Mám tu notebook co při přístupu k emailu na Seznamu otevře stránku se žádostí o změnu hesla a instalací aplikace na mobilní telefon. Prosím o kontrolu logu.
Díky
Petr
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:16-04-2016 01
Ran by Admin (administrator) on ADMIN-PC (17-04-2016 11:07:24)
Running from C:\Users\Admin\Desktop
Loaded Profiles: Admin (Available Profiles: Admin)
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Admin\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-13] (Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10082920 2011-06-09] (Realtek Semiconductor)
HKLM\...\Run: [AmIcoSinglun] => C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe [264792 2011-01-26] (Alcor Micro Corp.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1934632 2010-10-08] (Synaptics Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7139256 2016-04-05] (AVAST Software)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1085656 2015-12-14] (Adobe Systems Incorporated)
HKLM\...\Run: [seznam-listicka-distribuce] => C:\Program Files\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-967406737-3052991210-2011929142-1000\...\Run: [Dropbox Update] => C:\Users\Admin\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-23] (Dropbox, Inc.)
HKU\S-1-5-21-967406737-3052991210-2011929142-1000\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Admin\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-967406737-3052991210-2011929142-1000\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Admin\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-967406737-3052991210-2011929142-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2016-04-05] (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{02F8AAD9-9607-4D5B-AAA5-01CAAC6498E6}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{0861B500-9FAF-46A2-BDD8-FB02258CDB69}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{F6660737-13E4-42A4-A9BD-4CC3C4ECC458}: [DhcpNameServer] 10.0.0.138
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-967406737-3052991210-2011929142-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-967406737-3052991210-2011929142-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-967406737-3052991210-2011929142-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2448} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=275&systemid=448&v=n15946-680&apn_uid=2516421311374351&apn_dtid=TCH001&o=APN10648&apn_ptnrs=AGI&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-967406737-3052991210-2011929142-1000 -> {32502C8E-C340-476C-9EE8-E115A910ED6B} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-967406737-3052991210-2011929142-1000 -> {3FA23E8A-85B2-4C26-824D-AF2C56D13F24} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_12454
SearchScopes: HKU\S-1-5-21-967406737-3052991210-2011929142-1000 -> {402A58D2-0C64-4CDC-A49B-C22BE4A397E4} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-967406737-3052991210-2011929142-1000 -> {4449ABD9-BBD5-47D9-98B4-32A01548D030} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-967406737-3052991210-2011929142-1000 -> {78B47CB4-B706-4CAC-B828-29E9070C92A2} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_12454
SearchScopes: HKU\S-1-5-21-967406737-3052991210-2011929142-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2448} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=275&systemid=448&v=n15946-680&apn_uid=2516421311374351&apn_dtid=TCH001&o=APN10648&apn_ptnrs=AGI&q={searchTerms}
SearchScopes: HKU\S-1-5-21-967406737-3052991210-2011929142-1000 -> {A2E93FC0-5A17-4A0E-B1B9-2259DC1F9F86} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_12454
SearchScopes: HKU\S-1-5-21-967406737-3052991210-2011929142-1000 -> {ABF49790-3104-4490-A3CA-8E6B4969548C} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-967406737-3052991210-2011929142-1000 -> {B89D725D-83A9-4707-A1DE-8044A98E9AC4} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_12454
SearchScopes: HKU\S-1-5-21-967406737-3052991210-2011929142-1000 -> {C60E0F73-48C5-4BE9-8EC9-1A25543FFAAE} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-04-05] (AVAST Software)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\yqsb9dn3.default
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: Bing
FF Homepage: hxxp://www.seznam.cz/
FF Keyword.URL: hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_21_0_0_197.dll [2016-03-24] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin: @SonyCreativeSoftware.com/Media Go,version=1.0 -> C:\Program Files\Sony\Media Go\npmediago.dll [2013-02-14] (Sony Network Entertainment International LLC)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-01-21] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-01-21] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-01-21] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-967406737-3052991210-2011929142-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Admin\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Extension: Pin It button - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\yqsb9dn3.default\Extensions\jid1-YcMV6ngYmQRA2w@jetpack.xpi [2015-11-30]
