uStart Page = hxxp://www.seznam.cz/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105
Trusted Zone: local.sinstalator.cz
Trusted Zone: local.sinstalator.cz\PACS
TCP: DhcpNameServer = 8.8.8.8 176.62.225.2
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2017-01-05 22:43
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-583907252-2052111302-682003330-1004\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(1840)
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.24210.0_x-ww_0869468e\MSVCP140.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.24210.0_x-ww_0869468e\VCRUNTIME140.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.24210.0_x-ww_0869468e\api-ms-win-crt-runtime-l1-1-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.24210.0_x-ww_0869468e\ucrtbase.DLL
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.24210.0_x-ww_0869468e\api-ms-win-core-string-l1-1-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.24210.0_x-ww_0869468e\api-ms-win-core-errorhandling-l1-1-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.24210.0_x-ww_0869468e\api-ms-win-core-timezone-l1-1-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.24210.0_x-ww_0869468e\api-ms-win-core-file-l1-1-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.24210.0_x-ww_0869468e\api-ms-win-core-namedpipe-l1-1-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.24210.0_x-ww_0869468e\api-ms-win-core-handle-l1-1-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.24210.0_x-ww_0869468e\api-ms-win-core-file-l2-1-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.24210.0_x-ww_0869468e\api-ms-win-core-heap-l1-1-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.24210.0_x-ww_0869468e\api-ms-win-core-libraryloader-l1-1-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.24210.0_x-ww_0869468e\api-ms-win-core-synch-l1-1-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.24210.0_x-ww_0869468e\api-ms-win-core-processthreads-l1-1-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.24210.0_x-ww_0869468e\api-ms-win-core-processenvironment-l1-1-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.24210.0_x-ww_0869468e\api-ms-win-core-datetime-l1-1-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.24210.0_x-ww_0869468e\api-ms-win-core-localization-l1-2-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.24210.0_x-ww_0869468e\api-ms-win-core-sysinfo-l1-1-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.24210.0_x-ww_0869468e\api-ms-win-core-synch-l1-2-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.24210.0_x-ww_0869468e\api-ms-win-core-console-l1-1-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.24210.0_x-ww_0869468e\api-ms-win-core-debug-l1-1-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.24210.0_x-ww_0869468e\api-ms-win-core-processthreads-l1-1-1.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.24210.0_x-ww_0869468e\api-ms-win-core-file-l1-2-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.24210.0_x-ww_0869468e\api-ms-win-core-profile-l1-1-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.24210.0_x-ww_0869468e\api-ms-win-core-memory-l1-1-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.24210.0_x-ww_0869468e\api-ms-win-core-util-l1-1-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.24210.0_x-ww_0869468e\api-ms-win-core-rtlsupport-l1-1-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.24210.0_x-ww_0869468e\api-ms-win-core-interlocked-l1-1-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.24210.0_x-ww_0869468e\api-ms-win-crt-string-l1-1-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.24210.0_x-ww_0869468e\api-ms-win-crt-heap-l1-1-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.24210.0_x-ww_0869468e\api-ms-win-crt-stdio-l1-1-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.24210.0_x-ww_0869468e\api-ms-win-crt-convert-l1-1-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.24210.0_x-ww_0869468e\api-ms-win-crt-locale-l1-1-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.24210.0_x-ww_0869468e\api-ms-win-crt-math-l1-1-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.24210.0_x-ww_0869468e\api-ms-win-crt-multibyte-l1-1-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.24210.0_x-ww_0869468e\api-ms-win-crt-time-l1-1-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.24210.0_x-ww_0869468e\api-ms-win-crt-filesystem-l1-1-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.24210.0_x-ww_0869468e\api-ms-win-crt-environment-l1-1-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.24210.0_x-ww_0869468e\api-ms-win-crt-utility-l1-1-0.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files\Java\jre7\bin\jqs.exe
c:\program files\Windows Media Player\WMPNetwk.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\mHotkey.exe
c:\windows\system32\rundll32.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Celkový čas: 2017-01-05 22:50:07 - počítač byl restartován
ComboFix-quarantined-files.txt 2017-01-05 21:50
.
