Zdravím, mám v počítači nějaký problém, který antivir Microsoft Security Essentials nenalezl. Když prohlížím jakékoliv stránky na internetu přes IE, tak vyskakuje reklama bestadbid v novém okně. To stejné se děje i při prohlížení v Google Chrome, ovšem tam mám zapnutý ADBlock, takže reklama se ihned zavře. Přikládám log FRST:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-06-2014
Ran by Sylva (administrator) on SYLVA-PC on 08-06-2014 17:19:45
Running from C:\Users\Sylva\Desktop\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
() C:\Users\Sylva\AppData\Local\f4854413752793fb3b2b4b111f01418e\CodecPathSDK.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7Debug\mdm.exe
() C:\Program Files (x86)\Pirrit\AutoUpdater.exe
(Tunngle.net GmbH) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
() C:\Program Files (x86)\WinRST\WinRST.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(SlySoft, Inc.) C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
() C:\Users\Sylva\AppData\Local\f4854413752793fb3b2b4b111f01418e\GNUGammaOS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11474024 2010-10-05] (Realtek Semiconductor)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-27] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-02-16] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-12-23] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2013-11-15] ()
HKLM-x32\...\Run: [CloneCDTray] => C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe [57344 2009-01-30] (SlySoft, Inc.)
HKU\S-1-5-21-3667430092-2908953777-461473442-1000\...\Run: [Pando Media Booster] => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [3093624 2012-11-15] ()
HKU\S-1-5-21-3667430092-2908953777-461473442-1000\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [393216 2010-08-25] (AMD)
HKU\S-1-5-21-3667430092-2908953777-461473442-1000\...\Run: [GoogleChromeAutoLaunch_7472D2282A9AD5FE2D061499B8CFC4CC] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488 2014-05-14] (Google Inc.)
HKU\S-1-5-21-3667430092-2908953777-461473442-1000\...\Policies\Explorer: [NoInstrumentation] 0
==================== Internet (Whitelisted) ====================
ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:34790
HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
URLSearchHook: HKLM-x32 - BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - No File
SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.as ... =CT1750559
SearchScopes: HKCU - DefaultScope {F9A4EC8E-DCA5-46F4-94EF-1FE8D56378F4} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {F9A4EC8E-DCA5-46F4-94EF-1FE8D56378F4} URL = https://www.google.com/search?q={searchTerms}
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - No File
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll (Adblock Plus)
BHO-x32: HistoryTriggerBHO Class - {21A88CB9-84D2-4020-A2D1-B25A21034884} - No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - No File
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - No File
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: IEExtension.Extension - {d40c654d-7c51-4eb3-95b2-1e23905c2a2d} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Yontoo - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - No File
BHO-x32: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - No File
BHO-x32: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll (Adblock Plus)
Toolbar: HKLM-x32 - BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - No File
Toolbar: HKLM-x32 - No Name - {1EA00BE1-6E54-4E2A-8099-680300BF23E1} - No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKCU - No Name - {FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} - No File
Toolbar: HKCU - No Name - {30F9B915-B755-4826-820B-08FBA6BD249D} - No File
Toolbar: HKCU - No Name - {34AB3C4C-DA1A-4067-96F4-31452C7CFE65} - No File
DPF: HKLM-x32 {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} https://battlefield.play4free.com/stati ... 0.66.2.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - No File
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - No File
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - No File
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - No File
Handler-x32: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files (x86)\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL No File
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - No File
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll No File
Hosts: 127.0.0.1 localhost
Tcpip\Parameters: [DhcpNameServer] 213.46.172.46 213.46.172.37
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @nexon.net/NxGame - C:\ProgramData\NexonUS\NGM\npNxGameUS.dll No File
FF Plugin-x32: @ngm.nexoneu.com/NxGame - C:\ProgramData\NexonEU\NGM\npNxGameeu.dll No File
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=1.1.11 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll No File
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Sylva\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: electronicarts.com/GameFacePlugin - C:\Users\Sylva\AppData\Roaming\Electronic Arts\Game Face\npGameFacePlugin.dll (Electronic Arts)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-05-21]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF HKCU\...\Firefox\Extensions: [{58bd07eb-0ee0-4df0-8121-dc9b693373df}] - C:\ProgramData\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension
Chrome:
=======
CHR HomePage:
CHR StartupUrls: "", "hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP", "hxxp://www.search.ask.com/?o=APN11459&gct=hp&d ... 70-312&t=4", "hxxp://mysearch.avg.com?cid={63F23CF6-37C4-408E-8592-9137661D5BB6}&mid=5481a4a0ff6247d2815e3e546529c21c-ad1491be2ce6c122f6b66faa90e70c2decf7d34c&lang=cs&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-04-25 22:42:44&v=18.0.5.292&pid=safeguard&sg=&sap=hp", "|hxxp://www.msn.com/?pc=UP97&ocid={63F23CF6-37C ... 2014-04-25 22:42:44&v=18.0.5.292&pid=safeguard&sg=&sap=hp", "hxxp://mysearch.avg.com?cid={63F23CF6-37C4-408E-8592-9137661D5BB6}&mid=5481a4a0ff6247d2815e3e546529c21c-ad1491be2ce6c122f6b66faa90e70c2decf7d34c&lang=cs&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-04-25 22:42:44&v=18.1.0.443&pid=safeguard&sg=&sap=hp", "hxxp://mysearch.avg.com?cid={63F23CF6-37C4-408E-8592-9137661D5BB6}&mid=5481a4a0ff6247d2815e3e546529c21c-ad1491be2ce6c122f6b66faa90e70c2decf7d34c&lang=cs&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-04-25 22:42:44&v=18.1.5.512&pid=safeguard&sg=&sap=hp"
CHR Extension: (Dokumenty Google) - C:\Users\Sylva\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-10-30]
CHR Extension: (Disk Google) - C:\Users\Sylva\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-10-30]
CHR Extension: (YouTube) - C:\Users\Sylva\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-10-30]
CHR Extension: (Vyhledávání Google) - C:\Users\Sylva\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-10-30]
CHR Extension: (AdBlock) - C:\Users\Sylva\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-12-07]
CHR Extension: (Skype Click to Call) - C:\Users\Sylva\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-10-30]
CHR Extension: (AVG Secure Search) - C:\Users\Sylva\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2014-05-10]
CHR Extension: (Peněženka Google) - C:\Users\Sylva\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-20]
CHR Extension: (Instagram for Chrome) - C:\Users\Sylva\AppData\Local\Google\Chrome\User Data\Default\Extensions\opnbmdkdflhjiclaoiiifmheknpccalb [2014-01-22]
CHR Extension: (Gmail) - C:\Users\Sylva\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-10-30]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Users\Sylva\AppData\Roaming\DVDVideoSoft\dvsYoutubeDownload.crx [2012-12-11]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-01-31]
CHR HKLM-x32\...\Chrome\Extension: [niapdbllcanepiiimjjndipklodoedlc] - C:\Users\Sylva\AppData\Local\Temp\YontooLayers.crx [2013-01-31]
CHR HKLM-x32\...\Chrome\Extension: [pgafcinpmmpklohkojmllohdhomoefph] - C:\ProgramData\Browser Manager\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.crx [2013-01-31]
==================== Services (Whitelisted) =================
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2266296 2014-05-16] (Microsoft Corporation)
R2 CodecPathSDK.exe; C:\Users\Sylva\AppData\Local\f4854413752793fb3b2b4b111f01418e\CodecPathSDK.exe [110592 2014-06-03] ()
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R2 PirritUpdater; C:\Program Files (x86)\Pirrit\AutoUpdater.exe [59904 2014-02-20] ()
R2 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [685816 2010-02-13] (Tunngle.net GmbH)
R2 WinRST; C:\Program Files (x86)\WinRST\WinRST.exe [59904 2014-02-26] ()
S2 74036d6ac0a9485.exe; C:\Users\Sylva\AppData\Local\197f6067d7dc3defd0276d916ec69be7\74036d6ac0a9485.exe [X]
S2 a1d98c6ce829d82.exe; C:\Users\Sylva\AppData\Local\25f1b30be79c03e6453be5e7d8d8fcdd\a1d98c6ce829d82.exe [X]
S3 Adobe LM Service; "C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe" [X]
S2 avgfws; "C:\Program Files (x86)\AVG\AVG2013\avgfws.exe" [X]
S2 AVGIDSAgent; "C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe" [X]
S2 avgwd; "C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe" [X]
S2 Browser Manager; C:\ProgramData\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe [X]
S2 cb32ee736293399.exe; C:\Users\Sylva\AppData\Local\96504deb1005a2eb231907d2e8ddd0b2\cb32ee736293399.exe [X]
S3 fsssvc; "C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe" [X]
S2 NAUpdate; "C:\Program Files (x86)\Nero\Update\NASvc.exe" [X]
S3 Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe /RunAsService [X]
S4 wlcrasvc; "C:\Program Files\Windows Live\Mesh\wlcrasvc.exe" [X]
==================== Drivers (Whitelisted) ====================
S3 Andbus; C:\Windows\System32\DRIVERS\lgandbus64.sys [19456 2010-12-07] (LG Electronics Inc.)
S3 AndDiag; C:\Windows\System32\DRIVERS\lganddiag64.sys [27648 2010-12-07] (LG Electronics Inc.)
S3 AndGps; C:\Windows\System32\DRIVERS\lgandgps64.sys [27136 2010-12-07] (LG Electronics Inc.)