FF Extension: Seznam lištička - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\yqsb9dn3.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2016-03-28]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14] [not signed]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-04-05]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-04-05]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP
CHR StartupUrls: Default -> "hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP"
CHR DefaultSearchURL: Default -> hxxp://search.seznam.cz/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> seznam.cz
CHR DefaultSuggestURL: Default -> hxxp://suggest.fulltext.seznam.cz/fulltext_ff?phrase={searchTerms}
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Seznam Lištička - Email) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2016-04-17]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2016-03-23]
CHR Extension: (YouTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-09]
CHR Extension: (Vyhledávání Google) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-09]
CHR Extension: (Avast SafePrice) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-04-17]
CHR Extension: (No Name) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-23]
CHR Extension: (Avast Online Security) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-04-17]
CHR Extension: (Skype Click to Call) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-04-17]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-09]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2016-03-23]
CHR Extension: (Gmail) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-02]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2016-04-05]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-04-05]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [237096 2016-04-05] (AVAST Software)
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
U4 AvastVBoxSvc; "C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe" [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AmUStor; C:\Windows\System32\drivers\AmUStor.SYS [46680 2011-01-14] (Alcor Micro, Corp.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [32792 2016-04-05] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [91168 2016-04-05] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [91232 2016-04-05] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [58776 2016-04-05] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [816304 2016-04-05] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447848 2016-04-05] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [127432 2016-04-05] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [221240 2016-04-05] (AVAST Software)
S3 GT680x; C:\Windows\System32\Drivers\gt680x.sys [17504 2003-02-21] ( )
R3 L1C; C:\Windows\System32\DRIVERS\L1C60x86.sys [68208 2011-04-19] (Atheros Communications, Inc.)
R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [41088 2010-10-19] (Intel Corporation)
S3 catchme; \??\C:\Users\Admin\AppData\Local\Temp\catchme.sys [X]
U4 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-04-17 11:07 - 2016-04-17 11:07 - 00016197 _____ C:\Users\Admin\Desktop\FRST.txt
2016-04-17 11:06 - 2016-04-17 11:07 - 00000000 ____D C:\FRST
2016-04-17 11:05 - 2016-04-17 10:45 - 01726464 _____ (Farbar) C:\Users\Admin\Desktop\FRST.exe
2016-04-17 10:58 - 2016-04-17 10:58 - 00112640 _____ (forum.viry.cz) C:\Users\Admin\Desktop\FRSTLauncher.exe
2016-04-05 21:39 - 2016-04-05 21:39 - 00002081 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2016-04-05 21:39 - 2016-04-05 21:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2016-04-05 21:38 - 2016-04-05 20:38 - 00334280 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-04-05 20:38 - 2016-04-05 20:38 - 00052184 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-04-05 20:37 - 2016-04-05 20:37 - 00294816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2016-04-04 21:34 - 2016-04-05 20:06 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-03-20 10:46 - 2016-04-06 14:28 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Seznam.cz
2016-03-20 10:46 - 2016-03-26 20:34 - 00000000 ____D C:\Users\Admin\Documents\pyramidak
2016-03-20 10:46 - 2016-03-20 10:46 - 00000000 ____D C:\Users\Admin\AppData\Roaming\pyramidak
2016-03-20 10:46 - 2016-03-20 10:46 - 00000000 ____D C:\Program Files\Seznam.cz
2016-03-20 10:45 - 2016-03-20 10:45 - 00002059 _____ C:\Users\Admin\Desktop\Kalendář.lnk
2016-03-20 10:45 - 2016-03-20 10:45 - 00000000 ____D C:\Program Files\pyramidak
2016-03-20 10:44 - 2016-03-20 10:45 - 08162080 _____ C:\Users\Admin\Downloads\InstKalendar.exe
2016-03-20 10:24 - 2016-03-20 10:24 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-04-17 11:07 - 2012-10-24 10:24 - 01582262 _____ C:\Windows\system32\PerfStringBackup.INI
2016-04-17 11:07 - 2009-07-14 10:37 - 00668376 _____ C:\Windows\system32\perfh005.dat
2016-04-17 11:07 - 2009-07-14 10:37 - 00141004 _____ C:\Windows\system32\perfc005.dat
2016-04-17 11:07 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\inf
