazáno
[FIREFX:Addon] 52184y9o.default : avast! Online Security [wrc@avast.com] -> Smazáno
[FIREFX:Addon] 52184y9o.default : Ask Toolbar [toolbar_ATU4-V7@apn.ask.com] -> Smazáno
[PUM.HomePage][FIREFX:Config] 52184y9o.default : user_pref("browser.startup.homepage", "http://www.seznam.cz/"); -> Nevybráno
¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: ST3320820AS +++++
--- User ---
[MBR] 698dd22c9dc514dec03b42f09ca004e2
[BSP] 8d8f241100608db870676cc849d36ee3 : Windows XP|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 63 | Size: 305242 MB [Windows XP Bootstrap | Windows XP Bootloader]
User = LL1 ... OK
User = LL2 ... OK
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com
Opera?ní systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spu?t?no : Normální re?im
U?ivatel : Honzik [Práva správce]
Started from : C:\Documents and Settings\Honzik\Plocha\RogueKiller.exe
Mód : Smazat -- Datum : 07/12/2015 18:00:39
¤¤¤ Procesy : 0 ¤¤¤
¤¤¤ Registry : 0 ¤¤¤
¤¤¤ Úlohy : 0 ¤¤¤
¤¤¤ Soubory : 3 ¤¤¤
[Suspicious.Startup|VT.Unknown][Soubor] C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spu?t?ní\GamePark klient 2.lnk -> Smazáno
[Suspicious.Startup|VT.Unknown][Soubor] C:\Documents and Settings\Honzik\Nabídka Start\Programy\Po spu?t?ní\Dropbox.lnk -> Smazáno
[Suspicious.Startup|VT.Unknown][Soubor] C:\Documents and Settings\Honzik\Nabídka Start\Programy\Po spu?t?ní\EvernoteClipper.lnk -> Smazáno
¤¤¤ Soubor HOSTS : 0 ¤¤¤
¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤
¤¤¤ Webové prohlí?e?e : 7 ¤¤¤
[FIREFX:Addon] 52184y9o.default : Adblock Plus [{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}] -> Smazáno
[FIREFX:Addon] 52184y9o.default : Microsoft .NET Framework Assistant [{20a82645-c095-46ed-80e3-08825760534b}] -> Smazáno
[FIREFX:Addon] 52184y9o.default : DivX Plus Web Player HTML5 <video> [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] -> Smazáno
[FIREFX:Addon] 52184y9o.default : DivX HiQ [{6904342A-8307-11DF-A508-4AE2DFD72085}] -> Smazáno
[FIREFX:Addon] 52184y9o.default : avast! Online Security [wrc@avast.com] -> Smazáno
[FIREFX:Addon] 52184y9o.default : Ask Toolbar [toolbar_ATU4-V7@apn.ask.com] -> Smazáno
[PUM.HomePage][FIREFX:Config] 52184y9o.default : user_pref("browser.startup.homepage", "http://www.seznam.cz/"); -> Nevybráno
¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: ST3320820AS +++++
--- User ---
[MBR] 698dd22c9dc514dec03b42f09ca004e2
[BSP] 8d8f241100608db870676cc849d36ee3 : Windows XP|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 63 | Size: 305242 MB [Windows XP Bootstrap | Windows XP Bootloader]
User = LL1 ... OK
User = LL2 ... OK
Re: Prosím o knotrolu, problém: zamzrnutí PC
Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by Honzik on ne 12.07.2015 at 18:03:32,93.