S3 ANDModem; C:\Windows\System32\DRIVERS\lgandmodem64.sys [34304 2010-12-07] (LG Electronics Inc.)
S3 androidusb; C:\Windows\System32\Drivers\lgandadb.sys [31744 2010-08-02] (Google Inc)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-08-08] (DT Soft Ltd)
R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
R3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
S3 ENTECH64; C:\Windows\system32\DRIVERS\ENTECH64.sys [12744 2008-04-22] (EnTech Taiwan)
S3 ENTECH64; C:\Windows\SysWOW64\DRIVERS\ENTECH64.sys [5632 2004-06-22] (EnTech Taiwan)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
R3 RegFltrX64; C:\Users\Sylva\AppData\Local\f4854413752793fb3b2b4b111f01418e\RegFltrX64.sys [18064 2014-06-03] ()
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 LgBttPort; system32\DRIVERS\lgbtpt64.sys [X]
S3 lgbusenum; system32\DRIVERS\lgbtbs64.sys [X]
S3 LGVMODEM; system32\DRIVERS\lgvmdm64.sys [X]
U4 RDSessMgr;
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-06-08 17:19 - 2014-06-08 17:19 - 00000000 ____D () C:\FRST
2014-06-04 22:27 - 2014-06-04 22:27 - 00000000 ____D () C:\Users\Sylva\AppData\Local\f4854413752793fb3b2b4b111f01418e
2014-06-03 22:01 - 2014-06-03 22:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-06-03 22:00 - 2014-06-03 22:00 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-06-03 22:00 - 2014-06-03 22:00 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-05-13 22:03 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-13 22:03 - 2014-05-06 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-13 22:03 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-13 22:03 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-13 22:03 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-13 22:03 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-13 21:19 - 2014-05-09 08:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-13 21:19 - 2014-05-09 08:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-13 21:19 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-13 21:19 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-13 21:18 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-13 21:18 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-13 21:18 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-13 21:18 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-13 21:18 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-13 21:18 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-13 21:18 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-13 21:18 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-13 21:18 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-13 21:18 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-13 21:18 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-13 21:18 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-13 21:18 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-13 21:18 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-13 21:18 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-13 21:18 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-13 21:18 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-13 21:18 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-13 21:18 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-13 21:18 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-13 21:18 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-13 21:18 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-13 21:18 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-13 21:18 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-13 21:18 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-13 21:18 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-13 21:18 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-13 21:18 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-13 21:18 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-13 21:18 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-13 21:18 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-13 21:18 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-13 21:18 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-13 21:18 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-13 21:18 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-13 21:18 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-13 21:18 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-13 21:18 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-13 21:18 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-13 21:18 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-13 21:18 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
==================== One Month Modified Files and Folders =======
2014-06-08 17:20 - 2011-06-07 17:13 - 00000000 ____D () C:\Users\Sylva\AppData\Local\Temp
2014-06-08 17:19 - 2014-06-08 17:19 - 00000000 ____D () C:\FRST
2014-06-08 16:44 - 2012-09-16 19:26 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-08 16:27 - 2011-06-07 18:57 - 00000950 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-08 15:48 - 2012-01-10 18:16 - 00000982 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3667430092-2908953777-461473442-1000UA.job
2014-06-08 12:17 - 2011-11-17 20:18 - 00000000 ____D () C:\Users\Sylva\AppData\Local\PMB Files