2016-04-17 11:00 - 2009-07-14 06:34 - 00015168 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-04-17 11:00 - 2009-07-14 06:34 - 00015168 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-04-17 10:51 - 2015-06-23 20:09 - 00000866 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-967406737-3052991210-2011929142-1000Core.job
2016-04-17 10:50 - 2012-12-19 15:37 - 00000906 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-967406737-3052991210-2011929142-1000Core.job
2016-04-17 10:44 - 2015-06-23 20:09 - 00000918 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-967406737-3052991210-2011929142-1000UA.job
2016-04-17 10:44 - 2013-07-22 13:24 - 00000936 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-17 10:44 - 2012-12-19 15:37 - 00000928 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-967406737-3052991210-2011929142-1000UA.job
2016-04-17 10:44 - 2012-12-15 11:43 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-04-06 14:21 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-04-05 21:40 - 2015-01-19 18:20 - 00000000 ____D C:\ProgramData\AVAST Software
2016-04-05 21:39 - 2015-01-19 20:54 - 00816304 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2016-04-05 21:39 - 2015-01-19 20:54 - 00091168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys
2016-04-05 21:38 - 2015-01-19 20:54 - 00447848 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2016-04-05 21:38 - 2015-01-19 20:54 - 00221240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys
2016-04-05 20:38 - 2015-01-19 20:54 - 00127432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2016-04-05 20:38 - 2015-01-19 20:54 - 00091232 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2016-04-05 20:38 - 2015-01-19 20:54 - 00058776 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-04-05 20:38 - 2015-01-19 20:54 - 00032792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-04-05 20:38 - 2015-01-19 20:51 - 00000000 ____D C:\Program Files\AVAST Software
2016-04-05 20:29 - 2015-11-29 11:15 - 00000000 ____D C:\Users\Admin\AppData\Local\ElevatedDiagnostics
2016-04-05 20:06 - 2012-10-26 21:11 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-04-05 19:53 - 2014-10-09 20:13 - 00001030 _____ C:\Users\Public\Desktop\VLC media player.lnk
2016-04-01 13:12 - 2012-12-21 13:08 - 00000000 ___RD C:\Users\Admin\Desktop\ENERGIE našeho domu
2016-03-30 20:23 - 2013-07-22 13:25 - 00002147 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-03-30 20:23 - 2013-07-22 13:25 - 00002135 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-03-29 19:40 - 2015-04-28 19:26 - 00000000 ___SD C:\Windows\system32\GWX
2016-03-24 21:44 - 2012-10-24 15:07 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-03-24 21:44 - 2012-10-24 15:07 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-03-23 09:59 - 2009-07-14 06:33 - 00335848 _____ C:\Windows\system32\FNTCACHE.DAT
2016-03-23 09:57 - 2015-04-28 19:26 - 00000000 ____D C:\Windows\system32\appraiser
2016-03-23 09:33 - 2015-01-20 17:41 - 00000000 ____D C:\Windows\system32\MRT
2016-03-22 21:30 - 2015-01-20 17:41 - 141270216 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-03-20 10:24 - 2014-08-28 20:56 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Dropbox
2016-03-19 14:58 - 2012-12-14 10:31 - 00013728 _____ C:\Users\Admin\Desktop\Podnájem byt Americká.xlsx
==================== Files in the root of some directories =======
2013-03-02 19:14 - 2013-03-02 19:14 - 0003584 _____ () C:\Users\Admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
Files to move or delete:
====================
C:\Users\Admin\winamp5623_full_emusic-7plus_all.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-967406737-3052991210-2011929142-1000Core.job => C:\Users\Admin\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-967406737-3052991210-2011929142-1000UA.job => C:\Users\Admin\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-967406737-3052991210-2011929142-1000Core.job => C:\Users\Admin\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-967406737-3052991210-2011929142-1000UA.job => C:\Users\Admin\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Admin\Desktop" je 1834 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Email Seznam chce instalovat aplikaci na ověření
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Email Seznam chce instalovat aplikaci na ověření
- Přílohy
-
- Addition.zip
- (4.98 KiB) Staženo 94 x
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Email Seznam chce instalovat aplikaci na ověření
Zdravím!
Proveďte následující skeny:
1. Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu
Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize
Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.
a
2. Junkware removal tool: http://thisisudax.org/downloads/JRT.exe
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.
Proveďte následující skeny:
1. Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu
Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize
autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;
Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.
a
2. Junkware removal tool: http://thisisudax.org/downloads/JRT.exe
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Email Seznam chce instalovat aplikaci na ověření
Díky.
