Kontrola logu

[Rudy]

Můžete ještě zkusit tyto skeny:

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize

autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;

Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.

a

2. Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.

[Madmaxik]

Zoek.exe v5.0.0.1 Updated 31-December-2015
Tool run by ASUS on p  08.01.2016 at 13:19:30,65.
Microsoft Windows 7 Professional 6.1.7600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\ASUS\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

8.1.2016 13:21:42 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\AGEIA Technologies deleted successfully
C:\PROGRA~2\dumps deleted successfully
C:\PROGRA~2\Empire Interactive deleted successfully
C:\PROGRA~2\Malwarebytes' Anti-Malware deleted successfully
C:\PROGRA~2\Origin Games deleted successfully
C:\PROGRA~2\Rockstar Games deleted successfully
C:\PROGRA~2\Seznam.cz deleted successfully
C:\Program Files\3do deleted successfully
C:\Program Files\stinger deleted successfully
C:\PROGRA~3\Freemake deleted successfully
C:\PROGRA~3\VMware deleted successfully
C:\Users\ASUS\AppData\Roaming\Publish Providers deleted successfully
C:\Users\ASUS\AppData\Roaming\The Complete Genealogy Reporter - FTB deleted successfully
C:\Users\ASUS\AppData\Roaming\vegas120 deleted successfully
C:\Users\ASUS\AppData\Roaming\VMware deleted successfully
C:\Users\ASUS\AppData\Roaming\WebTest deleted successfully
C:\Users\ASUS\AppData\Local\HockeyCrashes deleted successfully
C:\Users\ASUS\AppData\Local\Opera Software deleted successfully
C:\Users\ASUS\AppData\Local\screenSHU deleted successfully
C:\Users\ASUS\AppData\Local\Skype deleted successfully
C:\Users\ASUS\AppData\Local\vegas120 deleted successfully
C:\Users\ASUS\AppData\Local\VMware deleted successfully
C:\Users\ASUS\AppData\Local\WarThunder deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-14876253-2174864908-1153771479-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F4E39681-15F8-4fda-B8A3-B5C98378F2F3} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-14876253-2174864908-1153771479-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{9D717F81-9148-4F12-8568-69135F087DB0} deleted successfully
HKEY_USERS\S-1-5-21-14876253-2174864908-1153771479-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{FEB703F7-E7B2-4AB0-9566-87658AC70095} deleted successfully
HKEY_USERS\S-1-5-21-14876253-2174864908-1153771479-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED} deleted successfully
HKEY_USERS\S-1-5-21-14876253-2174864908-1153771479-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{D77AA852-DEF3-43CB-A3F5-BD679DE72F32} deleted successfully
HKEY_USERS\S-1-5-21-14876253-2174864908-1153771479-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{7F6AFBF1-E065-4627-A2FD-810366367D01} deleted successfully
HKEY_USERS\S-1-5-21-14876253-2174864908-1153771479-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115} deleted successfully

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ihpmServer deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\ihpmServer deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SSFK deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\SSFK deleted successfully

==== FireFox Fix ======================

Deleted from C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\o0iq5tvy.default-1451762606166\prefs.js:
user_pref("browser.startup.homepage", "https://www.google.cz/");

Added to C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\o0iq5tvy.default-1451762606166\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command]
@="C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe"

==== Deleting Files \ Folders ======================

C:\PROGRA~2\AGEIA Technologies not found
C:\PROGRA~2\dumps not found
C:\PROGRA~2\Empire Interactive not found
C:\PROGRA~2\Origin Games not found
C:\PROGRA~2\Rockstar Games not found
C:\PROGRA~2\Seznam.cz not found
C:\Users\ASUS\AppData\Local\Rockstar Games deleted
C:\PROGRA~2\CoolPreviews deleted
C:\PROGRA~2\ScreenshotCaptor deleted
C:\Users\ASUS\AppData\Roaming\.technic deleted
C:\Users\ASUS\.android deleted
C:\PROGRA~2\Prison Architect (2015) deleted
C:\PROGRA~2\Lavasoft\Web Companion deleted
C:\PROGRA~2\SFK deleted
C:\PROGRA~2\RayDld deleted
C:\Users\ASUS\RichMedia deleted
C:\Users\ASUS\AppData\Roaming\Lavasoft\Web Companion deleted
C:\Users\ASUS\AppData\Roaming\dlg deleted
C:\Users\ASUS\AppData\Roaming\Radiocom deleted
C:\Users\ASUS\AppData\Roaming\istartpageing deleted
C:\Users\ASUS\AppData\Roaming\bitlord_log.txt deleted
C:\PROGRA~3\Lavasoft\Web Companion deleted
C:\PROGRA~3\InstallMate deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\ASUS\AppData\Local\richmediaplayer.exe deleted
C:\Users\ASUS\AppData\Local\Radiocom deleted
C:\Users\ASUS\AppData\Local\Unity deleted
C:\Users\ASUS\AppData\Local\cache deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\lavasoft\WebCompanion deleted
C:\Users\ASUS\AppData\LocalLow\Unity deleted
C:\Users\ASUS\AppData\LocalLow\{CF303D72-6D85-FE01-D840-84A2E0028C5C} deleted
C:\windows\SysNative\GroupPolicy\User deleted
"C:\Users\ASUS\AppData\Roaming\Tunngle\Local.key" deleted
"C:\Users\ASUS\AppData\Roaming\Tunngle\Local.pub" deleted
"C:\Users\ASUS\AppData\Roaming\Tunngle" deleted

==== Orphaned Tasks deleted from Registry ======================

GoogleUpdateTaskUserS-1-5-21-14876253-2174864908-1153771479-1000Core deleted
GoogleUpdateTaskUserS-1-5-21-14876253-2174864908-1153771479-1000UA1cffed1d56c97a0 deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\o0iq5tvy.default-1451762606166
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{4ED1F68A-5463-4931-9384-8FFF5ED91D92}"="C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi" [29.12.2015 12:20]
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{4ED1F68A-5463-4931-9384-8FFF5ED91D92}"="C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi" [29.12.2015 12:20]

==== Firefox Extensions ======================

ProfilePath: C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\o0iq5tvy.default-1451762606166
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\o0iq5tvy.default-1451762606166
66640A55AEFF3819C94E0A8D40D7E0AD - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll - Shockwave for Director / Shockwave for Director
70858ED7836E5C849D33576A84DC8CCF - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_267.dll - Shockwave Flash
3D1497F3F1A344FFB733CE616BB9096D - C:\Users\ASUS\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll - Google Update
3CD19649B2C3023D65E67C056457A2BC - C:\Users\ASUS\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin
20FF20FBC1F20ADEC0AD6AF98ABE9545 - C:\Users\ASUS\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll - Google Talk Plugin
57D28190C994AD5E9B1007FB2259393A - C:\Users\ASUS\AppData\Roaming\Mozilla\plugins\npo1d.dll - Google Talk Plugin Video Renderer


==== Fake Chromium Profiles Check ======================

Fake profile C:\Users\Administrator\AppData\Local\Google\Chrome deleted
Fake profile C:\Users\Administrator\AppData\Local\Google\Chrome SxS deleted
Fake profile C:\Users\Administrator\AppData\Local\Comodo\Dragon deleted
Fake profile C:\Users\ASUS\AppData\Local\Google\Chrome SxS deleted
Fake profile C:\Users\ASUS\AppData\Local\Comodo\Dragon deleted
Fake profile C:\Users\Guest\AppData\Local\Google\Chrome deleted
Fake profile C:\Users\Guest\AppData\Local\Google\Chrome SxS deleted
Fake profile C:\Users\Guest\AppData\Local\Comodo\Dragon deleted
Fake profile C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome deleted
Fake profile C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS deleted
Fake profile C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon deleted
Fake profile C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome deleted

==== Chromium Look ======================

Google Chrome Version: 46.0.2490.86

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
agbnjankikoaabjkmfbaceggjliabkbn - C:\Program Files (x86)\SafeKey\lpchrome.crx[12.05.2015 20:20]
fheoggkfdfchfphceeifdbepaooicaho - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx[30.12.2015 10:20]

McAfee SafeKey - ASUS\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\agbnjankikoaabjkmfbaceggjliabkbn
Block site - ASUS\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eiimnmioipafcokbfikbljfdeojpcgbh
SiteAdvisor - ASUS\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fheoggkfdfchfphceeifdbepaooicaho
AdBlock - ASUS\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom
Fauxbar - ASUS\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hibkhcnpkakjniplpfblaoikiggkopka