2014-06-08 11:58 - 2013-11-03 12:33 - 00004974 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Sylva-PC-Sylva Sylva-PC
2014-06-08 11:55 - 2009-07-14 06:45 - 00015344 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-08 11:55 - 2009-07-14 06:45 - 00015344 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-08 11:51 - 2011-06-01 14:58 - 01486274 _____ () C:\Windows\WindowsUpdate.log
2014-06-08 11:47 - 2014-03-16 19:49 - 00008340 _____ () C:\Windows\setupact.log
2014-06-08 11:47 - 2011-06-07 18:57 - 00000946 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-08 11:47 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-08 05:47 - 2011-09-15 08:23 - 00000000 _____ () C:\Windows\SysWOW64\Access.dat
2014-06-08 03:48 - 2012-01-10 18:16 - 00000960 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3667430092-2908953777-461473442-1000Core.job
2014-06-04 22:27 - 2014-06-04 22:27 - 00000000 ____D () C:\Users\Sylva\AppData\Local\f4854413752793fb3b2b4b111f01418e
2014-06-04 14:57 - 2011-07-07 17:29 - 00000000 ____D () C:\Users\Sylva\AppData\Roaming\Skype
2014-06-04 14:57 - 2011-07-07 17:28 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-06-04 14:56 - 2013-05-21 09:03 - 00000000 ____D () C:\ProgramData\Skype
2014-06-03 22:01 - 2014-06-03 22:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-06-03 22:00 - 2014-06-03 22:00 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-06-03 22:00 - 2014-06-03 22:00 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-06-02 19:32 - 2009-07-14 17:18 - 00671824 _____ () C:\Windows\system32\perfh005.dat
2014-06-02 19:32 - 2009-07-14 17:18 - 00142424 _____ () C:\Windows\system32\perfc005.dat
2014-06-02 19:32 - 2009-07-14 07:13 - 01592614 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-24 10:25 - 2014-03-16 19:48 - 00019368 _____ () C:\Windows\PFRO.log
2014-05-23 20:30 - 2013-03-24 20:01 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-05-15 01:50 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-05-14 13:44 - 2012-09-16 19:26 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-14 13:44 - 2012-09-16 19:26 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-14 13:44 - 2011-06-07 18:57 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-13 22:54 - 2011-06-07 17:14 - 00000000 ___RD () C:\Users\Sylva\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-13 22:54 - 2011-06-07 17:14 - 00000000 ___RD () C:\Users\Sylva\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-13 22:49 - 2014-05-07 22:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-13 22:03 - 2013-03-24 19:36 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-13 22:02 - 2013-08-14 22:01 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-13 22:01 - 2011-06-16 22:03 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-13 21:12 - 2013-03-28 21:38 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-05-10 10:22 - 2011-06-07 18:57 - 00003946 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-10 10:22 - 2011-06-07 18:57 - 00003694 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-09 08:14 - 2014-05-13 21:19 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 08:11 - 2014-05-13 21:19 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-06-08 00:49
==================== End Of Log ============================
Děkuji za pomoc
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu, vyskakující reklama bestadbid v IE
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosím o kontrolu, vyskakující reklama bestadbid v IE
Zdravim 
Davejte sem prosim logy bez pouziti kurzivy, ci cehokoliv jineho. Spatne se to cte
Mate tam nejake to svinstvo
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.
Davejte sem prosim logy bez pouziti kurzivy, ci cehokoliv jineho. Spatne se to cte
Mate tam nejake to svinstvo
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o kontrolu, vyskakující reklama bestadbid v IE
# AdwCleaner v3.212 - Report created 08/06/2014 at 17:36:40
# Updated 05/06/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Sylva - SYLVA-PC
# Running from : C:\Users\Sylva\Desktop\adwcleaner_3.212.exe
# Option : Clean
***** [ Services ] *****
[#] Service Deleted : Browser Manager
[#] Service Deleted : PirritUpdater
***** [ Files / Folders ] *****
Folder Deleted : C:\Program Files (x86)\Pirrit
Folder Deleted : C:\Program Files (x86)\WinRST
Folder Deleted : C:\Users\Sylva\AppData\Local\Babylon
Folder Deleted : C:\Users\Sylva\AppData\Local\Conduit
Folder Deleted : C:\Users\Sylva\AppData\Local\eSupport.com
Folder Deleted : C:\Users\Sylva\AppData\Local\MediaGet2
Folder Deleted : C:\Users\Sylva\AppData\Local\PackageAware
Folder Deleted : C:\Users\Sylva\AppData\Local\WinRST
Folder Deleted : C:\Users\Sylva\AppData\LocalLow\BabylonToolbar
Folder Deleted : C:\Users\Sylva\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Sylva\AppData\LocalLow\BS_Player
Folder Deleted : C:\Users\Sylva\AppData\Roaming\Babylon
Folder Deleted : C:\Users\Sylva\AppData\Roaming\dvdvideosoftiehelpers
Folder Deleted : C:\Users\Sylva\AppData\Roaming\Pirrit
Folder Deleted : C:\Users\Sylva\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
File Deleted : C:\Windows\SysWOW64\conduitEngine.tmp
File Deleted : C:\Users\Sylva\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_continuetosave.info_0.localstorage-journal