Výsledky ZOEK...
Zoek.exe v5.0.0.1 Updated 31-December-2015
Tool run by Admin on ne 17.04.2016 at 11:44:17,31.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Admin\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
17.4.2016 11:45:32 Zoek.exe System Restore Point Created Successfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Empty Folders Check ======================
C:\Program Files\Sony Ericsson deleted successfully
C:\Program Files\Winamp deleted successfully
C:\PROGRA~2\Sony Ericsson deleted successfully
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-967406737-3052991210-2011929142-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2448} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2448} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\yqsb9dn3.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.seznam.cz/");
user_pref("browser.search.selectedEngine", "Bing ");
user_pref("keyword.URL", "http://www.bing.com/search?FORM=UP97DF&PC=UP97&q=");
Added to C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\yqsb9dn3.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Deleting Files \ Folders ======================
C:\Program Files\Sony Ericsson not found
C:\Program Files\Winamp not found
C:\PROGRA~2\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} deleted
C:\Users\Admin\AppData\Local\torchimeshmoviestoolbar deleted
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\yqsb9dn3.default\jetpack deleted
C:\Users\Admin\winamp5623_full_emusic-7plus_all.exe deleted
==== Orphaned Tasks deleted from Registry ======================
avast Emergency Update deleted
==== Firefox Start and Search pages ======================
ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\yqsb9dn3.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"sp@avast.com"="C:\Program Files\AVAST Software\Avast\SafePrice\FF" [05.04.2016 21:41]
==== Firefox Extensions ======================
ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\yqsb9dn3.default
- Seznam litika - %ProfilePath%\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
- Pin It button - %ProfilePath%\extensions\jid1-YcMV6ngYmQRA2w@jetpack.xpi
AppDir: C:\Program Files\Mozilla Firefox
- Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi
- Undetermined - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi
==== Firefox Plugins ======================
Profilepath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\yqsb9dn3.default
6EB985F553B9B45633348B8C8A5849C1 - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll - Adobe Acrobat
A419F8F86D7DF773D4793D2808F88A0D - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - Adobe Acrobat
9F9E2E37C8455FCC7E2716E3AFD3EF88 - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin
AF8A94BCB98C299C49B28CC12EBC0ED2 - C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll - Google Update
BC14E71CDF13C6AE8C1250F1CA129822 - C:\Program Files\Sony\Media Go\npmediago.dll - Media Go Detector
1B743D5B6FD001660FAB17DD7C347A38 - C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll - Silverlight Plug-In
7C67580DFE143EF19E7418B0F054B5F6 - C:\Windows\system32\Macromed\Flash\NPSWF32_21_0_0_197.dll - Shockwave Flash
3CD19649B2C3023D65E67C056457A2BC - C:\Users\Admin\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin
4F3F6B17B4A5BDB68B3CB0367A2C214E - C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrlui.dll - Microsoft® Silverlight
==== Chromium Look ======================
Google Chrome Version: 46.0.2490.86
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
eofcbnmajmjmplflapaojjnihcjkigck - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx[05.04.2016 20:38]
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[05.04.2016 20:38]
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[14.07.2014 18:22]
Seznam Lištička - Email - Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig
Seznam LištiÄŤka - SlovnĂk - Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd
Avast SafePrice - Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
Avast Online Security - Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
Skype Click to Call - Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Seznam Lištička - Rychlá volba - Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak
Search Extension by Ask v2 - Admin\AppData\Local\Torch\User Data\Default\Extensions\aaaaafeopjhkcolncjbedbhofpocmdbn
Ask Toolbar - Admin\AppData\Local\Torch\User Data\Default\Extensions\aaaalejpmnocmhmlbmlkjemekckoagne
ThemeBeta.com - Admin\AppData\Local\Torch\User Data\Default\Extensions\bokadokfjkloipfpomljajlhcncgejoc
