Prosím pomoc :-(

[vyosek]

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Kliknete na Scan a nasledne Clean
• Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

[snnoop]

# AdwCleaner v3.022 - Report created 18/03/2014 at 21:22:45
# Updated 13/03/2014 by Xplode
# Operating System : Windows 7 Ultimate (32 bits)
# Username : big - BIG-BIG-PC
# Running from : C:\Users\big\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : CltMngSvc

***** [ Files / Folders ] *****

Folder Deleted : C:\Users\big\AppData\Local\SearchProtect
File Deleted : C:\Users\big\AppData\Roaming\Mozilla\Firefox\Profiles\g8a46teo.default\searchplugins\conduit-search.xml

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKCU\Software\WEDLMNGR
Key Deleted : HKLM\Software\Driver-Soft
Key Deleted : HKLM\Software\SearchProtect

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16540

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v27.0.1 (cs)

[ File : C:\Users\big\AppData\Roaming\Mozilla\Firefox\Profiles\g8a46teo.default\prefs.js ]

Line Deleted : user_pref("browser.newtab.url", "hxxp://www.trovigo.com/?gd=&ctid=CT3314759&oct ... 57F3D343F5");
Line Deleted : user_pref("extensions.crossrider.bic", "144d22975d426a7e734eb64afc328d33");

*************************

AdwCleaner[R0].txt - [1686 octets] - [18/03/2014 21:21:35]
AdwCleaner[S0].txt - [1494 octets] - [18/03/2014 21:22:45]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1554 octets] ##########

[snnoop]

Něco dělám,ale vůbec netuším co,jste opravdy moc chytrej to zírám a ještě malinká otázka čím to bylo nebo stále je?

[vyosek]

Pomalu ale jiste likvidujeme tu sbirku trojskych koniku co si tam chovate

Spustte znovu OTL

• Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
• Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

• Kód: Vybrat vše

  :otl
  SRV - [2014.03.03 14:32:36 | 002,454,816 | ---- | M] (Conduit) [Auto | Running] -- C:\Program Files\SearchProtect\Main\bin\CltMngSvc.exe -- (CltMngSvc)
  IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
  IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
  IE - HKU\S-1-5-21-776073097-1473087821-1952639389-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.trovigo.com/?gd=&ctid=CT3314 ... 43F5&SSPV=
  IE - HKU\S-1-5-21-776073097-1473087821-1952639389-1001\..\SearchScopes,DefaultScope =
  IE - HKU\S-1-5-21-776073097-1473087821-1952639389-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
  [2014.03.18 13:07:58 | 000,347,599 | ---- | M] () (No name found) -- C:\Users\big\AppData\Roaming\Mozilla\Firefox\Profiles\g8a46teo.default\extensions\translator@dontfollowme.net.xpi
  [2014.03.18 13:06:54 | 000,060,307 | ---- | M] () (No name found) -- C:\Users\big\AppData\Roaming\Mozilla\Firefox\Profiles\g8a46teo.default\extensions\translator@zoli.bod.xpi
  [2014.03.18 08:27:01 | 000,000,980 | ---- | M] () -- C:\Users\big\AppData\Roaming\Mozilla\Firefox\Profiles\g8a46teo.default\searchplugins\conduit-search.xml
  O4 - HKU\S-1-5-21-776073097-1473087821-1952639389-1001..\Run: [8e3bc91142bd8d798a10a1667ae4d2be] "C:\Users\big\AppData\Local\Temp\Skype.exe" .. File not found
  O13 - gopher Prefix: missing
  O20 - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - File not found
  O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
  [2014.03.18 17:42:05 | 000,000,000 | ---D | C] -- C:\UsbFix
  [2014.03.18 17:41:40 | 001,144,875 | ---- | C] (El Desaparecido - SosVirus.net) -- C:\Users\big\Desktop\UsbFix.exe
  [2014.03.18 17:14:02 | 010,285,040 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\big\Desktop\mbam-setup-1.75.0.1300.exe
  [2 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
  [1 C:\Windows\SoftwareDistribution\Download\2347e1c1efb91df2d1b80df333ec27b3\*.tmp files -> C:\Windows\SoftwareDistribution\Download\2347e1c1efb91df2d1b80df333ec27b3\*.tmp -> ]
  [2014.03.18 13:37:40 | 000,206,336 | ---- | M] () -- C:\Users\big\AppData\Roaming\Flashmedia\drvgenipro.exe
  [2014.03.18 13:37:51 | 014,107,008 | ---- | M] (Driver-Soft Inc. ) -- C:\Users\big\AppData\Roaming\Flashmedia\drvgenpro.exe
  