Microsoft Windows XP Home Edition 5.1.2600 Service Pack 3 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Documents and Settings\Honzik\Plocha\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
12.7.2015 18:05:01 Zoek.exe System Restore Point Created Successfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
127.0.0.1 localhost
==== Empty Folders Check ======================
C:\Program Files\3DO deleted successfully
C:\Program Files\Eidos deleted successfully
C:\Program Files\Eidos Interactive deleted successfully
C:\Program Files\GRETECH deleted successfully
C:\Program Files\MSXML 4.0 deleted successfully
C:\Program Files\Nokia deleted successfully
C:\Program Files\NuGardt Software deleted successfully
C:\Program Files\Red Storm Entertainment deleted successfully
C:\Program Files\Sierra deleted successfully
C:\Program Files\Subagames deleted successfully
C:\Program Files\Wanadoo Edition deleted successfully
C:\Documents and Settings\All Users\Nabídka Start\Programy\Canon Utilities deleted successfully
C:\Documents and Settings\Honzik\Nabídka Start\Programy\NuGardt Software deleted successfully
C:\Documents and Settings\Honzik\Nabídka Start\Programy\QIP deleted successfully
C:\Documents and Settings\Honzik\Nabídka Start\Programy\TopCD deleted successfully
C:\Documents and Settings\Honzik\Nabídka Start\Programy\Windows Everywhere STEEL deleted successfully
C:\DOCUME~1\ALLUSE~1\DATAAP~1\firebird deleted successfully
C:\DOCUME~1\ALLUSE~1\DATAAP~1\nView_Profiles deleted successfully
C:\DOCUME~1\ALLUSE~1\DATAAP~1\WinZip deleted successfully
C:\Documents and Settings\Honzik\Data aplikací\AdobeUM deleted successfully
C:\Documents and Settings\Honzik\Data aplikací\HLSW deleted successfully
C:\Documents and Settings\Honzik\Data aplikací\Nokia Ovi Suite deleted successfully
C:\Documents and Settings\NetworkService\Data aplikací\Xfire deleted successfully
C:\Documents and Settings\Honzik\Local Settings\Data aplikací\Ashampoo deleted successfully
C:\Documents and Settings\Honzik\Local Settings\Data aplikací\Irrational Games deleted successfully
C:\Documents and Settings\Honzik\Local Settings\Data aplikací\NokiaAccount deleted successfully
C:\Documents and Settings\Honzik\Local Settings\Data aplikací\TS Support deleted successfully
C:\Documents and Settings\Honzik\Local Settings\Data aplikací\WMTools Downloaded Files deleted successfully
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-4169299674-1468450816-3153339792-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{326E768D-4182-46FD-9C16-1449A49795F4} deleted successfully
HKEY_USERS\S-1-5-21-4169299674-1468450816-3153339792-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{593DDEC6-7468-4cdd-90E1-42DADAA222E9} deleted successfully
HKEY_USERS\S-1-5-21-4169299674-1468450816-3153339792-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{68F9551E-0411-48E4-9AAF-4BC42A6A46BE} deleted successfully
HKEY_USERS\S-1-5-21-4169299674-1468450816-3153339792-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully
HKEY_USERS\S-1-5-21-4169299674-1468450816-3153339792-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{92EF2EAD-A7CE-4424-B0DB-499CF856608E} deleted successfully
HKEY_USERS\S-1-5-21-4169299674-1468450816-3153339792-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435b-BC74-9C25C1C588A9} deleted successfully
HKEY_USERS\S-1-5-21-4169299674-1468450816-3153339792-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{326E768D-4182-46FD-9C16-1449A49795F4} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{593DDEC6-7468-4cdd-90E1-42DADAA222E9} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{593DDEC6-7468-4cdd-90E1-42DADAA222E9} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{68F9551E-0411-48E4-9AAF-4BC42A6A46BE} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{68F9551E-0411-48E4-9AAF-4BC42A6A46BE} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{92EF2EAD-A7CE-4424-B0DB-499CF856608E} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{92EF2EAD-A7CE-4424-B0DB-499CF856608E} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} deleted successfully