File Deleted : C:\Users\Sylva\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\Sylva\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
***** [ Shortcuts ] *****
***** [ Registry ] *****
Value Deleted : HKCU\Software\Mozilla\Firefox\Extensions [{58BD07EB-0EE0-4DF0-8121-DC9B693373DF}]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Key Deleted : HKCU\Software\Google\Chrome\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph
Key Deleted : HKCU\Software\Classes\VirtualStore\MACHINE\SOFTWARE\Wow6432Node\BabylonToolbar
Key Deleted : HKCU\Software\Microsoft\Office\Powerpoint\Addins\babylonofficeaddin.officeaddin
Key Deleted : HKCU\Software\Microsoft\Office\Word\Addins\babylonofficeaddin.officeaddin
Key Deleted : HKLM\SOFTWARE\Classes\AppID\BabylonHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BabylonTC_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BabylonTC_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Key Deleted : HKCU\Software\5328f8fb338ea41
Key Deleted : HKLM\SOFTWARE\5328f8fb338ea41
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT1750559
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_windows-live-movie-maker_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_windows-live-movie-maker_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6536801B-F50C-449B-9476-093DFD3789E3}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D40C654D-7C51-4EB3-95B2-1E23905C2A2D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{376CB069-EA48-4A96-9FAE-7087D3319EB8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F4A0B3AE-19F1-4B5C-AF40-0B5A4CD1A1A0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D40C654D-7C51-4EB3-95B2-1E23905C2A2D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D40C654D-7C51-4EB3-95B2-1E23905C2A2D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D40C654D-7C51-4EB3-95B2-1E23905C2A2D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F4A0B3AE-19F1-4B5C-AF40-0B5A4CD1A1A0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A034FEC5-F0CC-491D-A69C-F98044FCAA8D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3F8199D1-BB0F-425D-937A-5DD253A1CBF5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\Babylon
Key Deleted : HKCU\Software\BrowserMngr
Key Deleted : HKCU\Software\Conduit
[#] Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\Pirrit
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\SweetIM
Key Deleted : HKCU\Software\wscontb
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\BS_Player
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\BrowserMngr
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\Iminent
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\Pirrit
Key Deleted : HKLM\Software\SweetIM
Key Deleted : HKLM\Software\Trymedia Systems
Key Deleted : HKLM\Software\BS_Player
Key Deleted : [x64] HKLM\SOFTWARE\DivX\Install\Setup\WizardLayout\ConduitToolbar
Key Deleted : [x64] HKLM\SOFTWARE\Pirrit
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17041
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]
-\\ Mozilla Firefox v4.0.1 (cs)
-\\ Google Chrome v35.0.1916.114
[ File : C:\Users\Sylva\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Deleted [Search Provider] : hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=&apn_dtid=OSJ000&apn_uid=2DACD6E6-4CDC-4952-8508-17445BAD40F1&apn_sauid=4306BE1B-1D96-4ACC-A2C4-B8E6010A31AB
Deleted [Search Provider] : hxxp://search.babylon.com/?q={searchTerms}&affID=111304&tt=120812_bandext_3312_3&babsrc=SP_ss&mntrId=84af746000000000000000ff2850d649
Deleted [Search Provider] : hxxp://www.search.ask.com/web?p2=%5EBBK%5EOSJ0 ... earchTerms}
Deleted [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}
Deleted [Startup_urls] : hxxp://www.search.ask.com/?o=APN11459&gct=hp&d ... 70-312&t=4
Deleted [Extension] : ndibdjnfmopecpmkdieinmbadjfpblof
*************************
AdwCleaner[R0].txt - [10289 octets] - [08/06/2014 17:34:47]
AdwCleaner[S0].txt - [10615 octets] - [08/06/2014 17:36:40]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [10676 octets] ##########
Děkuji a omlouvám se za kurzívu
# Updated 05/06/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Sylva - SYLVA-PC
# Running from : C:\Users\Sylva\Desktop\adwcleaner_3.212.exe
# Option : Clean
***** [ Services ] *****
[#] Service Deleted : Browser Manager
[#] Service Deleted : PirritUpdater
***** [ Files / Folders ] *****
Folder Deleted : C:\Program Files (x86)\Pirrit
Folder Deleted : C:\Program Files (x86)\WinRST
Folder Deleted : C:\Users\Sylva\AppData\Local\Babylon
Folder Deleted : C:\Users\Sylva\AppData\Local\Conduit
Folder Deleted : C:\Users\Sylva\AppData\Local\eSupport.com
Folder Deleted : C:\Users\Sylva\AppData\Local\MediaGet2
Folder Deleted : C:\Users\Sylva\AppData\Local\PackageAware
Folder Deleted : C:\Users\Sylva\AppData\Local\WinRST
Folder Deleted : C:\Users\Sylva\AppData\LocalLow\BabylonToolbar
Folder Deleted : C:\Users\Sylva\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Sylva\AppData\LocalLow\BS_Player
Folder Deleted : C:\Users\Sylva\AppData\Roaming\Babylon
Folder Deleted : C:\Users\Sylva\AppData\Roaming\dvdvideosoftiehelpers
Folder Deleted : C:\Users\Sylva\AppData\Roaming\Pirrit
Folder Deleted : C:\Users\Sylva\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
File Deleted : C:\Windows\SysWOW64\conduitEngine.tmp
