Samovolné otvíraní nových karet v prohl. pls kontrola logu

Zpráva

rewkon · #1 Příspěvek od **rewkon** » 15 led 2015 10:58

Ahoj mám problém ,že od včerejšího večera se my v prohlížeči otvírají samovolně nové karty z reklamami bohužel log se my nevejde píše my to Vaše zpráva obsahuje 308519 znaků. Maximální povolený počet znaků je 100000.tak přikládám link na soubor z logem na mém google drive.

Kód: Vybrat vše

https://drive.google.com/file/d/0B1wy3odwYO9ZaW1MMzFhM29MelE/view?usp=sharing

#2 Příspěvek od **vyosek** » 15 led 2015 11:33

Zdravim

Davejte prosim logy primo do textu prispevku

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

Ulozte nejlepe na plochu
Ukoncete vsechny programy
Po spusteni probehne stazeni databaze
Kliknete na Scan a nasledne Clean
Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize

Kód: Vybrat vše

autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;

Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

rewkon · #3 Příspěvek od **rewkon** » 15 led 2015 11:43

# AdwCleaner v4.107 - Report created 15/01/2015 at 11:41:16
# Updated 07/01/2015 by Xplode
# Database : 2015-01-13.2 [Live]
# Operating System : Windows 8.1 (64 bits)
# Username : Antonín - REWKON
# Running from : C:\Users\Antonín\Desktop\adwcleaner_4.107.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : globalUpdate
[#] Service Deleted : globalUpdatem

***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files (x86)\globalUpdate
Folder Deleted : C:\Program Files (x86)\GoHD
Folder Deleted : C:\Users\ANTONN~1\AppData\Local\Temp\Techgile
Folder Deleted : C:\Users\Antonín\AppData\Local\globalUpdate
Folder Deleted : C:\Users\Antonín\AppData\LocalLow\GoHD
Folder Deleted : C:\Users\Antonín\AppData\Roaming\Systweak
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Users\Antonín\Desktop\Live PC Help.lnk
File Deleted : C:\Users\Antonín\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\Antonín\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
File Deleted : C:\Users\Antonín\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage
File Deleted : C:\Users\Antonín\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage-journal
File Deleted : C:\Users\Antonín\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage-journal

***** [ Scheduled Tasks ] *****

Task Deleted : globalUpdateUpdateTaskMachineCore
Task Deleted : globalUpdateUpdateTaskMachineUA
Task Deleted : e8b662a2-3fa9-4496-a53e-679a9e48d761-1
Task Deleted : e8b662a2-3fa9-4496-a53e-679a9e48d761-10_user
Task Deleted : e8b662a2-3fa9-4496-a53e-679a9e48d761-2
Task Deleted : e8b662a2-3fa9-4496-a53e-679a9e48d761-5
Task Deleted : e8b662a2-3fa9-4496-a53e-679a9e48d761-5_user
Task Deleted : e8b662a2-3fa9-4496-a53e-679a9e48d761-6
Task Deleted : e8b662a2-3fa9-4496-a53e-679a9e48d761-7

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611211180}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622212280}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655215580}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666216680}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440644214480}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611211180}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110611211180}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{41a36c7a-d2be-46db-a05e-7071b4e6ae90}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{77ee12e6-abd5-4ebb-946d-a2ba15a4f61f}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{902e14f7-8fab-401e-a93e-e15088e1e15c}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{bf5621fd-302f-4e3c-b332-921f8d3d7893}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611211180}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622212280}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655215580}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666216680}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611211180}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{41a36c7a-d2be-46db-a05e-7071b4e6ae90}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{77ee12e6-abd5-4ebb-946d-a2ba15a4f61f}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{902e14f7-8fab-401e-a93e-e15088e1e15c}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{bf5621fd-302f-4e3c-b332-921f8d3d7893}
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\systweak
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\GoHD
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : HKLM\SOFTWARE\Solvusoft
Key Deleted : HKLM\SOFTWARE\systweak
Key Deleted : HKLM\SOFTWARE\GoHD
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\GoHD
Key Deleted : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17416

-\\ Google Chrome v39.0.2171.99

*************************

AdwCleaner[R0].txt - [10214 octets] - [15/01/2015 11:39:33]
AdwCleaner[S0].txt - [9840 octets] - [15/01/2015 11:41:16]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [9900 octets] ##########

#4 Příspěvek od **vyosek** » 15 led 2015 11:47

Pokracujte Zoekem

rewkon · #5 Příspěvek od **rewkon** » 15 led 2015 11:56

Zoek.exe v5.0.0.0 Updated 14-01-2015
Tool run by Antonˇn on źt 15. 01. 2015 at 11:44:44,07.
Microsoft Windows 8.1 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\ANTONN~1\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

15. 1. 2015 11:45:32 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\LucasArts deleted successfully
C:\PROGRA~2\COMMON~1\Blizzard Entertainment deleted successfully
C:\Users\ANTONN~1\AppData\Local\PackageStaging deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1354042257-2116675355-2068397925-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{15C9486C-9608-4A7A-A26A-8174AA31D17A} deleted successfully
HKEY_USERS\S-1-5-21-1354042257-2116675355-2068397925-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{18E5F555-9E7B-4B13-A4A5-E207D709C50} deleted successfully
HKEY_USERS\S-1-5-21-1354042257-2116675355-2068397925-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3CF4ED08-5FA6-43C3-B85F-8EDEC79A9271} deleted successfully
HKEY_USERS\S-1-5-21-1354042257-2116675355-2068397925-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3E3FA239-9C6A-4646-B53A-C77080CF8C22} deleted successfully
HKEY_USERS\S-1-5-21-1354042257-2116675355-2068397925-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{41a36c7a-d2be-46db-a05e-7071b4e6ae90} deleted successfully
HKEY_USERS\S-1-5-21-1354042257-2116675355-2068397925-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{60139410-4B44-4CFC-9A34-4D57E76EBE90} deleted successfully
HKEY_USERS\S-1-5-21-1354042257-2116675355-2068397925-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{77ee12e6-abd5-4ebb-946d-a2ba15a4f61f} deleted successfully
HKEY_USERS\S-1-5-21-1354042257-2116675355-2068397925-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8431D4A2-7628-45EB-A16E-B62AE36CF96D} deleted successfully
HKEY_USERS\S-1-5-21-1354042257-2116675355-2068397925-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{902e14f7-8fab-401e-a93e-e15088e1e15c} deleted successfully
HKEY_USERS\S-1-5-21-1354042257-2116675355-2068397925-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{bf5621fd-302f-4e3c-b332-921f8d3d7893} deleted successfully
HKEY_USERS\S-1-5-21-1354042257-2116675355-2068397925-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CB0EBF96-8E87-40F8-9EED-62117B38985E} deleted successfully
HKEY_USERS\S-1-5-21-1354042257-2116675355-2068397925-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FE1D5BC5-5FC7-4953-9B47-F368A76A287C} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== Deleting Files \ Folders ======================

C:\PROGRA~2\3be28eb9-9748-435c-9464-d5f4dba7cf66 deleted
C:\PROGRA~3\Package Cache deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted

==== Chromium Look ======================

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
lmjegmlicamnimmfhcmpkclmigmmcbeh - No path found[]

Seznam LiĹˇtiÄŤka - Email - ANTONN~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig
Seznam LiĹˇtiÄŤka - SlovnĂk - ANTONN~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd
Google Drive App Launcher - ANTONN~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh
Seznam LiĹˇtiÄŤka - RychlĂˇ volba - ANTONN~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"

==== Reset Google Chrome ======================

C:\Users\ANTONN~1\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\ANTONN~1\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\ANTONN~1\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\ANTONN~1\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\ANTONN~1\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\ANTONN~1\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\ANTONN~1\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=39 folders=44 42574696 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\ANTONN~1\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\ANTONN~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\MpCmdRun.log" not found