  :reg
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^big^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^8e3bc91142bd8d798a10a1667ae4d2be.exe]
  [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  "Adobe ARM"=-
  [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
  ""=-
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
  "AppInit_DLLs"=""
  
  :files
  C:\PROGRA~1\SearchProtect
  C:\Users\big\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\8e3bc91142bd8d798a10a1667ae4d2be.exe
  %windir%\system32\*.tmp.dll /s
  %windir%\system32\SET*.tmp /s
  %windir%\*.tmp
  
  :commands
  [RESETHOSTS]
  [EMPTYTEMP]
  [EMPTYFLASH]
  [EMPTYJAVA]

• Nasledne kliknete na Opravit
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

[snnoop]

All processes killed
========== OTL ==========
Error: No service named CltMngSvc was found to stop!
Service\Driver key CltMngSvc not found.
File C:\Program Files\SearchProtect\Main\bin\CltMngSvc.exe not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKU\S-1-5-21-776073097-1473087821-1952639389-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKEY_USERS\S-1-5-21-776073097-1473087821-1952639389-1001\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-776073097-1473087821-1952639389-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
C:\Users\big\AppData\Roaming\Mozilla\Firefox\Profiles\g8a46teo.default\extensions\translator@dontfollowme.net.xpi moved successfully.
C:\Users\big\AppData\Roaming\Mozilla\Firefox\Profiles\g8a46teo.default\extensions\translator@zoli.bod.xpi moved successfully.
File C:\Users\big\AppData\Roaming\Mozilla\Firefox\Profiles\g8a46teo.default\searchplugins\conduit-search.xml not found.
Registry value HKEY_USERS\S-1-5-21-776073097-1473087821-1952639389-1001\Software\Microsoft\Windows\CurrentVersion\Run\\8e3bc91142bd8d798a10a1667ae4d2be not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
C:\UsbFix\Tools folder moved successfully.
C:\UsbFix\Res folder moved successfully.
C:\UsbFix folder moved successfully.
C:\Users\big\Desktop\UsbFix.exe moved successfully.
File C:\Users\big\Desktop\mbam-setup-1.75.0.1300.exe not found.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5E64.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP72D1.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP8545.tmp folder deleted successfully.
C:\Windows\SoftwareDistribution\Download\2347e1c1efb91df2d1b80df333ec27b3\BIT905C.tmp deleted successfully.
C:\Users\big\AppData\Roaming\Flashmedia\drvgenipro.exe moved successfully.
C:\Users\big\AppData\Roaming\Flashmedia\drvgenpro.exe moved successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^big^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^8e3bc91142bd8d798a10a1667ae4d2be.exe\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce\\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\"AppInit_DLLs"|"" /E : value set successfully!
========== FILES ==========
File\Folder C:\PROGRA~1\SearchProtect not found.
File\Folder C:\Users\big\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\8e3bc91142bd8d798a10a1667ae4d2be.exe not found.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: big
->Temp folder emptied: 1034002 bytes
->Temporary Internet Files folder emptied: 11492104 bytes
->FireFox cache emptied: 389120571 bytes
->Flash cache emptied: 37089 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 5606304 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 388,00 mb


[EMPTYFLASH]

User: All Users

User: big
->Flash cache emptied: 0 bytes

User: Default

User: Default User

User: Public

Total Flash Files Cleaned = 0,00 mb


[EMPTYJAVA]

User: All Users

User: big

User: Default

User: Default User

User: Public

Total Java Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 03192014_112205

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

[vyosek]

Tak jeste uklidime

T-Cleaner http://vyosek.tym.cz/pro_usery/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stahnete a spustte
• Kliknete na CleanUp a potvrdte YES
• Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse