Prosil bych o kontrolu logu

[ondli]

Stáhnul jsem si nějaký bordel a každou chvilku mi v prohlížeči vyskočí reklama nebo banner...

zde mám log.
http://leteckaposta.cz/383030241


Velmi děkuji za pomoc...

[Rudy]

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

[ondli]

Omlouvám se za delší prodlevu...

tady je log... vypadá prázdný... ale reklamy stáje vyskakují...

# AdwCleaner v5.036 - Logfile created 26/02/2016 at 16:20:10
# Updated 22/02/2016 by Xplode
# Database : 2016-02-24.1 [Server]
# Operating system : Windows 7 Professional Service Pack 1 (x64)
# Username : hornettlon - HORNETTLON-PC
# Running from : C:\Users\hornettlon\Desktop\adwcleaner_5.036.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****


***** [ Files ] *****


***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****


***** [ Web browsers ] *****


*************************

:: "Tracing" keys removed
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [1908 bytes] - [23/02/2016 21:47:34]
C:\AdwCleaner\AdwCleaner[C2].txt - [1762 bytes] - [24/02/2016 21:58:39]
C:\AdwCleaner\AdwCleaner[C3].txt - [1451 bytes] - [24/02/2016 22:04:46]
C:\AdwCleaner\AdwCleaner[C4].txt - [1598 bytes] - [25/02/2016 17:28:55]
C:\AdwCleaner\AdwCleaner[C5].txt - [1018 bytes] - [26/02/2016 16:20:10]
C:\AdwCleaner\AdwCleaner[S1].txt - [1762 bytes] - [22/02/2016 21:57:16]
C:\AdwCleaner\AdwCleaner[S2].txt - [1671 bytes] - [23/02/2016 21:37:30]
C:\AdwCleaner\AdwCleaner[S3].txt - [1122 bytes] - [23/02/2016 22:07:34]
C:\AdwCleaner\AdwCleaner[S4].txt - [1649 bytes] - [24/02/2016 21:54:07]
C:\AdwCleaner\AdwCleaner[S5].txt - [1281 bytes] - [24/02/2016 22:02:17]
C:\AdwCleaner\AdwCleaner[S6].txt - [1427 bytes] - [25/02/2016 17:26:57]
C:\AdwCleaner\AdwCleaner[S7].txt - [1516 bytes] - [25/02/2016 22:58:44]
C:\AdwCleaner\AdwCleaner[S8].txt - [1589 bytes] - [26/02/2016 16:19:16]

########## EOF - C:\AdwCleaner\AdwCleaner[C5].txt - [1675 bytes] ##########

[Rudy]

Toto je OK. Otevřte poznámkový blok a zkopírujte do něj:

Start
HKU\S-1-5-21-1079278214-4177205842-2949168543-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1079278214-4177205842-2949168543-1000\...\MountPoints2: {812379e1-da07-11e5-8c5e-806e6f6e6963} - G:\Lenovo_Suite.exe
HKU\S-1-5-21-1079278214-4177205842-2949168543-1000\...\MountPoints2: {81237a0d-da07-11e5-8c5e-d8cb8a6ebe52} - G:\Lenovo_Suite.exe
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
SearchScopes: HKU\S-1-5-21-1079278214-4177205842-2949168543-1000 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-1079278214-4177205842-2949168543-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-02-06] (Google Inc.)
C:\Program Files (x86)\Google\Google Toolbar
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-02-06] (Google Inc.)
Toolbar: HKU\S-1-5-21-1079278214-4177205842-2949168543-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-02-06] (Google Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Users\hornettlon\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Users\hornettlon\AppData\Local\Temp
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[ondli]

Fix result of Farbar Recovery Scan Tool (x64) Version:24-02-2016
Ran by hornettlon (2016-02-26 20:01:00) Run:2
Running from C:\Users\hornettlon\Desktop
Loaded Profiles: hornettlon (Available Profiles: hornettlon)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKU\S-1-5-21-1079278214-4177205842-2949168543-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1079278214-4177205842-2949168543-1000\...\MountPoints2: {812379e1-da07-11e5-8c5e-806e6f6e6963} - G:\Lenovo_Suite.exe
HKU\S-1-5-21-1079278214-4177205842-2949168543-1000\...\MountPoints2: {81237a0d-da07-11e5-8c5e-d8cb8a6ebe52} - G:\Lenovo_Suite.exe
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
SearchScopes: HKU\S-1-5-21-1079278214-4177205842-2949168543-1000 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-1079278214-4177205842-2949168543-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-02-06] (Google Inc.)
C:\Program Files (x86)\Google\Google Toolbar
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-02-06] (Google Inc.)
Toolbar: HKU\S-1-5-21-1079278214-4177205842-2949168543-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-02-06] (Google Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Users\hornettlon\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Users\hornettlon\AppData\Local\Temp
End
*****************

HKU\S-1-5-21-1079278214-4177205842-2949168543-1000\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => value not found.
HKU\S-1-5-21-1079278214-4177205842-2949168543-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{812379e1-da07-11e5-8c5e-806e6f6e6963} => key not found.
HKCR\CLSID\{812379e1-da07-11e5-8c5e-806e6f6e6963} => key not found.
HKU\S-1-5-21-1079278214-4177205842-2949168543-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{81237a0d-da07-11e5-8c5e-d8cb8a6ebe52} => key not found.
HKCR\CLSID\{81237a0d-da07-11e5-8c5e-d8cb8a6ebe52} => key not found.
"C:\Windows\system32\GroupPolicy\Machine" => not found.
HKLM\SOFTWARE\Policies\Google => key not found.
HKU\S-1-5-21-1079278214-4177205842-2949168543-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value not found.
HKU\S-1-5-21-1079278214-4177205842-2949168543-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => key not found.
HKCR\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7} => key not found.
HKCR\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7} => key not found.
"C:\Program Files (x86)\Google\Google Toolbar" => not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7} => key not found.
HKCR\Wow6432Node\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7} => key not found.
HKU\S-1-5-21-1079278214-4177205842-2949168543-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value not found.
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => key not found.
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => key not found.
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => key not found.
"C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job" => not found.
"C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job" => not found.
"C:\Users\hornettlon\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini" => not found.

"C:\Users\hornettlon\AppData\Local\Temp" folder move:

Could not move "C:\Users\hornettlon\AppData\Local\Temp" => Scheduled to move on reboot.


Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2016-02-26 20:03:01)

C:\Users\hornettlon\AppData\Local\Temp => moved successfully

==== End of Fixlog 20:03:01 ====

[Rudy]

OK. Nastala nějaká změna?

[ondli]

Bohužel nenastala.. reklama pořád vyskakuje... už se pomalu smiřuji s reinstalací systému...

[Rudy]

Neházejme ještě flintu do žita. Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic neamžte.

[ondli]

nic jsem nemazal a neupravoval...

xf-adsk64.exe je cd-key j programu co jsem včera instaloval...

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 28.2.2016
Čas skenování: 17:15
Protokol:
Správce: Ano

Verze: 2.2.0.1024
Databáze malwaru: v2016.02.28.03
Databáze rootkitů: v2016.02.27.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: hornettlon

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 341422
Uplynulý čas: 9 min, 7 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 1
Hijack.AutoConfigURL.PrxySvrRST, HKU\S-1-5-21-1079278214-4177205842-2949168543-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|AutoConfigUrl, http://stop-block.org/wpad.dat?010607fc ... e4d6551400, , [829196d0d5c440f633852b42e91bec14]

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 3
RiskWare.Tool.HCK, C:\Users\hornettlon\Desktop\xf-adsk64.exe, , [ba5997cf4e4bdc5af85d868233cefa06],
PUP.Optional.AdOffer, C:\Users\hornettlon\AppData\Local\Temp\bitool.dll, , [a86b3b2b0e8bd4620e66d37833cf29d7],
PUP.Optional.Somoto, C:\Users\hornettlon\AppData\Local\Temp\nspEDFB.tmp, , [a37083e36930340236ae42adcc35d22e],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

[Rudy]

Všechny nalezené položky smažte.

[ondli]

Smazal jsem, restartoval a nepomohlo to pořád reklamy skáčou...