==== EOF on źt 15. 01. 2015 at 11:56:20,38 ======================

#6 Příspěvek od **vyosek** » 15 led 2015 12:11

Poprosim o FRST http://forum.viry.cz/viewtopic.php?f=13&t=133100

rewkon · #7 Příspěvek od **rewkon** » 15 led 2015 12:23

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-01-2015
Ran by Antonín (administrator) on REWKON on 15-01-2015 12:15:52
Running from C:\Users\Antonín\Desktop
Loaded Profiles: Antonín (Available profiles: Antonín)
Platform: Windows 8.1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
() C:\Program Files (x86)\Bloody5\Bloody5\Bloody5.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(ATI Technologies Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(forum.viry.cz) C:\Users\Antonín\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13671640 2014-04-10] (Realtek Semiconductor)
HKLM\...\Run: [Cm106Sound] => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cm106.dll,CMICtrlWnd
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55568 2014-12-08] (Raptr, Inc)
HKU\S-1-5-21-1354042257-2116675355-2068397925-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30521952 2014-11-24] (Skype Technologies S.A.)
HKU\S-1-5-21-1354042257-2116675355-2068397925-1002\...\Run: [Spotify] => C:\Users\Antonín\AppData\Roaming\Spotify\spotify.exe [6737976 2014-12-13] (Spotify Ltd)
HKU\S-1-5-21-1354042257-2116675355-2068397925-1002\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3618648 2014-12-18] (Electronic Arts)
HKU\S-1-5-21-1354042257-2116675355-2068397925-1002\...\Run: [Spotify Web Helper] => C:\Users\Antonín\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-13] (Spotify Ltd)
HKU\S-1-5-21-1354042257-2116675355-2068397925-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7063832 2014-11-21] (Piriform Ltd)
HKU\S-1-5-21-1354042257-2116675355-2068397925-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1940160 2014-11-18] (Valve Corporation)
HKU\S-1-5-21-1354042257-2116675355-2068397925-1002\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-1354042257-2116675355-2068397925-1002\...\Run: [Bloody2] => C:\Program Files (x86)\Bloody5\Bloody5\Bloody5.exe [15806976 2014-12-02] ()
HKU\S-1-5-21-1354042257-2116675355-2068397925-1002\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23308616 2014-12-22] (Google)
HKU\S-1-5-21-1354042257-2116675355-2068397925-1002\...\RunOnce: [Adobe Speed Launcher] => 1421319413

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1354042257-2116675355-2068397925-1002 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1214154.dll (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.google.com/", "hxxp://www.msn.com/?pc=UP21&ocid=UP21DHP&dt=030213", "hxxp://www.google.com"
CHR Profile: C:\Users\Antonín\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Antonín\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-02]
CHR Extension: (Dokumenty Google) - C:\Users\Antonín\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-02]
CHR Extension: (Disk Google) - C:\Users\Antonín\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-02]
CHR Extension: (Seznam Lištička - Email) - C:\Users\Antonín\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2014-12-02]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\Antonín\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2014-12-02]
CHR Extension: (YouTube) - C:\Users\Antonín\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-02]
CHR Extension: (Vyhledávání Google) - C:\Users\Antonín\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-02]
CHR Extension: (Tabulky Google) - C:\Users\Antonín\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-02]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Antonín\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-01-15]
CHR Extension: (Kontrola e-mailu Google) - C:\Users\Antonín\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2014-12-02]
CHR Extension: (Peněženka Google) - C:\Users\Antonín\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-02]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\Antonín\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2014-12-02]
CHR Extension: (Gmail) - C:\Users\Antonín\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-02]
CHR HKU\S-1-5-21-1354042257-2116675355-2068397925-1002\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - No Path