DropToS - Admin\AppData\Local\Torch\User Data\Default\Extensions\cipmepknanmbbaneimacddfemfbfgpgo
Torch New Tab - Admin\AppData\Local\Torch\User Data\Default\Extensions\dipchieogpecpggdacaaffcjemkggfbi
Torch Games - Admin\AppData\Local\Torch\User Data\Default\Extensions\elnodfjhjgpnmdhklbfeijeaehcgffnp
Avast SafePrice - Admin\AppData\Local\Torch\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
Torch Music - Admin\AppData\Local\Torch\User Data\Default\Extensions\gcjbdjlojcomlphfchhihkigepfabcad
Avast Online Security - Admin\AppData\Local\Torch\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
Torch Games - Admin\AppData\Local\Torch\User Data\Default\Extensions\khkmhmmjbfailffpaicjgedkpboookjk
Skype Click to Call - Admin\AppData\Local\Torch\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Torch Torrent - Admin\AppData\Local\Torch\User Data\Default\Extensions\mpdmibcjecdaibcnlilhiopefjgegjjc
Torch Music - Admin\AppData\Local\Torch\User Data\Default\Extensions\ohimbkoaphfnmekmfppijeblmkncneed
==== Chromium Startpages ======================
C:\Users\Admin\AppData\Local\Torch\User Data\Default\Preferences
"homepage": "http://home.torchbrowser.com",
"startup_urls": [ "http://home.torchbrowser.com" ]
==== Chromium Fix ======================
C:\Users\Admin\AppData\Local\Torch\User Data\Default\Extensions\dipchieogpecpggdacaaffcjemkggfbi deleted successfully
C:\Users\Admin\AppData\Local\Torch\User Data\Default\Local Storage\chrome-extension_dipchieogpecpggdacaaffcjemkggfbi_0.localstorage deleted successfully
C:\Users\Admin\AppData\Local\Torch\User Data\Default\Local Storage\chrome-extension_dipchieogpecpggdacaaffcjemkggfbi_0.localstorage-journal deleted successfully
C:\Users\Admin\AppData\Local\Torch\User Data\Default\databases\chrome-extension_dipchieogpecpggdacaaffcjemkggfbi_0 deleted successfully
C:\Users\Admin\AppData\Local\Torch\User Data\Default\Extensions\aaaalejpmnocmhmlbmlkjemekckoagne deleted successfully
C:\Users\Admin\AppData\Local\Torch\User Data\Default\Extensions\aaaaafeopjhkcolncjbedbhofpocmdbn deleted successfully
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.seznam.cz/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.seznam.cz/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
==== All HKLM and HKCU SearchScopes ======================
HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTer ... ORM=IESR02
HKCU\SearchScopes\{32502C8E-C340-476C-9EE8-E115A910ED6B} - http://tv.seznam.cz/hledej?w={searchTer ... arch_12454
HKCU\SearchScopes\{3FA23E8A-85B2-4C26-824D-AF2C56D13F24} - http://www.mapy.cz/?query={searchTerms} ... arch_12454
HKCU\SearchScopes\{402A58D2-0C64-4CDC-A49B-C22BE4A397E4} - http://search.seznam.cz/?q={searchTerms ... arch_12454
HKCU\SearchScopes\{4449ABD9-BBD5-47D9-98B4-32A01548D030} - http://slovnik.seznam.cz/?q={searchTerm ... arch_12454
HKCU\SearchScopes\{78B47CB4-B706-4CAC-B828-29E9070C92A2} - http://www.firmy.cz/?q={searchTerms}&so ... arch_12454
HKCU\SearchScopes\{A2E93FC0-5A17-4A0E-B1B9-2259DC1F9F86} - http://www.zbozi.cz/?q={searchTerms}&r= ... arch_12454
HKCU\SearchScopes\{ABF49790-3104-4490-A3CA-8E6B4969548C} - http://slovnik.seznam.cz/?q={searchTerm ... arch_12454
HKCU\SearchScopes\{B89D725D-83A9-4707-A1DE-8044A98E9AC4} - http://www.novinky.cz/hledej?w={searchT ... arch_12454
HKCU\SearchScopes\{C60E0F73-48C5-4BE9-8EC9-1A25543FFAAE} - http://encyklopedie.seznam.cz/search?q= ... arch_12454
==== Reset Google Chrome ======================
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences.bad was reset successfully
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Admin\AppData\Local\Torch\User Data\Default\Preferences was reset successfully
C:\Users\Admin\AppData\Local\Torch\User Data\Default\Secure Preferences was reset successfully
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
C:\Users\Admin\AppData\Local\Torch\User Data\Default\Web Data was reset successfully
C:\Users\Admin\AppData\Local\Torch\User Data\Default\Web Data-journal was reset successfully
==== Empty IE Cache ======================
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\yqsb9dn3.default\cache2 emptied successfully
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\yqsb9dn3.default\storage\default\https+++www.pinterest.com\cache emptied successfully
==== Empty Chrome Cache ======================
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\Admin\AppData\Local\Torch\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
No Java Cache Found
==== C:\zoek_backup content ======================
C:\zoek_backup (files=417 folders=174 44135246 bytes)