==== Deleting CLSID Registry Values ======================
HKEY_USERS\S-1-5-21-4169299674-1468450816-3153339792-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} deleted successfully
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Documents and Settings\Honzik\Data aplikací\Mozilla\Firefox\Profiles\52184y9o.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.seznam.cz/");
Added to C:\Documents and Settings\Honzik\Data aplikací\Mozilla\Firefox\Profiles\52184y9o.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
ProfilePath: C:\Documents and Settings\Honzik\Data aplikací\Mozilla\Firefox\Profiles\52184y9o.default
user.js not found
---- FireFox user.js and prefs.js backups ----
prefs_12.07.2015_1815_.backup
==== Deleting Files \ Folders ======================
C:\Program Files\3DO not found
C:\Program Files\Eidos not found
C:\Program Files\Eidos Interactive not found
C:\Program Files\GRETECH not found
C:\Program Files\Nokia not found
C:\Program Files\NuGardt Software not found
C:\Program Files\Red Storm Entertainment not found
C:\Program Files\Sierra not found
C:\Program Files\Subagames not found
C:\Program Files\Wanadoo Edition not found
C:\Program Files\ComPlus Applications deleted
C:\Program Files\WindowsUpdate deleted
C:\Program Files\WhoCrashed deleted
C:\Program Files\Rokario deleted
C:\Program Files\Alawar deleted
C:\Program Files\Sports Interactive deleted
C:\Program Files\BitLord deleted
C:\Program Files\Yahoo! deleted
C:\DOCUME~1\ALLUSE~1\DATAAP~1\AlawarWrapper deleted
C:\DOCUME~1\ALLUSE~1\DATAAP~1\ezsid.dat deleted
C:\DOCUME~1\ALLUSE~1\DATAAP~1\LaunchURL.bat deleted
C:\DOCUME~1\ALLUSE~1\DATAAP~1\ICQ deleted
C:\DOCUME~1\ALLUSE~1\DATAAP~1\InstallMate deleted
C:\WINDOWS\system32\GroupPolicy\Adm deleted
C:\Documents and Settings\Honzik\Data aplikací\Mozilla\Firefox\Profiles\52184y9o.default\ICQToolbarData deleted
C:\Documents and Settings\Honzik\Data aplikací\Mozilla\Firefox\Profiles\52184y9o.default\SweetIMToolbarData deleted
==== Firefox Start and Search pages ======================
ProfilePath: C:\Documents and Settings\Honzik\Data aplikací\Mozilla\Firefox\Profiles\52184y9o.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{20a82645-c095-46ed-80e3-08825760534b}"="c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension" [27.12.2011 22:10]
==== Firefox Extensions ======================
AppDir: C:\Program Files\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
==== Firefox Plugins ======================
Profilepath: C:\Documents and Settings\Honzik\Data aplikací\Mozilla\Firefox\Profiles\52184y9o.default
D33D39A318AEA70691CED7530E2D9DF9 - C:\Program Files\Windows Media Player\npdsplay.dll - Windows Media Player Plug-in Dynamic Link Library
CFBC726A1712BD8DC9914EA06DBCE20B - C:\Program Files\Windows Media Player\npwmsdrm.dll - Microsoft® DRM
7E54D1EC87CE306CB1A26CE59AFE6E37 - C:\Program Files\Windows Media Player\npdrmv2.dll - Microsoft® DRM
90A5192AF9069EE7F8705E12601AE542 - C:\Program Files\Adobe\Reader 9.0\Reader\browser\nppdf32.dll - Adobe Acrobat
08ACECEB47FAF053C468D8AFE44709AD - C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll - Google Update
AB87EEFFD18F2BAAFC274E7075EA6C67 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation
479CB5CBEA7F1CA44B54E7823F78314C - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java(TM) Platform SE 7 U7
96C406EC877EB23BB753E59B776C6BC7 - C:\WINDOWS\system32\npDeployJava1.dll - Java Deployment Toolkit 7.0.70.10