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-11-20] (Advanced Micro Devices, Inc.) [File not signed]
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1903472 2014-12-18] (Electronic Arts)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)

rewkon · #8 Příspěvek od **rewkon** » 15 led 2015 12:27

Log z firstu nevleze se do prispevku

FRST.rar: Log First cely; (49.69 KiB) Staženo 44 x

#9 Příspěvek od **vyosek** » 15 led 2015 13:58

Tvorba fixlistu pro FRST

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKU\S-1-5-21-1354042257-2116675355-2068397925-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30521952 2014-11-24] (Skype Technologies S.A.)
HKU\S-1-5-21-1354042257-2116675355-2068397925-1002\...\Run: [Spotify] => C:\Users\Antonín\AppData\Roaming\Spotify\spotify.exe [6737976 2014-12-13] (Spotify Ltd)
HKU\S-1-5-21-1354042257-2116675355-2068397925-1002\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3618648 2014-12-18] (Electronic Arts)
HKU\S-1-5-21-1354042257-2116675355-2068397925-1002\...\Run: [Spotify Web Helper] => C:\Users\Antonín\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-13] (Spotify Ltd)
HKU\S-1-5-21-1354042257-2116675355-2068397925-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1940160 2014-11-18] (Valve Corporation)
HKU\S-1-5-21-1354042257-2116675355-2068397925-1002\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-1354042257-2116675355-2068397925-1002\...\Run: [Bloody2] => C:\Program Files (x86)\Bloody5\Bloody5\Bloody5.exe [15806976 2014-12-02] ()
HKU\S-1-5-21-1354042257-2116675355-2068397925-1002\...\RunOnce: [Adobe Speed Launcher] => 1421319413

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

CHR HKU\S-1-5-21-1354042257-2116675355-2068397925-1002\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - No Path
CHR StartupUrls: Default -> "hxxp://www.google.com/", "hxxp://www.msn.com/?pc=UP21&ocid=UP21DHP&dt=030213", "hxxp://www.google.com"

2015-01-15 12:15 - 2015-01-15 12:16 - 00012447 _____ () C:\Users\Antonín\Desktop\FRST.txt
2015-01-15 12:14 - 2015-01-15 12:14 - 00112640 _____ (forum.viry.cz) C:\Users\Antonín\Downloads\Nepotvrzeno 885522.crdownload
2015-01-15 12:14 - 2015-01-15 12:14 - 00112640 _____ (forum.viry.cz) C:\Users\Antonín\Desktop\FRSTLauncher.exe
2015-01-15 11:55 - 2015-01-15 11:44 - 00024064 _____ () C:\Windows\zoek-delete.exe
2015-01-15 11:45 - 2015-01-15 11:56 - 00008243 _____ () C:\zoek-results.log
2015-01-15 11:44 - 2015-01-15 11:53 - 00000000 ____D () C:\zoek_backup
2015-01-15 11:44 - 2015-01-15 11:44 - 01295360 _____ () C:\Users\Antonín\Desktop\zoek.exe
2015-01-15 11:43 - 2015-01-15 11:43 - 00010020 _____ () C:\Users\Antonín\Desktop\AdwCleaner[S0].txt
2015-01-15 11:39 - 2015-01-15 11:41 - 00000000 ____D () C:\AdwCleaner
2015-01-15 11:38 - 2015-01-15 11:38 - 02191360 _____ () C:\Users\Antonín\Desktop\adwcleaner_4.107 (1).exe
2015-01-15 11:37 - 2015-01-15 11:37 - 02191360 _____ () C:\Users\Antonín\Desktop\adwcleaner_4.107.exe
2015-01-15 10:20 - 2015-01-15 10:33 - 00000000 ____D () C:\Program Files\trend micro
2015-01-15 10:20 - 2015-01-15 10:21 - 00000000 ____D () C:\rsit
2015-01-15 10:20 - 2015-01-15 10:20 - 01222144 _____ () C:\Users\Antonín\Downloads\RSITx64.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Hosts:
EmptyTemp:
Reboot:
End

Ulozte vytvoreny TXT jako fixlist.txt
Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