==== Empty Temp Folders ======================
C:\Users\Admin\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Default User\AppData\Local\temp emptied successfully
C:\Users\Public\AppData\Local\temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\Admin\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on ne 17.04.2016 at 12:08:31,73 ======================
a výsledky JRT
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.4 (03.14.2016)
Operating System: Windows 7 Professional x86
Ran by Admin (Administrator) on ne 17.04.2016 at 12:11:13,59
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 10
Failed to delete: C:\Users\Admin\AppData\Local\torch (Folder)
Successfully deleted: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig (Folder)
Successfully deleted: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd (Folder)
Successfully deleted: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak (Folder)
Successfully deleted: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bgjpfhpjcgdppjbgnpnjllokbmcdllig_0.localstorage-journal (File)
Successfully deleted: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bgjpfhpjcgdppjbgnpnjllokbmcdllig_0.localstorage (File)
Successfully deleted: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_blmojkbhnkkphngknkmgccmlenfaelkd_0.localstorage-journal (File)
Successfully deleted: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_blmojkbhnkkphngknkmgccmlenfaelkd_0.localstorage (File)
Successfully deleted: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_olfeabkoenfaoljndfecamgilllcpiak_0.localstorage-journal (File)
Successfully deleted: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_olfeabkoenfaoljndfecamgilllcpiak_0.localstorage (File)
Registry: 2
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{402A58D2-0C64-4CDC-A49B-C22BE4A397E4} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\Search\\SearchAssistant (Registry Value)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on ne 17.04.2016 at 12:14:50,18
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Výsledky ZOEK...
Zoek.exe v5.0.0.1 Updated 31-December-2015
Tool run by Admin on ne 17.04.2016 at 11:44:17,31.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Admin\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
17.4.2016 11:45:32 Zoek.exe System Restore Point Created Successfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Empty Folders Check ======================
C:\Program Files\Sony Ericsson deleted successfully
C:\Program Files\Winamp deleted successfully
C:\PROGRA~2\Sony Ericsson deleted successfully
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-967406737-3052991210-2011929142-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2448} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2448} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\yqsb9dn3.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.seznam.cz/");
user_pref("browser.search.selectedEngine", "Bing ");
user_pref("keyword.URL", "http://www.bing.com/search?FORM=UP97DF&PC=UP97&q=");
Added to C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\yqsb9dn3.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Deleting Files \ Folders ======================
C:\Program Files\Sony Ericsson not found
C:\Program Files\Winamp not found
C:\PROGRA~2\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} deleted
C:\Users\Admin\AppData\Local\torchimeshmoviestoolbar deleted
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\yqsb9dn3.default\jetpack deleted
C:\Users\Admin\winamp5623_full_emusic-7plus_all.exe deleted
==== Orphaned Tasks deleted from Registry ======================
avast Emergency Update deleted
==== Firefox Start and Search pages ======================
ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\yqsb9dn3.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"sp@avast.com"="C:\Program Files\AVAST Software\Avast\SafePrice\FF" [05.04.2016 21:41]
==== Firefox Extensions ======================
ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\yqsb9dn3.default
- Seznam litika - %ProfilePath%\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
- Pin It button - %ProfilePath%\extensions\jid1-YcMV6ngYmQRA2w@jetpack.xpi
AppDir: C:\Program Files\Mozilla Firefox
- Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi
- Undetermined - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi
==== Firefox Plugins ======================
Profilepath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\yqsb9dn3.default