F4D62A129AAEE4A619FCE0C03B15E94C - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll - DivX OVS Helper Plug-in
E2CCA1B3BA59949AE16EC587E89A09BA - C:\WINDOWS\system32\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director
1BFD18699636B8F1AA26675BA43D2F8F - C:\WINDOWS\system32\Adobe\Director\np32dsw_1167637.dll - Shockwave for Director / Shockwave for Director
9F8956BF8C354FCC6E0C416417E5E7ED - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_18_0_0_203.dll - Shockwave Flash
6B47E809D91DF30D028CF4F1B11A6616 - C:\WINDOWS\system32\npptools.dll - Operační systém Microsoft® Windows®
077E850D3A567A00B34858E5D97A6F4C - C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll - ------
FE2353643EBF801ED5596F2B8E3273EC - C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypchub.dll - ------
==== Fake Chromium Profiles Check ======================
Fake profile C:\Documents and Settings\Honzik\Local Settings\Data aplikací\Google\Chrome deleted
==== Chromium Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
fnjbmmemklcjgepojigaapkoodmkgbae - C:\Program Files\DivX\DivX Plus Web Player\google_chrome\wpa\wpa.crx[08.12.2010 23:15]
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[03.10.2014 13:06]
nneajnkjbffgblleaoojgaacokifdkhm - C:\Program Files\DivX\DivX Plus Web Player\google_chrome\html5video\html5video.crx[08.12.2010 23:15]
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.seznam.cz/?clid=22668"
"Search Page"="http://www.google.com"
"ICQ Search"="http://www.google.com"
"Search Bar"="https://www.seznam.cz/?clid=22668"
"Use Search Asst"="yes"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}"
"Start Page"="https://www.seznam.cz/?clid=22668"
"Search Bar"="https://www.seznam.cz/?clid=22668"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"ICQ Search"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="https://www.seznam.cz/?clid=22668"
"Use Search Asst"="no"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
==== Reset Google Chrome ======================
C:\Documents and Settings\Honzik\Data aplikací\Opera Software\Opera Stable\Preferences was reset successfully
C:\Documents and Settings\Honzik\Data aplikací\Opera Software\Opera Stable\Web Data was reset successfully
C:\Documents and Settings\Honzik\Data aplikací\Opera Software\Opera Stable\Web Data-journal was reset successfully
==== Empty IE Cache ======================
C:\Documents and Settings\Honzik\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
==== Empty FireFox Cache ======================
C:\Documents and Settings\Honzik\Local Settings\Data aplikací\Mozilla\Firefox\Profiles\52184y9o.default\cache2 emptied successfully
==== Empty Chrome Cache ======================
C:\Documents and Settings\Honzik\Local Settings\Data aplikací\Opera Software\Opera Stable\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=619 folders=48 37584622 bytes)
==== Empty Temp Folders ======================
C:\Documents and Settings\Administrator\Local Settings\temp emptied successfully
C:\Documents and Settings\Default User\Local Settings\Temp emptied successfully
C:\Documents and Settings\Honzik\Local Settings\temp will be emptied at reboot
C:\Documents and Settings\LocalService\Local Settings\temp emptied successfully
C:\Documents and Settings\NetworkService\Local Settings\temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\WINDOWS\Temp successfully emptied
C:\DOCUME~1\Honzik\LOCALS~1\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\RECYCLER successfully emptied
==== Deleting Files / Folders ======================
"C:\Documents and Settings\Honzik\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not found
==== EOF on ne 12.07.2015 at 18:22:03,48 ======================
Tool run by Honzik on ne 12.07.2015 at 18:03:32,93.