File Deleted : C:\Users\Sylva\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_continuetosave.info_0.localstorage-journal
File Deleted : C:\Users\Sylva\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\Sylva\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
***** [ Shortcuts ] *****
***** [ Registry ] *****
Value Deleted : HKCU\Software\Mozilla\Firefox\Extensions [{58BD07EB-0EE0-4DF0-8121-DC9B693373DF}]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Key Deleted : HKCU\Software\Google\Chrome\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph
Key Deleted : HKCU\Software\Classes\VirtualStore\MACHINE\SOFTWARE\Wow6432Node\BabylonToolbar
Key Deleted : HKCU\Software\Microsoft\Office\Powerpoint\Addins\babylonofficeaddin.officeaddin
Key Deleted : HKCU\Software\Microsoft\Office\Word\Addins\babylonofficeaddin.officeaddin
Key Deleted : HKLM\SOFTWARE\Classes\AppID\BabylonHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BabylonTC_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BabylonTC_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Key Deleted : HKCU\Software\5328f8fb338ea41
Key Deleted : HKLM\SOFTWARE\5328f8fb338ea41
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT1750559
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_windows-live-movie-maker_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_windows-live-movie-maker_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6536801B-F50C-449B-9476-093DFD3789E3}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D40C654D-7C51-4EB3-95B2-1E23905C2A2D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{376CB069-EA48-4A96-9FAE-7087D3319EB8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F4A0B3AE-19F1-4B5C-AF40-0B5A4CD1A1A0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D40C654D-7C51-4EB3-95B2-1E23905C2A2D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D40C654D-7C51-4EB3-95B2-1E23905C2A2D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D40C654D-7C51-4EB3-95B2-1E23905C2A2D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F4A0B3AE-19F1-4B5C-AF40-0B5A4CD1A1A0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A034FEC5-F0CC-491D-A69C-F98044FCAA8D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3F8199D1-BB0F-425D-937A-5DD253A1CBF5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\Babylon
Key Deleted : HKCU\Software\BrowserMngr
Key Deleted : HKCU\Software\Conduit
[#] Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\Pirrit
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\SweetIM
Key Deleted : HKCU\Software\wscontb
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\BS_Player
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\BrowserMngr
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\Iminent
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\Pirrit
Key Deleted : HKLM\Software\SweetIM
Key Deleted : HKLM\Software\Trymedia Systems
Key Deleted : HKLM\Software\BS_Player
Key Deleted : [x64] HKLM\SOFTWARE\DivX\Install\Setup\WizardLayout\ConduitToolbar
Key Deleted : [x64] HKLM\SOFTWARE\Pirrit
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17041
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]
-\\ Mozilla Firefox v4.0.1 (cs)
-\\ Google Chrome v35.0.1916.114
[ File : C:\Users\Sylva\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Deleted [Search Provider] : hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=&apn_dtid=OSJ000&apn_uid=2DACD6E6-4CDC-4952-8508-17445BAD40F1&apn_sauid=4306BE1B-1D96-4ACC-A2C4-B8E6010A31AB
Deleted [Search Provider] : hxxp://search.babylon.com/?q={searchTerms}&affID=111304&tt=120812_bandext_3312_3&babsrc=SP_ss&mntrId=84af746000000000000000ff2850d649
Deleted [Search Provider] : hxxp://www.search.ask.com/web?p2=%5EBBK%5EOSJ0 ... earchTerms}
Deleted [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}
Deleted [Startup_urls] : hxxp://www.search.ask.com/?o=APN11459&gct=hp&d ... 70-312&t=4
Deleted [Extension] : ndibdjnfmopecpmkdieinmbadjfpblof
*************************
AdwCleaner[R0].txt - [10289 octets] - [08/06/2014 17:34:47]
AdwCleaner[S0].txt - [10615 octets] - [08/06/2014 17:36:40]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [10676 octets] ##########
Děkuji a omlouvám se za kurzívu
Re: Prosím o kontrolu, vyskakující reklama bestadbid v IE
Neni proc se omlouvat, nic se nedeje!matlaa53 píše:Děkuji a omlouvám se za kurzívu
Udelejte !!!kompletni!!! kontrolu s MBAM http://www.bleepingcomputer.com/downloa ... re/dl/241/ a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce. Navod zde http://forum.viry.cz/viewtopic.php?f=29&t=115222Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o kontrolu, vyskakující reklama bestadbid v IE
Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org
Verze: v2014.06.08.04
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17107
Sylva :: SYLVA-PC [administrátor]
Ochrana: Povolena
8.6.2014 17:57:38
MBAM-log-2014-06-08 (18-03-57).txt
Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 257651
Uplynulý čas: 5 minut, 48 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 1
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WINRST (PUP.Optional.WinRST.A) -> Nebyla provedena žádná instrukce.
Nalezené hodnoty v registru: 1
HKLM\SYSTEM\CurrentControlSet\Services\WinRST|ImagePath (PUP.Optional.WinRST.A) -> Data: C:\Program Files (x86)\WinRST\WinRST.exe -> Nebyla provedena žádná instrukce.