[Rudy]

Zkuste ještě tyto skeny:

1. Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize

autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;

Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.

a

2. Junkware removal tool: http://thisisudax.org/downloads/JRT.exe
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.

[ondli]

Provedeno:

ZOEK:

Zoek.exe v5.0.0.1 Updated 31-December-2015
Tool run by hornettlon on po 29.02.2016 at 15:46:42,28.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\hornettlon\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

29.2.2016 15:48:13 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\Program Files\Google deleted successfully
C:\PROGRA~3\ALM deleted successfully
C:\Users\hornettlon\AppData\Roaming\602XML deleted successfully
C:\Users\hornettlon\AppData\Roaming\Opera Software deleted successfully
C:\Users\hornettlon\AppData\Roaming\Publish Providers deleted successfully
C:\Users\hornettlon\AppData\Roaming\WinRAR deleted successfully
C:\Users\hornettlon\AppData\Local\GHISLER deleted successfully
C:\Users\hornettlon\AppData\Local\Opera Software deleted successfully
C:\Users\hornettlon\AppData\Local\PDFCreator deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\pdf_architect_4_conv@pdfarchitect.org deleted successfully

==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\PROGRA~2\SamsungPrinterLiveUpdateInstaller deleted
C:\Prefs.js deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\hornettlon\AppData\Local\MSGBOX.EXE deleted
C:\Users\hornettlon\AppData\Local\cache deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\LavasoftTcpService deleted
C:\Windows\wininit.ini deleted

==== Orphaned Tasks deleted from Registry ======================

avast Emergency Update deleted
Opera N deleted
Opera N Sunday deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"sp@avast.com"="C:\Program Files\AVAST Software\Avast\SafePrice\FF" [06.02.2016 21:02]
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"sp@avast.com"="C:\Program Files\AVAST Software\Avast\SafePrice\FF" [06.02.2016 21:02]

==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[06.02.2016 21:01]

Photo Zoom for Facebook - hornettlon\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\elioihkkcdgakfbahdoddophfngopipi
Avast Online Security - hornettlon\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.seznam.cz/"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.seznam.cz/"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.google.com/search?q={searchT ... urceid=ie7
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.google.com/search?q={searchT ... urceid=ie7
HKCU\SearchScopes "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
HKCU\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - No_Url_Value
HKCU\SearchScopes\{85A60A59-D3D8-468F-B598-FB4393789EF4} - https://www.google.com/search?q={searchTerms}

==== Reset Google Chrome ======================

C:\Users\hornettlon\AppData\Local\Google\Chrome\User Data\Profile 1\Preferences was reset successfully
C:\Users\hornettlon\AppData\Local\Google\Chrome\User Data\Profile 1\Secure Preferences was reset successfully
C:\Users\hornettlon\AppData\Local\Google\Chrome\User Data\Profile 1\Web Data was reset successfully
C:\Users\hornettlon\AppData\Local\Google\Chrome\User Data\Profile 1\Web Data-journal was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CDAServer deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\hornettlon\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\hornettlon\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\hornettlon\AppData\Local\Google\Chrome\User Data\Profile 1\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=67 folders=36 18066602 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\hornettlon\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\HORNET~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on po 29.02.2016 at 16:16:32,32 ======================




JRT:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.3 (02.09.2016)
Operating System: Windows 7 Professional x64
Ran by hornettlon (Administrator) on po 29.02.2016 at 16:18:34,53
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 1

Failed to delete: C:\ProgramData\pdfforge (Folder)



Registry: 5

Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} (Registry Key)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{85A60A59-D3D8-468F-B598-FB4393789EF4} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{38279E1A-7019-40C1-B579-E99DFB3312E8} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{38279E1A-7019-40C1-B579-E99DFB3312E8} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{23FD9C33-A9E1-48A1-8404-E5925CF1C8E1} (Registry Value)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on po 29.02.2016 at 16:20:20,70
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


Dávám to sem hned po "testu" tak netuším jak to dopadlo...

[Rudy]

Jak to vypadá nyní?

[ondli]

Vypadá to že to je v pořádku... děkuji moc... už jsem skoro nevěřil...