Prosím o kontrolu logu

[Apofys]

zoek



Zoek.exe v5.0.0.1 Updated 30-09-2015
Tool run by Apofys on p  02.10.2015 at 13:16:14,45.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Apofys\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

2.10.2015 13:16:50 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\Program Files\AVAST Software deleted successfully
C:\Program Files\MSXML 4.0 deleted successfully
C:\Program Files\Common Files\AV deleted successfully
C:\Program Files\Common Files\LogiShrd deleted successfully
C:\Program Files\Common Files\Symantec Shared deleted successfully
C:\PROGRA~2\ProductData deleted successfully
C:\PROGRA~2\{BAF091CA-86C4-4627-ADA1-897E2621C1B0} deleted successfully
C:\Users\Apofys\AppData\Roaming\MPC-HC deleted successfully
C:\Users\Apofys\AppData\Roaming\Opera Software deleted successfully
C:\Users\Apofys\AppData\Roaming\WinRAR deleted successfully
C:\Users\Apofys\AppData\Local\GHISLER deleted successfully
C:\Users\Apofys\AppData\Local\MigWiz deleted successfully
C:\Users\Apofys\AppData\Local\Opera Software deleted successfully
C:\Users\Ramses\AppData\Local\VirtualStore deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3206859196-215122838-69302338-1000\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AvastVBoxSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\AvastVBoxSvc deleted successfully

==== FireFox Fix ======================

Deleted from C:\Users\Apofys\AppData\Roaming\Mozilla\Firefox\Profiles\27qi2t1v.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com/");
user_pref("browser.search.suggest.enabled", false);
user_pref("browser.search.useDBForOrder", true);

Added to C:\Users\Apofys\AppData\Roaming\Mozilla\Firefox\Profiles\27qi2t1v.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\Apofys\AppData\Roaming\Mozilla\Firefox\Profiles\27qi2t1v.default

user.js not found
---- Lines surfing removed from prefs.js ----
user_pref("extensions.xpiState", "{\"app-profile\":{\"iobitascsurfingprotection@iobit.com\":{\"d\":\"C:\\\\Users\\\\Apofys\\\\AppData\\\\Roaming\\\\Mo
---- Lines surfing modified from prefs.js ----

user_pref("extensions.enabledAddons", "iobitascsurfingprotection%40iobit.com:2.0,%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:40.0.3");
---- FireFox user.js and prefs.js backups ----

prefs_02.10.2015_1326_.backup

==== Deleting Files \ Folders ======================

C:\Program Files\AVAST Software not found
C:\PROGRA~2\{BAF091CA-86C4-4627-ADA1-897E2621C1B0} not found
C:\Users\Apofys\AppData\Roaming\Mozilla\Firefox\Profiles\27qi2t1v.default\extensions\iobitascsurfingprotection@iobit.com not found
C:\Users\Apofys\AppData\Roaming\ProductData deleted
C:\PROGRA~2\BSD deleted
C:\PROGRA~2\Package Cache deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\Apofys\AppData\Roaming\Mozilla\Firefox\Profiles\27qi2t1v.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions ======================

AppDir: C:\Program Files\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Apofys\AppData\Roaming\Mozilla\Firefox\Profiles\27qi2t1v.default
0A1788EE70EF444DABA1E958092F4B85 - C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll - Adobe Acrobat
7D127425BBE91DF37448A7F44C1DDA52 - C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll - Google Update
0A7CFC4EE9CC3206B1DC522FCB8C3DB1 - c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll - Silverlight Plug-In
FE5E10A1775D5B0EE862DBF3BC1283D3 - C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll - Java(TM) Platform SE 8 U60
41E59AEE190362FD0D6EF71DE5DCE427 - C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 8.0.600.27
1A62BB86D17B8DC0D4339BACC8D60635 - C:\Windows\system32\Macromed\Flash\NPSWF32_19_0_0_185.dll - Shockwave Flash
0B8378EA70622A6F3EC50CC4AF62764C - c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrlui.dll - Microsoft® Silverlight