Kliknete na Fix
Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

rewkon · #10 Příspěvek od **rewkon** » 15 led 2015 15:03

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 15-01-2015
Ran by Antonín at 2015-01-15 14:58:44 Run:1
Running from C:\Users\Antonín\Desktop
Loaded Profiles: Antonín (Available profiles: Antonín)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKU\S-1-5-21-1354042257-2116675355-2068397925-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30521952 2014-11-24] (Skype Technologies S.A.)
HKU\S-1-5-21-1354042257-2116675355-2068397925-1002\...\Run: [Spotify] => C:\Users\Antonín\AppData\Roaming\Spotify\spotify.exe [6737976 2014-12-13] (Spotify Ltd)
HKU\S-1-5-21-1354042257-2116675355-2068397925-1002\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3618648 2014-12-18] (Electronic Arts)
HKU\S-1-5-21-1354042257-2116675355-2068397925-1002\...\Run: [Spotify Web Helper] => C:\Users\Antonín\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-13] (Spotify Ltd)
HKU\S-1-5-21-1354042257-2116675355-2068397925-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1940160 2014-11-18] (Valve Corporation)
HKU\S-1-5-21-1354042257-2116675355-2068397925-1002\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-1354042257-2116675355-2068397925-1002\...\Run: [Bloody2] => C:\Program Files (x86)\Bloody5\Bloody5\Bloody5.exe [15806976 2014-12-02] ()
HKU\S-1-5-21-1354042257-2116675355-2068397925-1002\...\RunOnce: [Adobe Speed Launcher] => 1421319413

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

CHR HKU\S-1-5-21-1354042257-2116675355-2068397925-1002\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - No Path
CHR StartupUrls: Default -> "hxxp://www.google.com/", "hxxp://www.msn.com/?pc=UP21&ocid=UP21DHP&dt=030213", "hxxp://www.google.com"

2015-01-15 12:15 - 2015-01-15 12:16 - 00012447 _____ () C:\Users\Antonín\Desktop\FRST.txt
2015-01-15 12:14 - 2015-01-15 12:14 - 00112640 _____ (forum.viry.cz) C:\Users\Antonín\Downloads\Nepotvrzeno 885522.crdownload
2015-01-15 12:14 - 2015-01-15 12:14 - 00112640 _____ (forum.viry.cz) C:\Users\Antonín\Desktop\FRSTLauncher.exe
2015-01-15 11:55 - 2015-01-15 11:44 - 00024064 _____ () C:\Windows\zoek-delete.exe
2015-01-15 11:45 - 2015-01-15 11:56 - 00008243 _____ () C:\zoek-results.log
2015-01-15 11:44 - 2015-01-15 11:53 - 00000000 ____D () C:\zoek_backup
2015-01-15 11:44 - 2015-01-15 11:44 - 01295360 _____ () C:\Users\Antonín\Desktop\zoek.exe
2015-01-15 11:43 - 2015-01-15 11:43 - 00010020 _____ () C:\Users\Antonín\Desktop\AdwCleaner[S0].txt
2015-01-15 11:39 - 2015-01-15 11:41 - 00000000 ____D () C:\AdwCleaner
2015-01-15 11:38 - 2015-01-15 11:38 - 02191360 _____ () C:\Users\Antonín\Desktop\adwcleaner_4.107 (1).exe
2015-01-15 11:37 - 2015-01-15 11:37 - 02191360 _____ () C:\Users\Antonín\Desktop\adwcleaner_4.107.exe
2015-01-15 10:20 - 2015-01-15 10:33 - 00000000 ____D () C:\Program Files\trend micro
2015-01-15 10:20 - 2015-01-15 10:21 - 00000000 ____D () C:\rsit
2015-01-15 10:20 - 2015-01-15 10:20 - 01222144 _____ () C:\Users\Antonín\Downloads\RSITx64.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value deleted successfully.
HKU\S-1-5-21-1354042257-2116675355-2068397925-1002\Software\Microsoft\Windows\CurrentVersion\Run\\Skype => value deleted successfully.
HKU\S-1-5-21-1354042257-2116675355-2068397925-1002\Software\Microsoft\Windows\CurrentVersion\Run\\Spotify => value deleted successfully.
HKU\S-1-5-21-1354042257-2116675355-2068397925-1002\Software\Microsoft\Windows\CurrentVersion\Run\\EADM => value deleted successfully.
HKU\S-1-5-21-1354042257-2116675355-2068397925-1002\Software\Microsoft\Windows\CurrentVersion\Run\\Spotify Web Helper => value deleted successfully.
HKU\S-1-5-21-1354042257-2116675355-2068397925-1002\Software\Microsoft\Windows\CurrentVersion\Run\\Steam => value deleted successfully.
HKU\S-1-5-21-1354042257-2116675355-2068397925-1002\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => value deleted successfully.
HKU\S-1-5-21-1354042257-2116675355-2068397925-1002\Software\Microsoft\Windows\CurrentVersion\Run\\Bloody2 => value deleted successfully.
HKU\S-1-5-21-1354042257-2116675355-2068397925-1002\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Adobe Speed Launcher => value deleted successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKU\S-1-5-21-1354042257-2116675355-2068397925-1002\SOFTWARE\Google\Chrome\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh" => Key deleted successfully.
Chrome StartupUrls deleted successfully.
C:\Users\Antonín\Desktop\FRST.txt => Moved successfully.
"C:\Users\Antonín\Downloads\Nepotvrzeno 885522.crdownload" => File/Directory not found.
C:\Users\Antonín\Desktop\FRSTLauncher.exe => Moved successfully.
C:\Windows\zoek-delete.exe => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\Antonín\Desktop\zoek.exe => Moved successfully.
C:\Users\Antonín\Desktop\AdwCleaner[S0].txt => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Users\Antonín\Desktop\adwcleaner_4.107 (1).exe => Moved successfully.
C:\Users\Antonín\Desktop\adwcleaner_4.107.exe => Moved successfully.
C:\Program Files\trend micro => Moved successfully.
C:\rsit => Moved successfully.
C:\Users\Antonín\Downloads\RSITx64.exe => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 519.9 MB temporary data.