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 2
C:\Users\Sylva\AppData\Local\Temp\ct3288691 (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Users\Sylva\AppData\Local\Temp\ct3297861 (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
Nalezené soubory: 2
C:\Users\Sylva\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage (PUP.Optional.Superfish.A) -> Nebyla provedena žádná instrukce.
C:\Users\Sylva\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal (PUP.Optional.Superfish.A) -> Nebyla provedena žádná instrukce.
(konec)
www.malwarebytes.org
Verze: v2014.06.08.04
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17107
Sylva :: SYLVA-PC [administrátor]
Ochrana: Povolena
8.6.2014 17:57:38
MBAM-log-2014-06-08 (18-03-57).txt
Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 257651
Uplynulý čas: 5 minut, 48 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 1
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WINRST (PUP.Optional.WinRST.A) -> Nebyla provedena žádná instrukce.
Nalezené hodnoty v registru: 1
HKLM\SYSTEM\CurrentControlSet\Services\WinRST|ImagePath (PUP.Optional.WinRST.A) -> Data: C:\Program Files (x86)\WinRST\WinRST.exe -> Nebyla provedena žádná instrukce.
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 2
C:\Users\Sylva\AppData\Local\Temp\ct3288691 (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Users\Sylva\AppData\Local\Temp\ct3297861 (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
Nalezené soubory: 2
C:\Users\Sylva\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage (PUP.Optional.Superfish.A) -> Nebyla provedena žádná instrukce.
C:\Users\Sylva\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal (PUP.Optional.Superfish.A) -> Nebyla provedena žádná instrukce.
(konec)
Re: Prosím o kontrolu, vyskakující reklama bestadbid v IE
Nalezy nechte odstranit (do karanteny). Po restartu pc udelejte kompletni kontrolu, jak jsem chtel. Tohle byla jen rychla, ta neprohlizi cely disk.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o kontrolu, vyskakující reklama bestadbid v IE
Achjo, napíšete to červeně se třemi vykřičníky a já to přehlédnu... No, tady je log:
Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org
Verze: v2014.06.08.04
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17107
Sylva :: SYLVA-PC [administrátor]
Ochrana: Povolena
8.6.2014 18:25:51
MBAM-log-2014-06-08 (19-29-46).txt
Typ: Kompletní kontrola (C:\|D:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 427057
Uplynulý čas: 54 minut, 20 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 7
C:\System Volume Information\SystemRestore\FRStaging\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.6.4.6\BabylonToolbarApp.dll (PUP.Optional.BabylonToolBar.A) -> Nebyla provedena žádná instrukce.
C:\System Volume Information\SystemRestore\FRStaging\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.6.4.6\BabylonToolbarEng.dll (PUP.Optional.BabylonToolBar.A) -> Nebyla provedena žádná instrukce.
C:\System Volume Information\SystemRestore\FRStaging\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.6.4.6\BabylonToolbarsrv.exe (PUP.Optional.BabylonToolBar.A) -> Nebyla provedena žádná instrukce.
C:\System Volume Information\SystemRestore\FRStaging\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.6.4.6\BabylonToolbarTlbr.dll (PUP.Optional.BabylonToolBar.A) -> Nebyla provedena žádná instrukce.
C:\System Volume Information\SystemRestore\FRStaging\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.6.4.6\uninstall.exe (PUP.Optional.BabylonToolBar.A) -> Nebyla provedena žádná instrukce.
C:\System Volume Information\SystemRestore\FRStaging\Program Files (x86)\Electronic Arts\Medal of Honor\Binaries\loader.dll (Riskware.Tool.CK) -> Nebyla provedena žádná instrukce.
C:\System Volume Information\SystemRestore\FRStaging\Program Files (x86)\GotClip\Uninstall.exe (PUP.Adware.Gotclip.ScamLotto) -> Nebyla provedena žádná instrukce.
(konec)
Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org
Verze: v2014.06.08.04
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17107
Sylva :: SYLVA-PC [administrátor]
Ochrana: Povolena
8.6.2014 18:25:51
MBAM-log-2014-06-08 (19-29-46).txt
Typ: Kompletní kontrola (C:\|D:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 427057
Uplynulý čas: 54 minut, 20 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 7
C:\System Volume Information\SystemRestore\FRStaging\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.6.4.6\BabylonToolbarApp.dll (PUP.Optional.BabylonToolBar.A) -> Nebyla provedena žádná instrukce.
C:\System Volume Information\SystemRestore\FRStaging\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.6.4.6\BabylonToolbarEng.dll (PUP.Optional.BabylonToolBar.A) -> Nebyla provedena žádná instrukce.
C:\System Volume Information\SystemRestore\FRStaging\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.6.4.6\BabylonToolbarsrv.exe (PUP.Optional.BabylonToolBar.A) -> Nebyla provedena žádná instrukce.