==== Chromium Fix ======================

C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_adserver.adtech.de_0.localstorage deleted successfully
C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_adserver.adtech.de_0.localstorage-journal deleted successfully
C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hibkhcnpkakjniplpfblaoikiggkopka deleted successfully
C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\chrome-extension_hibkhcnpkakjniplpfblaoikiggkopka_0.localstorage deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\fi]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\se]
@="http://search.seznam.cz/?sourceid=quicksearch_6826&q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\vi]
@="http://videa.seznam.cz/?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\zb]
@="http://www.zbozi.cz/?sourceid=quicksearch_6826&q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
HKCU\SearchScopes\336BA1E31746976CE02925DFC6A576AB - http://www.firmy.cz/phr/{searchTerms}
HKCU\SearchScopes\C5CB985FF69E77AC59DFA498183C1F22 - http://search.seznam.cz/?sourceid=quick ... earchTerms}
HKCU\SearchScopes\D84C3123F2B6ACBB78F22BC8EC239907 - http://www.zbozi.cz/?sourceid=quicksear ... earchTerms}
HKCU\SearchScopes\EC3137DE46CC63347618104662BE60A9 - http://videa.seznam.cz/?q={searchTerms}
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
HKCU\SearchScopes\{1B3880A0-E137-48C3-BF06-E07388B68D7F} - http://www.mapy.cz/?query={searchTerms} ... arch_16194
HKCU\SearchScopes\{CD753BAD-9B12-42D2-A4B0-29AECA459366} - http://tv.seznam.cz/hledej?w={searchTer ... arch_16194

==== Reset Google Chrome ======================

C:\Users\ASUS\AppData\Local\Chromium\User Data\Default\Preferences was reset successfully
C:\Users\ASUS\AppData\Local\Chromium\User Data\Default\Preferences_20141111155354.backup was reset successfully
C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Preferences.bad was reset successfully
C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Preferences.lpbak was reset successfully
C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Preferences_20141111155354.backup was reset successfully
C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Profile 1\Preferences was reset successfully
C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Profile 1\Secure Preferences was reset successfully
C:\Users\ASUS\AppData\Local\Chromium\User Data\Default\Web Data was reset successfully
C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal.protect was reset successfully
C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Web Data.protect was reset successfully
C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Profile 1\Web Data was reset successfully
C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Profile 1\Web Data-journal was reset successfully

==== shortcuts on Users Desktops ======================

C:\Users\ASUS\Desktop\screenSHU.lnk - C:\Program Files (x86)\screenSHU\screenSHU.exe
C:\Users\ASUS\Desktop\µTorrent.lnk -
C:\Users\ASUS\Desktop\blbosti na ploše\Acrobat Reader DC.lnk -
C:\Users\ASUS\Desktop\blbosti na ploše\Balabolka.lnk -
C:\Users\ASUS\Desktop\blbosti na ploše\Defraggler.lnk -
C:\Users\ASUS\Desktop\blbosti na ploše\GeForce Experience.lnk -
C:\Users\ASUS\Desktop\blbosti na ploše\HP LJ M125126 Scan.lnk -
C:\Users\ASUS\Desktop\blbosti na ploše\McAfee LiveSafe – Internet Security.lnk -
C:\Users\ASUS\Desktop\blbosti na ploše\MozBackup.lnk -
C:\Users\ASUS\Desktop\blbosti na ploše\PRO100.lnk -
C:\Users\ASUS\Desktop\blbosti na ploše\RealPlayer.lnk -
C:\Users\ASUS\Desktop\blbosti na ploše\Recuva.lnk -
C:\Users\ASUS\Desktop\blbosti na ploše\VLC media player.lnk -
C:\Users\ASUS\Desktop\blbosti na ploše\WinX Free AVI to WMV Converter.lnk -
C:\Users\ASUS\Desktop\Jane\FOTKY\FOTKY mobil\webcam-toy-fotka2.lnk - C:\Users\ASUS\Desktop\Kája\Foto\webcam-toy-fotka2 (4).jpg
C:\Users\ASUS\Desktop\Jane\RODOKMEN\MyHeritage Family Tree Builder.lnk - C:\Program Files (x86)\MyHeritage\Bin\MyHeritage.exe
C:\Users\ASUS\Desktop\Jane\RODOKMEN\Stažené soubory.lnk -
C:\Users\ASUS\Desktop\Jane\škola\WORD\Životopis.lnk -
C:\Users\ASUS\Desktop\Kája\Hry\Counter-Strike 1.6.lnk -
C:\Users\ASUS\Desktop\Kája\Hry\Ford Racing 2.lnk -
C:\Users\ASUS\Desktop\Kája\Hry\Golden Land.lnk -
C:\Users\ASUS\Desktop\Kája\Hry\Half-Life.lnk -
C:\Users\ASUS\Desktop\Kája\Hry\League of Legends.lnk -
C:\Users\ASUS\Desktop\Kája\Hry\Pirate Galaxy.lnk -
C:\Users\ASUS\Desktop\Kája\Hry\Play League of Legends.lnk -
C:\Users\ASUS\Desktop\Kája\Hry\Prison Architect (2015).lnk -
C:\Users\ASUS\Desktop\Kája\Hry\Risen.lnk -
C:\Users\ASUS\Desktop\Kája\Hry\WarThunder.lnk -
C:\Users\ASUS\Desktop\Kája\Hry\Civilization V - Brave New World\Config.ini.lnk -
C:\Users\ASUS\Desktop\Kája\Hry\Civilization V - Brave New World\Logs.lnk -
C:\Users\ASUS\Desktop\Kája\Hry\Civilization V - Brave New World\Saves.lnk -
C:\Users\UpdatusUser\Desktop\Golden Land.lnk - C:\Program Files\Golden Land\GoldenLand.exe