Před spuštěním: Volných bajtů: 10 787 815 424
Po spuštění: Volných bajtů: 10 558 025 728
.
- - End Of File - - 4C7A3CF74C996D3E56658C11F77C2DE0
413FC2A0C716421B3158746D63736515
Prosím o kontrolu logu pomalé P.C. Vyřešeno
Re: Prosím o kontrolu logu pomalé P.C.
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 22:56:57, on 5.1.2017
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\mHotkey.exe
C:\Program Files\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\Pocitac\Local Settings\Data aplikací\Yandex\YandexBrowser\Application\browser.exe
C:\Documents and Settings\Pocitac\Local Settings\Data aplikací\Yandex\YandexBrowser\Application\browser.exe
C:\Documents and Settings\Pocitac\Local Settings\Data aplikací\Yandex\YandexBrowser\Application\browser.exe
C:\Documents and Settings\Pocitac\Local Settings\Data aplikací\Yandex\YandexBrowser\Application\browser.exe
C:\Documents and Settings\Pocitac\Local Settings\Data aplikací\Yandex\YandexBrowser\Application\browser.exe
C:\Documents and Settings\Pocitac\Local Settings\Data aplikací\Yandex\YandexBrowser\Application\browser.exe
C:\Documents and Settings\Pocitac\Plocha\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &S-Rank - {B71B15CF-3093-459C-B764-AEB2486F2273} - C:\Program Files\Seznam\Postak\SRank.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iSkysoft Helper Compact.exe] C:\Program Files\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O17 - HKLM\System\CS4\Services\Tcpip\..\{4EDD5666-F1CF-4B44-8AB1-164AD5906384}: NameServer = 10.254.254.254,10.254.254.253
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: LVSrvLauncher - Labtec Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
--
End of file - 6547 bytes
Scan saved at 22:56:57, on 5.1.2017
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\mHotkey.exe
C:\Program Files\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\Pocitac\Local Settings\Data aplikací\Yandex\YandexBrowser\Application\browser.exe
C:\Documents and Settings\Pocitac\Local Settings\Data aplikací\Yandex\YandexBrowser\Application\browser.exe
C:\Documents and Settings\Pocitac\Local Settings\Data aplikací\Yandex\YandexBrowser\Application\browser.exe
C:\Documents and Settings\Pocitac\Local Settings\Data aplikací\Yandex\YandexBrowser\Application\browser.exe
C:\Documents and Settings\Pocitac\Local Settings\Data aplikací\Yandex\YandexBrowser\Application\browser.exe
C:\Documents and Settings\Pocitac\Local Settings\Data aplikací\Yandex\YandexBrowser\Application\browser.exe
C:\Documents and Settings\Pocitac\Plocha\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &S-Rank - {B71B15CF-3093-459C-B764-AEB2486F2273} - C:\Program Files\Seznam\Postak\SRank.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iSkysoft Helper Compact.exe] C:\Program Files\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O17 - HKLM\System\CS4\Services\Tcpip\..\{4EDD5666-F1CF-4B44-8AB1-164AD5906384}: NameServer = 10.254.254.254,10.254.254.253
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: LVSrvLauncher - Labtec Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
--
End of file - 6547 bytes
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43294
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu pomalé P.C.
Yandex používáš?
ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall
Vyčisti systém CCleanerem
Stáhni si OTC
na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.
co problémy?
ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall
Vyčisti systém CCleanerem
Stáhni si OTC
na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.
co problémy?
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Prosím o kontrolu logu pomalé P.C.
Yandex používám, je v tom nějaký problém? Dost se to zlepšilo,ale od takto starého P.C. nemůžu čekat zázraky.Jinak moc dík za rady. 
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43294
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu pomalé P.C. Vyřešeno
Jo Yandex už dnes není nebezpečný , jako dřív.
Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.
Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 121 hostů