6EB985F553B9B45633348B8C8A5849C1 - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll - Adobe Acrobat
A419F8F86D7DF773D4793D2808F88A0D - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - Adobe Acrobat
9F9E2E37C8455FCC7E2716E3AFD3EF88 - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin
AF8A94BCB98C299C49B28CC12EBC0ED2 - C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll - Google Update
BC14E71CDF13C6AE8C1250F1CA129822 - C:\Program Files\Sony\Media Go\npmediago.dll - Media Go Detector
1B743D5B6FD001660FAB17DD7C347A38 - C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll - Silverlight Plug-In
7C67580DFE143EF19E7418B0F054B5F6 - C:\Windows\system32\Macromed\Flash\NPSWF32_21_0_0_197.dll - Shockwave Flash
3CD19649B2C3023D65E67C056457A2BC - C:\Users\Admin\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin
4F3F6B17B4A5BDB68B3CB0367A2C214E - C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrlui.dll - Microsoft® Silverlight
==== Chromium Look ======================
Google Chrome Version: 46.0.2490.86
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
eofcbnmajmjmplflapaojjnihcjkigck - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx[05.04.2016 20:38]
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[05.04.2016 20:38]
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[14.07.2014 18:22]
Seznam Lištička - Email - Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig
Seznam LištiÄŤka - SlovnĂk - Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd
Avast SafePrice - Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
Avast Online Security - Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
Skype Click to Call - Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Seznam Lištička - Rychlá volba - Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak
Search Extension by Ask v2 - Admin\AppData\Local\Torch\User Data\Default\Extensions\aaaaafeopjhkcolncjbedbhofpocmdbn
Ask Toolbar - Admin\AppData\Local\Torch\User Data\Default\Extensions\aaaalejpmnocmhmlbmlkjemekckoagne
ThemeBeta.com - Admin\AppData\Local\Torch\User Data\Default\Extensions\bokadokfjkloipfpomljajlhcncgejoc
DropToS - Admin\AppData\Local\Torch\User Data\Default\Extensions\cipmepknanmbbaneimacddfemfbfgpgo
Torch New Tab - Admin\AppData\Local\Torch\User Data\Default\Extensions\dipchieogpecpggdacaaffcjemkggfbi
Torch Games - Admin\AppData\Local\Torch\User Data\Default\Extensions\elnodfjhjgpnmdhklbfeijeaehcgffnp
Avast SafePrice - Admin\AppData\Local\Torch\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
Torch Music - Admin\AppData\Local\Torch\User Data\Default\Extensions\gcjbdjlojcomlphfchhihkigepfabcad
Avast Online Security - Admin\AppData\Local\Torch\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
Torch Games - Admin\AppData\Local\Torch\User Data\Default\Extensions\khkmhmmjbfailffpaicjgedkpboookjk
Skype Click to Call - Admin\AppData\Local\Torch\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Torch Torrent - Admin\AppData\Local\Torch\User Data\Default\Extensions\mpdmibcjecdaibcnlilhiopefjgegjjc
Torch Music - Admin\AppData\Local\Torch\User Data\Default\Extensions\ohimbkoaphfnmekmfppijeblmkncneed
==== Chromium Startpages ======================
C:\Users\Admin\AppData\Local\Torch\User Data\Default\Preferences
"homepage": "http://home.torchbrowser.com",
"startup_urls": [ "http://home.torchbrowser.com" ]
==== Chromium Fix ======================
C:\Users\Admin\AppData\Local\Torch\User Data\Default\Extensions\dipchieogpecpggdacaaffcjemkggfbi deleted successfully
C:\Users\Admin\AppData\Local\Torch\User Data\Default\Local Storage\chrome-extension_dipchieogpecpggdacaaffcjemkggfbi_0.localstorage deleted successfully
C:\Users\Admin\AppData\Local\Torch\User Data\Default\Local Storage\chrome-extension_dipchieogpecpggdacaaffcjemkggfbi_0.localstorage-journal deleted successfully
C:\Users\Admin\AppData\Local\Torch\User Data\Default\databases\chrome-extension_dipchieogpecpggdacaaffcjemkggfbi_0 deleted successfully
C:\Users\Admin\AppData\Local\Torch\User Data\Default\Extensions\aaaalejpmnocmhmlbmlkjemekckoagne deleted successfully
C:\Users\Admin\AppData\Local\Torch\User Data\Default\Extensions\aaaaafeopjhkcolncjbedbhofpocmdbn deleted successfully
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.seznam.cz/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.seznam.cz/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
==== All HKLM and HKCU SearchScopes ======================
HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTer ... ORM=IESR02
HKCU\SearchScopes\{32502C8E-C340-476C-9EE8-E115A910ED6B} - http://tv.seznam.cz/hledej?w={searchTer ... arch_12454