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\BlueStacks.lnk - C:\ProgramData\BlueStacksGameManager\BlueStacks.exe
C:\Users\Public\Desktop\Borderlands 2 GOTY.lnk - C:\Program Files (x86)\Borderlands 2 GOTY\Binaries\Win32\Borderlands2.exe
C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files (x86)\CCleaner\CCleaner.exe
C:\Users\Public\Desktop\DAEMON Tools Lite.lnk - C:\Program Files\DAEMON Tools Lite\DTLauncher.exe
C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.piesearch.com/?type=sc&ts=14 ... 1a73088649
C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe http://www.piesearch.com/?type=sc&ts=14 ... 1a73088649
C:\Users\Public\Desktop\Skype.lnk - C:\Windows\Installer\{FC965A47-4839-40CA-B618-18F486F042C6}\SkypeIcon.exe
C:\Users\Public\Desktop\Steam.lnk - C:\Program Files (x86)\Steam\Steam.exe

==== shortcuts in Users Start Menu ======================

C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\BlueStacks.lnk - C:\ProgramData\BlueStacksGameManager\BlueStacks.exe
C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk - C:\Program Files\Internet Explorer\iexplore.exe http://www.yoursites123.com/?type=sc&ts ... J9BS902010
C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.yoursites123.com/?type=sc&ts ... J9BS902010
C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\screenSHU.lnk - C:\Program Files (x86)\screenSHU\screenSHU.exe
C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.yoursites123.com/?type=sc&ts ... J9BS902010
C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pirate Galaxy\Pirate Galaxy.lnk - C:\Users\ASUS\AppData\Roaming\Splitscreen Studios\Pirate Galaxy\Launcher.exe http://www.yoursites123.com/?type=sc&ts ... J9BS902010
C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder\WarThunder.lnk - C:\Program Files (x86)\WarThunder\launcher.exe http://www.istartpageing.com/?type=sc&t ... j9bs902010

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk - C:\Windows\Installer\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}\SC_Reader.ico
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe http://www.piesearch.com/?type=sc&ts=14 ... 1a73088649
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip\7-Zip File Manager.lnk - C:\Program Files\7-Zip\7zFM.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip\7-Zip Help.lnk - C:\Program Files\7-Zip\7-zip.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Andy\HandyAndy.lnk - C:\Program Files\Andy\HandyAndy.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Andy\Start Andy.lnk - C:\Program Files\Andy\HandyAndy.exe startandy
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Borderlands 2 GOTY\Borderlands 2 GOTY.lnk - C:\Program Files (x86)\Borderlands 2 GOTY\Binaries\Win32\Borderlands2.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Borderlands 2 GOTY\Odinstalovat Borderlands 2 GOTY.lnk - C:\Program Files (x86)\Borderlands 2 GOTY\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite\DAEMON Tools Lite.lnk - C:\Program Files\DAEMON Tools Lite\DTLauncher.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.piesearch.com/?type=sc&ts=14 ... 1a73088649
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hry\Banished\Banished.lnk - C:\Program Files (x86)\Hry\Banished\Application-x32.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hry\Banished\Uninstall Banished.lnk - C:\Program Files (x86)\Hry\Banished\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee\McAfee LiveSafe – Internet Security.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk - C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\Silverlight.Configuration.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prison Architect (2015)\Prison Architect (2015).lnk - C:\Program Files (x86)\Prison Architect (2015)\Prison Architect.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prison Architect (2015)\Uninstall Prison Architect (2015).lnk - C:\Program Files (x86)\Prison Architect (2015)\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks\RealDownloader.lnk - C:\Windows\Installer\{692AC224-5A8F-4F71-B539-5145190C0A60}\recordingmanager.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks\RealPlayer (RealTimes).lnk - C:\program files (x86)\real\realplayer\realplay.exe /launch:start_menu
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks\RealPlayer Converter.lnk - C:\Program Files (x86)\Real\RealPlayer\realconverter.exe /launch:start_menu
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks\RealPlayer Trimmer.lnk - C:\Program Files (x86)\Real\RealPlayer\realtrimmer.exe /launch:start_menu
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks\RealPlayer.lnk - C:\Program Files (x86)\Real\RealPlayer\realplay.exe /launch:start_menu
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype\Skype.lnk - C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealTimes.lnk - C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpsystray.exe