Microsoft Windows XP Home Edition 5.1.2600 Service Pack 3 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Documents and Settings\Honzik\Plocha\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
12.7.2015 18:05:01 Zoek.exe System Restore Point Created Successfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
127.0.0.1 localhost
==== Empty Folders Check ======================
C:\Program Files\3DO deleted successfully
C:\Program Files\Eidos deleted successfully
C:\Program Files\Eidos Interactive deleted successfully
C:\Program Files\GRETECH deleted successfully
C:\Program Files\MSXML 4.0 deleted successfully
C:\Program Files\Nokia deleted successfully
C:\Program Files\NuGardt Software deleted successfully
C:\Program Files\Red Storm Entertainment deleted successfully
C:\Program Files\Sierra deleted successfully
C:\Program Files\Subagames deleted successfully
C:\Program Files\Wanadoo Edition deleted successfully
C:\Documents and Settings\All Users\Nabídka Start\Programy\Canon Utilities deleted successfully
C:\Documents and Settings\Honzik\Nabídka Start\Programy\NuGardt Software deleted successfully
C:\Documents and Settings\Honzik\Nabídka Start\Programy\QIP deleted successfully
C:\Documents and Settings\Honzik\Nabídka Start\Programy\TopCD deleted successfully
C:\Documents and Settings\Honzik\Nabídka Start\Programy\Windows Everywhere STEEL deleted successfully
C:\DOCUME~1\ALLUSE~1\DATAAP~1\firebird deleted successfully
C:\DOCUME~1\ALLUSE~1\DATAAP~1\nView_Profiles deleted successfully
C:\DOCUME~1\ALLUSE~1\DATAAP~1\WinZip deleted successfully
C:\Documents and Settings\Honzik\Data aplikací\AdobeUM deleted successfully
C:\Documents and Settings\Honzik\Data aplikací\HLSW deleted successfully
C:\Documents and Settings\Honzik\Data aplikací\Nokia Ovi Suite deleted successfully
C:\Documents and Settings\NetworkService\Data aplikací\Xfire deleted successfully
C:\Documents and Settings\Honzik\Local Settings\Data aplikací\Ashampoo deleted successfully
C:\Documents and Settings\Honzik\Local Settings\Data aplikací\Irrational Games deleted successfully
C:\Documents and Settings\Honzik\Local Settings\Data aplikací\NokiaAccount deleted successfully
C:\Documents and Settings\Honzik\Local Settings\Data aplikací\TS Support deleted successfully
C:\Documents and Settings\Honzik\Local Settings\Data aplikací\WMTools Downloaded Files deleted successfully
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-4169299674-1468450816-3153339792-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{326E768D-4182-46FD-9C16-1449A49795F4} deleted successfully
HKEY_USERS\S-1-5-21-4169299674-1468450816-3153339792-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{593DDEC6-7468-4cdd-90E1-42DADAA222E9} deleted successfully
HKEY_USERS\S-1-5-21-4169299674-1468450816-3153339792-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{68F9551E-0411-48E4-9AAF-4BC42A6A46BE} deleted successfully
HKEY_USERS\S-1-5-21-4169299674-1468450816-3153339792-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully
HKEY_USERS\S-1-5-21-4169299674-1468450816-3153339792-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{92EF2EAD-A7CE-4424-B0DB-499CF856608E} deleted successfully
HKEY_USERS\S-1-5-21-4169299674-1468450816-3153339792-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435b-BC74-9C25C1C588A9} deleted successfully
HKEY_USERS\S-1-5-21-4169299674-1468450816-3153339792-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{326E768D-4182-46FD-9C16-1449A49795F4} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{593DDEC6-7468-4cdd-90E1-42DADAA222E9} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{593DDEC6-7468-4cdd-90E1-42DADAA222E9} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{68F9551E-0411-48E4-9AAF-4BC42A6A46BE} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{68F9551E-0411-48E4-9AAF-4BC42A6A46BE} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{92EF2EAD-A7CE-4424-B0DB-499CF856608E} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{92EF2EAD-A7CE-4424-B0DB-499CF856608E} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} deleted successfully
==== Deleting CLSID Registry Values ======================
HKEY_USERS\S-1-5-21-4169299674-1468450816-3153339792-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} deleted successfully