==== Fake Chromium Profiles Check ======================

Fake profile C:\Users\Ramses\AppData\Local\Google\Chrome deleted

==== Chromium Look ======================

Google Chrome Version: 45.0.2454.101


FAskin - Apofys\AppData\Local\Google\Chrome\User Data\Default\Extensions\ackgoahjjkmdaidhemlmggdkmjigjind

==== Chromium Fix ======================

C:\Users\Apofys\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage deleted successfully
C:\Users\Apofys\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage deleted successfully
C:\Users\Apofys\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbkeegbaiigmenfmjfclcdgdpimamgkj deleted successfully
C:\Users\Apofys\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gbkeegbaiigmenfmjfclcdgdpimamgkj_0.localstorage deleted successfully
C:\Users\Apofys\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gbkeegbaiigmenfmjfclcdgdpimamgkj deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.seznam.cz/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{E733165D-CBCF-4FDA-883E-ADEF965B476C}"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.seznam.cz/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{E733165D-CBCF-4FDA-883E-ADEF965B476C} Google Url="http://www.istartsurf.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=ST980825AS_5MH0YFDNXXXX5MH0YFDN&ts=1434587158&type=default&q={searchTerms}"

==== Reset Google Chrome ======================

C:\Users\Apofys\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Apofys\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Apofys\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Empty IE Cache ======================

C:\Users\Apofys\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Apofys\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\Apofys\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=843 folders=252 21582871 bytes)

==== Empty Temp Folders ======================

C:\Users\Apofys\AppData\Local\temp will be emptied at reboot
C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Default User\AppData\Local\temp emptied successfully
C:\Users\Ramses\AppData\Local\temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Apofys\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Apofys\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

==== EOF on p  02.10.2015 at 13:29:30,73 ======================

[Reklama]

[Apofys]

hjt


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:29:40, on 2.10.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.18969)

FIREFOX: 40.0.3 (x86 cs)
Boot mode: Normal

Running processes:
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Intel\AMT\atchk.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\GWX\GWX.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\IObit\IObit Uninstaller\UninstallMonitor.exe
C:\Users\Apofys\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [atchk] "C:\Program Files\Intel\AMT\atchk.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [Advanced SystemCare 8] "C:\Program Files\IObit\Advanced SystemCare 8\ASCTray.exe" /Auto
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O23 - Service: ADATA ToolBox Service - Unknown owner - C:\Program Files\ADATA\SSD ToolBox\ToolBoxSvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 8 (AdvancedSystemCareService8) - IObit - C:\Program Files\IObit\Advanced SystemCare 8\ASCService.exe
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Andrea Electronics Corporation - C:\Windows\system32\AEADISRV.EXE
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Intel(R) Active Management Technology System Status Service (atchksrv) - Intel Corporation - C:\Program Files\Intel\AMT\atchksrv.exe
O23 - Service: Bluetooth Driver Management Service (BcmBtRSupport) - Broadcom Corporation. - C:\Windows\system32\BtwRSupportService.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard Company - C:\Windows\system32\Hpservice.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files\Hp\Common\HPSupportSolutionsFrameworkService.exe
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Intel(R) Active Management Technology Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\AMT\LMS.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Intel(R) Active Management Technology User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\AMT\UNS.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 5552 bytes

[Apofys]

U některých programů už ta chyba ''Instrukce na adrese....odkazovala...'' nevyskakuje,ale hned po startu systému pořád a třeba i u blbého Soliteru a dalších programů

[Orcus]

Zkusíme ověřit, jestli jsou systémové soubory OK. Postupuj podle návodu zde:
https://support.microsoft.com/en-us/kb/929833

Pokud nepomůže, stáhni si Memtest:

Do políčka vlož největší velikost Tvé jednotlivé paměti RAM (256,512 nebo 1024,2048) dej Start , nech nejméně 2h běžet , pokud bude po 2h stále 0 errors , jsou v pořádku. Zobrazí-li se hlášení o omezení free verze. Spusť memtest tolikrát, kolikrát bude nutné pro zaplnění celé operační paměti.

====================================================

Je třeba zkontrolovat HDD na chyby , zkusit jeho defragmentaci ..

Stáhni si CrystalDiskInfo
Spusť program a klikni na Úpravy-Kopírovat. Poté sem vlož pomocí Ctrl+V obsah logu.

Nemáš málo volného místa na disku?