==== shortcuts in Quick Launch ======================

C:\Users\ASUS\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\ASUS\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.yoursites123.com/?type=sc&ts ... J9BS902010
C:\Users\ASUS\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk - C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE /recycle
C:\Users\ASUS\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Pirate Galaxy.lnk - C:\Users\ASUS\AppData\Roaming\Splitscreen Studios\Pirate Galaxy\Launcher.exe http://www.yoursites123.com/?type=sc&ts ... J9BS902010
C:\Users\ASUS\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Rich Media Player.lnk - C:\Users\ASUS\AppData\Local\Rich Media Player\rmplayer.exe
C:\Users\ASUS\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\ASUS\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\ASUS\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk -
C:\Users\ASUS\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.piesearch.com/?type=sc&ts=14 ... 1a73088649
C:\Users\ASUS\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\Windows\system32\control.exe
C:\Users\ASUS\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Calculator.lnk - C:\Windows\system32\calc.exe
C:\Users\ASUS\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Microsoft Office Excel 2007.lnk - C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
C:\Users\ASUS\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Microsoft Office Word 2007.lnk - C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
C:\Users\ASUS\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\ASUS\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe http://www.piesearch.com/?type=sc&ts=14 ... 1a73088649
C:\Users\ASUS\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\screenSHU.lnk - C:\Program Files (x86)\screenSHU\screenSHU.exe
C:\Users\ASUS\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe
C:\Users\ASUS\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\µTorrent.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

==== shortcuts After Repair ======================

C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe -extoff
C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pirate Galaxy\Pirate Galaxy.lnk - C:\Users\ASUS\AppData\Roaming\Splitscreen Studios\Pirate Galaxy\Launcher.exe
C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder\WarThunder.lnk - C:\Program Files (x86)\WarThunder\launcher.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\ASUS\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\ASUS\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Pirate Galaxy.lnk - C:\Users\ASUS\AppData\Roaming\Splitscreen Studios\Pirate Galaxy\Launcher.exe
C:\Users\ASUS\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\ASUS\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\71b52d8f-3a92-4217-ba82-f473735071f7 deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\e3a0c6a6-8c4d-4be5-916a-a7308a40801f deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Policies\Chromium deleted successfully
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\UnityWebPlayer deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5A11EF83-9E0A-4B5C-8D2F-1FF9551A5E8C} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\istartpageing deleted successfully
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\38FE11A5A0E9C5B4D8F2F19F55A1E5C8 deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Users\ASUS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\ASUS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Users\ASUS\AppData\Local\Mozilla\Firefox\Profiles\o0iq5tvy.default-1451762606166\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Profile 1\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=13361 folders=1988 2943514396 bytes)

==== Empty Temp Folders ======================

C:\Users\Administrator\AppData\Local\temp emptied successfully
C:\Users\ASUS\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Default User\AppData\Local\temp emptied successfully
C:\Users\Guest\AppData\Local\temp emptied successfully
C:\Users\HomeGroupUser$\AppData\Local\temp emptied successfully
C:\Users\Public\AppData\Local\temp emptied successfully
C:\Users\UpdatusUser\AppData\Local\temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\ASUS\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Users\ASUS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" deleted
"C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" deleted
"C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted

==== EOF on p  08.01.2016 at 14:22:50,09 ======================




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.2 (01.06.2016)
Operating System: Windows 7 Professional x64
Ran by ASUS (Administrator) on st 13.01.2016 at 9:27:32,70
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 5

Successfully deleted: C:\Users\ASUS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4QWTDEYD (Folder)
Successfully deleted: C:\Users\ASUS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B1A3YN4K (Folder)
Successfully deleted: C:\Users\ASUS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JG9VZ3L5 (Folder)
Successfully deleted: C:\Users\ASUS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V2PWLKXX (Folder)
Successfully deleted: C:\Users\ASUS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WJTT6VQZ (Folder)



Registry: 0





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on st 13.01.2016 at 9:32:14,82
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[Rudy]

Změnilo se něco nyní?

[Madmaxik]

Podle mě to je OK.
Klidně můžete dát lock.
Děkuji za pomoc.

[Rudy]

Rádo se stalo!