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Documents and Settings\Honzik\Data aplikací\Mozilla\Firefox\Profiles\52184y9o.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.seznam.cz/");
Added to C:\Documents and Settings\Honzik\Data aplikací\Mozilla\Firefox\Profiles\52184y9o.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
ProfilePath: C:\Documents and Settings\Honzik\Data aplikací\Mozilla\Firefox\Profiles\52184y9o.default
user.js not found
---- FireFox user.js and prefs.js backups ----
prefs_12.07.2015_1815_.backup
==== Deleting Files \ Folders ======================
C:\Program Files\3DO not found
C:\Program Files\Eidos not found
C:\Program Files\Eidos Interactive not found
C:\Program Files\GRETECH not found
C:\Program Files\Nokia not found
C:\Program Files\NuGardt Software not found
C:\Program Files\Red Storm Entertainment not found
C:\Program Files\Sierra not found
C:\Program Files\Subagames not found
C:\Program Files\Wanadoo Edition not found
C:\Program Files\ComPlus Applications deleted
C:\Program Files\WindowsUpdate deleted
C:\Program Files\WhoCrashed deleted
C:\Program Files\Rokario deleted
C:\Program Files\Alawar deleted
C:\Program Files\Sports Interactive deleted
C:\Program Files\BitLord deleted
C:\Program Files\Yahoo! deleted
C:\DOCUME~1\ALLUSE~1\DATAAP~1\AlawarWrapper deleted
C:\DOCUME~1\ALLUSE~1\DATAAP~1\ezsid.dat deleted
C:\DOCUME~1\ALLUSE~1\DATAAP~1\LaunchURL.bat deleted
C:\DOCUME~1\ALLUSE~1\DATAAP~1\ICQ deleted
C:\DOCUME~1\ALLUSE~1\DATAAP~1\InstallMate deleted
C:\WINDOWS\system32\GroupPolicy\Adm deleted
C:\Documents and Settings\Honzik\Data aplikací\Mozilla\Firefox\Profiles\52184y9o.default\ICQToolbarData deleted
C:\Documents and Settings\Honzik\Data aplikací\Mozilla\Firefox\Profiles\52184y9o.default\SweetIMToolbarData deleted
==== Firefox Start and Search pages ======================
ProfilePath: C:\Documents and Settings\Honzik\Data aplikací\Mozilla\Firefox\Profiles\52184y9o.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{20a82645-c095-46ed-80e3-08825760534b}"="c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension" [27.12.2011 22:10]
==== Firefox Extensions ======================
AppDir: C:\Program Files\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
==== Firefox Plugins ======================
Profilepath: C:\Documents and Settings\Honzik\Data aplikací\Mozilla\Firefox\Profiles\52184y9o.default
D33D39A318AEA70691CED7530E2D9DF9 - C:\Program Files\Windows Media Player\npdsplay.dll - Windows Media Player Plug-in Dynamic Link Library
CFBC726A1712BD8DC9914EA06DBCE20B - C:\Program Files\Windows Media Player\npwmsdrm.dll - Microsoft® DRM
7E54D1EC87CE306CB1A26CE59AFE6E37 - C:\Program Files\Windows Media Player\npdrmv2.dll - Microsoft® DRM
90A5192AF9069EE7F8705E12601AE542 - C:\Program Files\Adobe\Reader 9.0\Reader\browser\nppdf32.dll - Adobe Acrobat
08ACECEB47FAF053C468D8AFE44709AD - C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll - Google Update
AB87EEFFD18F2BAAFC274E7075EA6C67 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation
479CB5CBEA7F1CA44B54E7823F78314C - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java(TM) Platform SE 7 U7
96C406EC877EB23BB753E59B776C6BC7 - C:\WINDOWS\system32\npDeployJava1.dll - Java Deployment Toolkit 7.0.70.10
F4D62A129AAEE4A619FCE0C03B15E94C - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll - DivX OVS Helper Plug-in
E2CCA1B3BA59949AE16EC587E89A09BA - C:\WINDOWS\system32\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director
1BFD18699636B8F1AA26675BA43D2F8F - C:\WINDOWS\system32\Adobe\Director\np32dsw_1167637.dll - Shockwave for Director / Shockwave for Director
9F8956BF8C354FCC6E0C416417E5E7ED - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_18_0_0_203.dll - Shockwave Flash
6B47E809D91DF30D028CF4F1B11A6616 - C:\WINDOWS\system32\npptools.dll - Operační systém Microsoft® Windows®
077E850D3A567A00B34858E5D97A6F4C - C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll - ------
FE2353643EBF801ED5596F2B8E3273EC - C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypchub.dll - ------
==== Fake Chromium Profiles Check ======================
Fake profile C:\Documents and Settings\Honzik\Local Settings\Data aplikací\Google\Chrome deleted
==== Chromium Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
fnjbmmemklcjgepojigaapkoodmkgbae - C:\Program Files\DivX\DivX Plus Web Player\google_chrome\wpa\wpa.crx[08.12.2010 23:15]
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[03.10.2014 13:06]
nneajnkjbffgblleaoojgaacokifdkhm - C:\Program Files\DivX\DivX Plus Web Player\google_chrome\html5video\html5video.crx[08.12.2010 23:15]
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.seznam.cz/?clid=22668"
"Search Page"="http://www.google.com"
"ICQ Search"="http://www.google.com"
"Search Bar"="https://www.seznam.cz/?clid=22668"
"Use Search Asst"="yes"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}"
"Start Page"="https://www.seznam.cz/?clid=22668"
"Search Bar"="https://www.seznam.cz/?clid=22668"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"ICQ Search"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="https://www.seznam.cz/?clid=22668"
"Use Search Asst"="no"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
==== Reset Google Chrome ======================
C:\Documents and Settings\Honzik\Data aplikací\Opera Software\Opera Stable\Preferences was reset successfully
C:\Documents and Settings\Honzik\Data aplikací\Opera Software\Opera Stable\Web Data was reset successfully
C:\Documents and Settings\Honzik\Data aplikací\Opera Software\Opera Stable\Web Data-journal was reset successfully
==== Empty IE Cache ======================
C:\Documents and Settings\Honzik\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
==== Empty FireFox Cache ======================
C:\Documents and Settings\Honzik\Local Settings\Data aplikací\Mozilla\Firefox\Profiles\52184y9o.default\cache2 emptied successfully
==== Empty Chrome Cache ======================
C:\Documents and Settings\Honzik\Local Settings\Data aplikací\Opera Software\Opera Stable\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=619 folders=48 37584622 bytes)
==== Empty Temp Folders ======================
C:\Documents and Settings\Administrator\Local Settings\temp emptied successfully
C:\Documents and Settings\Default User\Local Settings\Temp emptied successfully
C:\Documents and Settings\Honzik\Local Settings\temp will be emptied at reboot
C:\Documents and Settings\LocalService\Local Settings\temp emptied successfully
C:\Documents and Settings\NetworkService\Local Settings\temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\WINDOWS\Temp successfully emptied
C:\DOCUME~1\Honzik\LOCALS~1\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\RECYCLER successfully emptied
==== Deleting Files / Folders ======================
"C:\Documents and Settings\Honzik\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not found
==== EOF on ne 12.07.2015 at 18:22:03,48 ======================
Re: Prosím o knotrolu, problém: zamzrnutí PC
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:25:54, on 12.7.2015
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
FIREFOX: 39.0 (x86 cs)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
C:\program files\divx\divx plus web player\ddmservice.exe
C:\program files\daemon tools\daemon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\OSCAR Editor X7\OscarEditor.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\Honzik\Plocha\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [IMSS] "C:\Program Files\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [DivX Download Manager] "c:\program files\divx\divx plus web player\ddmservice.exe" start
O4 - HKLM\..\Run: [DAEMON Tools] "c:\program files\daemon tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [OscarEditor] "C:\Program Files\OSCAR Editor X7\OscarEditor.exe" Minimum
O4 - HKCU\..\Run: [Dropbox Update] "C:\Documents and Settings\Honzik\Local Settings\Data aplikací\Dropbox\Update\DropboxUpdate.exe" /c
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Clip selection - C:\Program Files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3
O8 - Extra context menu item: Clip this page - C:\Program Files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1
O8 - Extra context menu item: Clip URL - C:\Program Files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0
O8 - Extra context menu item: Download with GetRight - C:\Program Files\GetRight\GRdownload.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint - Náhled - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint - Přidat na seznam k tisku - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint - Tisk - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint - Vysokorychlostní tisk - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O8 - Extra context menu item: Nová poznámka - C:\Program Files\Evernote\Evernote\\EvernoteIERes\NewNote.html