HKCU\SearchScopes\{3FA23E8A-85B2-4C26-824D-AF2C56D13F24} - http://www.mapy.cz/?query={searchTerms} ... arch_12454
HKCU\SearchScopes\{402A58D2-0C64-4CDC-A49B-C22BE4A397E4} - http://search.seznam.cz/?q={searchTerms ... arch_12454
HKCU\SearchScopes\{4449ABD9-BBD5-47D9-98B4-32A01548D030} - http://slovnik.seznam.cz/?q={searchTerm ... arch_12454
HKCU\SearchScopes\{78B47CB4-B706-4CAC-B828-29E9070C92A2} - http://www.firmy.cz/?q={searchTerms}&so ... arch_12454
HKCU\SearchScopes\{A2E93FC0-5A17-4A0E-B1B9-2259DC1F9F86} - http://www.zbozi.cz/?q={searchTerms}&r= ... arch_12454
HKCU\SearchScopes\{ABF49790-3104-4490-A3CA-8E6B4969548C} - http://slovnik.seznam.cz/?q={searchTerm ... arch_12454
HKCU\SearchScopes\{B89D725D-83A9-4707-A1DE-8044A98E9AC4} - http://www.novinky.cz/hledej?w={searchT ... arch_12454
HKCU\SearchScopes\{C60E0F73-48C5-4BE9-8EC9-1A25543FFAAE} - http://encyklopedie.seznam.cz/search?q= ... arch_12454
==== Reset Google Chrome ======================
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences.bad was reset successfully
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Admin\AppData\Local\Torch\User Data\Default\Preferences was reset successfully
C:\Users\Admin\AppData\Local\Torch\User Data\Default\Secure Preferences was reset successfully
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
C:\Users\Admin\AppData\Local\Torch\User Data\Default\Web Data was reset successfully
C:\Users\Admin\AppData\Local\Torch\User Data\Default\Web Data-journal was reset successfully
==== Empty IE Cache ======================
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\yqsb9dn3.default\cache2 emptied successfully
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\yqsb9dn3.default\storage\default\https+++www.pinterest.com\cache emptied successfully
==== Empty Chrome Cache ======================
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\Admin\AppData\Local\Torch\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
No Java Cache Found
==== C:\zoek_backup content ======================
C:\zoek_backup (files=417 folders=174 44135246 bytes)
==== Empty Temp Folders ======================
C:\Users\Admin\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Default User\AppData\Local\temp emptied successfully
C:\Users\Public\AppData\Local\temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\Admin\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on ne 17.04.2016 at 12:08:31,73 ======================
a výsledky JRT
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.4 (03.14.2016)
Operating System: Windows 7 Professional x86
Ran by Admin (Administrator) on ne 17.04.2016 at 12:11:13,59
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 10
Failed to delete: C:\Users\Admin\AppData\Local\torch (Folder)
Successfully deleted: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig (Folder)
Successfully deleted: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd (Folder)
Successfully deleted: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak (Folder)
Successfully deleted: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bgjpfhpjcgdppjbgnpnjllokbmcdllig_0.localstorage-journal (File)
Successfully deleted: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bgjpfhpjcgdppjbgnpnjllokbmcdllig_0.localstorage (File)
Successfully deleted: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_blmojkbhnkkphngknkmgccmlenfaelkd_0.localstorage-journal (File)
Successfully deleted: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_blmojkbhnkkphngknkmgccmlenfaelkd_0.localstorage (File)
Successfully deleted: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_olfeabkoenfaoljndfecamgilllcpiak_0.localstorage-journal (File)
Successfully deleted: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_olfeabkoenfaoljndfecamgilllcpiak_0.localstorage (File)
Registry: 2
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{402A58D2-0C64-4CDC-A49B-C22BE4A397E4} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\Search\\SearchAssistant (Registry Value)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on ne 17.04.2016 at 12:14:50,18
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Email Seznam chce instalovat aplikaci na ověření
Změnilo se něco nyní?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Email Seznam chce instalovat aplikaci na ověření
Změnilo. Už se otevře Seznam email jako normálně. Děkuju.
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Email Seznam chce instalovat aplikaci na ověření
OK a nemáte zač! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?