The system needed a reboot.

==== End of Fixlog 14:59:08 ====

#11 Příspěvek od **vyosek** » 15 led 2015 15:12

Tak jeste uklidime

DelFix https://toolslib.net/downloads/finish/2/

Stahnete a spustte
Ponechte zatrzitkou pouze u volby Remote disinfection tools
Kliknete na Run

Stahnete Ccleaner https://www.piriform.com/ccleaner/download/standard
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

rewkon · #12 Příspěvek od **rewkon** » 15 led 2015 15:15

Děkuji za vaši práci vše v pořádku

#13 Příspěvek od **vyosek** » 15 led 2015 15:21

Nemate zac, rad jsem pomohl

Zase nekdy Obrázek

A na zaklade Pravidla o zamykani temat

VIRY.CZ

Samovolné otvíraní nových karet v prohl. pls kontrola logu

Samovolné otvíraní nových karet v prohl. pls kontrola logu

Re: Samovolné otvíraní nových karet v prohl. pls kontrola lo

Re: Samovolné otvíraní nových karet v prohl. pls kontrola lo

Re: Samovolné otvíraní nových karet v prohl. pls kontrola lo

Re: Samovolné otvíraní nových karet v prohl. pls kontrola lo

Re: Samovolné otvíraní nových karet v prohl. pls kontrola lo

Re: Samovolné otvíraní nových karet v prohl. pls kontrola lo

Re: Samovolné otvíraní nových karet v prohl. pls kontrola lo

Re: Samovolné otvíraní nových karet v prohl. pls kontrola lo

Re: Samovolné otvíraní nových karet v prohl. pls kontrola lo

Re: Samovolné otvíraní nových karet v prohl. pls kontrola lo

Re: Samovolné otvíraní nových karet v prohl. pls kontrola lo

Re: Samovolné otvíraní nových karet v prohl. pls kontrola lo