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Open with GetRight Browser - C:\Program Files\GetRight\GRbrowse.htm
O9 - Extra button: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra 'Tools' menuitem: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O17 - HKLM\System\CCS\Services\Tcpip\..\{48C3E7D4-42F5-491A-9FF0-BDC622AFD4C2}: NameServer = 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\..\{645A233A-9386-4466-8F2B-A73774C6CB09}: NameServer = 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\..\{B24B0124-61EE-4332-84B3-732C45BE057C}: NameServer = 8.8.8.8
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Futuremark SystemInfo Service - Futuremark Corporation - C:\Program Files\Futuremark\Futuremark SystemInfo\FMSISvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SF FrontLine Drivers Auto Removal (v1) (sfrem01) - Protection Technology (StarForce) - C:\WINDOWS\system32\sfrem01.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Sony Ericsson PCCompanion - Avanquest Software - C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
--
End of file - 10015 bytes
Scan saved at 18:25:54, on 12.7.2015
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
FIREFOX: 39.0 (x86 cs)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
C:\program files\divx\divx plus web player\ddmservice.exe
C:\program files\daemon tools\daemon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\OSCAR Editor X7\OscarEditor.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\Honzik\Plocha\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [IMSS] "C:\Program Files\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [DivX Download Manager] "c:\program files\divx\divx plus web player\ddmservice.exe" start
O4 - HKLM\..\Run: [DAEMON Tools] "c:\program files\daemon tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [OscarEditor] "C:\Program Files\OSCAR Editor X7\OscarEditor.exe" Minimum
O4 - HKCU\..\Run: [Dropbox Update] "C:\Documents and Settings\Honzik\Local Settings\Data aplikací\Dropbox\Update\DropboxUpdate.exe" /c
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Clip selection - C:\Program Files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3
O8 - Extra context menu item: Clip this page - C:\Program Files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1
O8 - Extra context menu item: Clip URL - C:\Program Files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0
O8 - Extra context menu item: Download with GetRight - C:\Program Files\GetRight\GRdownload.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint - Náhled - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint - Přidat na seznam k tisku - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint - Tisk - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint - Vysokorychlostní tisk - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O8 - Extra context menu item: Nová poznámka - C:\Program Files\Evernote\Evernote\\EvernoteIERes\NewNote.html
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Open with GetRight Browser - C:\Program Files\GetRight\GRbrowse.htm
O9 - Extra button: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra 'Tools' menuitem: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O17 - HKLM\System\CCS\Services\Tcpip\..\{48C3E7D4-42F5-491A-9FF0-BDC622AFD4C2}: NameServer = 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\..\{645A233A-9386-4466-8F2B-A73774C6CB09}: NameServer = 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\..\{B24B0124-61EE-4332-84B3-732C45BE057C}: NameServer = 8.8.8.8
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Futuremark SystemInfo Service - Futuremark Corporation - C:\Program Files\Futuremark\Futuremark SystemInfo\FMSISvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SF FrontLine Drivers Auto Removal (v1) (sfrem01) - Protection Technology (StarForce) - C:\WINDOWS\system32\sfrem01.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Sony Ericsson PCCompanion - Avanquest Software - C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
--
End of file - 10015 bytes
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 71 hostů