C:\System Volume Information\SystemRestore\FRStaging\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.6.4.6\BabylonToolbarTlbr.dll (PUP.Optional.BabylonToolBar.A) -> Nebyla provedena žádná instrukce.
C:\System Volume Information\SystemRestore\FRStaging\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.6.4.6\uninstall.exe (PUP.Optional.BabylonToolBar.A) -> Nebyla provedena žádná instrukce.
C:\System Volume Information\SystemRestore\FRStaging\Program Files (x86)\Electronic Arts\Medal of Honor\Binaries\loader.dll (Riskware.Tool.CK) -> Nebyla provedena žádná instrukce.
C:\System Volume Information\SystemRestore\FRStaging\Program Files (x86)\GotClip\Uninstall.exe (PUP.Adware.Gotclip.ScamLotto) -> Nebyla provedena žádná instrukce.
(konec)
Re: Prosím o kontrolu, vyskakující reklama bestadbid v IE
Z toho si nic nedelejte, nejste zdaleka prvni, ani poslednimatlaa53 píše:Achjo, napíšete to červeně se třemi vykřičníky a já to přehlédnu...
Jelikoz je havet v bodech obnovy, je treba je vymazat. Takze...
Postupujte presne v tomto poradi. 1) MBAM nezavirejte, jen minimalizujte.
2) Vymazte/Vypnete vytvareni bodu obnovy http://forum.viry.cz/viewtopic.php?f=46&t=47040 , ale nerestartujte pc.
3) Ted nechte nalezy MBAM odstranit a restartujte pc.
4) Udelejte novy test s MBAM a dejte sem vysledky.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o kontrolu, vyskakující reklama bestadbid v IE
Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
http://www.malwarebytes.org
Verze: v2014.06.08.04
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17107
Sylva :: SYLVA-PC [administrátor]
Ochrana: Povolena
8.6.2014 20:46:07
MBAM-log-2014-06-08 (21-41-33).txt
Typ: Kompletní kontrola (C:\|D:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 427750
Uplynulý čas: 54 minut, 16 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 2
C:\Users\Sylva\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage (PUP.Optional.Superfish.A) -> Nebyla provedena žádná instrukce.
C:\Users\Sylva\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal (PUP.Optional.Superfish.A) -> Nebyla provedena žádná instrukce.
(konec)
pořád nějaké chyby
http://www.malwarebytes.org
Verze: v2014.06.08.04
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17107
Sylva :: SYLVA-PC [administrátor]
Ochrana: Povolena
8.6.2014 20:46:07
MBAM-log-2014-06-08 (21-41-33).txt
Typ: Kompletní kontrola (C:\|D:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 427750
Uplynulý čas: 54 minut, 16 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 2
C:\Users\Sylva\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage (PUP.Optional.Superfish.A) -> Nebyla provedena žádná instrukce.
C:\Users\Sylva\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal (PUP.Optional.Superfish.A) -> Nebyla provedena žádná instrukce.
(konec)
pořád nějaké chyby
Re: Prosím o kontrolu, vyskakující reklama bestadbid v IE
Nebojte, nakopem jim zadekmatlaa53 píše:pořád nějaké chyby
Nalezy nechte odstranit, pak MBAM odinstalujte. Zapnete opet funkci vytvareni bodu obnovy. Pokud nemate, zazalohujte si radeji dulezita data (fotky, dokumenty, atd.) Nepouzivejte ComboFix bez predchozi domluvy! Je to poruseni pravidel fora a ztratite tim narok na pomoc! Stahnete ComboFix http://download.bleepingcomputer.com/sUBs/ComboFix.exe a ulozte ho na plochu.Vypnete antivir i dalsi pripadne zabezpeceni.
Kliknete na ComboFix pravym mysidlem a levym na Spustit jako spravce
Odsouhlaste licencni podminky a nechte program pracovat. Jestli vam nabidne instalaci Konzoly pro zotaveni, souhlaste.
Po dobu skenu nic nespoustejte, nikam neklikejte.
Po dokonceni skenovani (muze dojit i k restartu pc) by se mel vytvorit log, ktery bude umisteny zde C:\ComboFix.txt
Jeho obsah sem zkopirujte
Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradkuPokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o kontrolu, vyskakující reklama bestadbid v IE
Zdravím,
dnes jsem mimo počítač o kterém zde mluvíme, mohl bych Vás proto poprosit o pomoc v následujících dnech? Děkuji
dnes jsem mimo počítač o kterém zde mluvíme, mohl bych Vás proto poprosit o pomoc v následujících dnech? Děkuji
Re: Prosím o kontrolu, vyskakující reklama bestadbid v IE
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Přispějete na provoz fóra?