Prosím o preventivku logu

Zpráva

gorefest · #1 Příspěvek od **gorefest** » 09 lis 2014 10:16

Prosím o provedení preventivní prohlídky logu, nedávno díky Vánm jsem vyčistil počítač a už se mi zase zdá že tam budou nějaké potvůrky. Počítač je pomalý a pořád něco jakoby dělá. Díky

Logfile of random's system information tool 1.10 (written by random/random)
Run by Kubík at 2014-11-09 10:12:09
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 29 GB (12%) free of 238 GB
Total RAM: 2039 MB (44% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:12:17, on 9.11.2014
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16584)
Boot mode: Normal

Running processes:
C:\Users\Kubík\AppData\Roaming\uTorrent\uTorrent.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_15_0_0_167_ActiveX.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files\trend micro\Kubík.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Kubík\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Převést do Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Připojit cíl vazby k existujícímu PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Připojit k existujícímu PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Autodesk Licensing Service - Autodesk, Inc. - C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9080 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
wininit.exe
C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
C:\Windows\system32\SearchIndexer.exe /Embedding
WLIDSvcM.exe 1800
taskeng.exe {D58A2FBD-2201-4683-9DC0-68BE33D3A63D}
taskeng.exe {00D7D0B9-B7CA-49C0-8944-CDF3D73E1959}
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Windows\RAVCpl64.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Windows\ehome\ehtray.exe"
"C:\Users\Kubík\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"C:\Program Files\Windows Media Player\wmpnscfg.exe"
C:\Windows\system32\igfxsrvc.exe -Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\ehome\ehmsas.exe -Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
"C:\Program Files (x86)\Internet Explorer\iexplore.exe" SCODEF:2692 CREDAT:203009
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_15_0_0_167_ActiveX.exe -Embedding
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_s-1-5-21-544327606-1445399380-3202246954-10004_ Global\UsGthrCtrlFltPipeMssGthrPipe_s-1-5-21-544327606-1445399380-3202246954-10004 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\Program Files (x86)\Internet Explorer\iexplore.exe" SCODEF:2692 CREDAT:334081
"C:\Windows\system32\SearchFilterHost.exe" 0 640 644 652 65536 648
"C:\Users\Kubík\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-11-10 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1584184]
"RtHDVCpl"=C:\Windows\RAVCpl64.exe [2007-10-01 5426688]
"Skytel"=C:\Windows\Skytel.exe [2007-08-03 1826816]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2008-02-11 138264]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2008-02-11 203800]
"Persistence"=C:\Windows\system32\igfxpers.exe [2008-02-11 168472]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2014-08-22 1331288]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1555968]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 138240]
"uTorrent"=C:\Users\Kubík\AppData\Roaming\uTorrent\uTorrent.exe [2014-10-30 1389648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoStartNPSAgent]
C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe [2009-04-02 102400]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaOviSuite2]
C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe [2011-09-01 966712]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files (x86)\Winamp\winampa.exe [2011-12-09 74752]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Akcelerátor spuštění AutoCADu.lnk]
C:\PROGRA~2\COMMON~1\AUTODE~1\ACSTAR~1.EXE [2004-02-25 10872]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-27 919008]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-10-11 59280]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

#2 Příspěvek od **altrok** » 09 lis 2014 23:42

Zdravim

log neni kompletni... pro priste doporucuji oznacit vse (pomoci Ctrl + A)

pamatuju si na Vas.. mel jste to docela zasvihane, takze se tentokrat podivame detailneji... kazdopadne zacneme rutinne

V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose).

Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/

ukoncete vsechny programy
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Scan, pote na Clean
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner [Sx].txt), jehoz obsah mi zkopirujte do pristi odpovedi

gorefest · #3 Příspěvek od **gorefest** » 10 lis 2014 20:30

Dobrý den,

označil jsem log ctrl+A, ale i když se označilo vše, překopírovalo se asi jenom 80% textu. Zbytek jsem se snažil dokopírovat po částech, ale je možné, že mi něco uteklo. takže jedem

# AdwCleaner v4.002 - Report created 27/10/2014 at 12:21:10
# DB v2014-10-26.6
# Updated 27/10/2014 by Xplode
# Operating System : Windows (TM) Vista Home Premium Service Pack 2 (64 bits)
# Username : Kubík - KUBÍK-PC
# Running from : C:\Users\Kubík\Desktop\adwcleaner_4.002.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : globalUpdate
[#] Service Deleted : globalUpdatem
Service Deleted : IePluginServices
Service Deleted : WindowsMangerProtect
[#] Service Deleted : {3c3ae2b4-4a36-40c4-a356-ffc1820b7ece}Gt64

***** [ Files / Folders ] *****

[!] Folder Deleted : C:\Windows\SysWOW64\ARFC
[!] Folder Deleted : C:\Program Files (x86)\Around the world in 80 days
[!] Folder Deleted : C:\Program Files\Babylon
[!] Folder Deleted : C:\Users\Kubík\AppData\Local\cool_mirage
[!] Folder Deleted : C:\Program Files (x86)\driver-soft
[!] Folder Deleted : C:\Program Files (x86)\globalUpdate
[!] Folder Deleted : C:\Users\Kubík\AppData\Local\globalUpdate
[!] Folder Deleted : C:\ProgramData\IePluginServices
[!] Folder Deleted : C:\Windows\SysWOW64\jmdp
[!] Folder Deleted : C:\Users\Kubík\AppData\Local\onlysearch
[!] Folder Deleted : C:\Users\Kubík\AppData\Roaming\OpenCandy
[!] Folder Deleted : C:\Program Files (x86)\SupTab
[!] Folder Deleted : C:\ProgramData\SweetIM
[!] Folder Deleted : C:\Program Files (x86)\SweetIM
[!] Folder Deleted : C:\ProgramData\WindowsMangerProtect
[!] Folder Deleted : C:\Windows\SysWOW64\WNLT
[!] Folder Deleted : C:\ProgramData\Alawar Stargaze
[!] Folder Deleted : C:\Users\Kubík\AppData\Roaming\Alawar Stargaze
[!] Folder Deleted : C:\Program Files (x86)\ClickMovie1-Downloaderv10
[!] Folder Deleted : C:\Users\Kubík\AppData\Local\ClickMovie1-Downloaderv10
File Deleted : C:\Windows\System32\\drivers\{3c3ae2b4-4a36-40c4-a356-ffc1820b7ece}Gt64.sys
File Deleted : C:\Program Files (x86)\Mozilla Firefox\user.js

***** [ Scheduled Tasks ] *****

Task Deleted : globalUpdateUpdateTaskMachineCore
Task Deleted : globalUpdateUpdateTaskMachineUA

***** [ Shortcuts ] *****

Shortcut Disinfected : C:\Users\Kubík\Desktop\Launch Internet Explorer Browser.lnk

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\BabylonHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Sweetpacks Communicator]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Key Deleted : HKCU\Software\Classes\keepmysearch
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0063317.BHO
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0063317.BHO.1
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0063317.Sandbox
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0063317.Sandbox.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6536801B-F50C-449B-9476-093DFD3789E3}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{059EACC2-1ABE-49E8-928D-DC8BD355B7A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611331117}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622332217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0BF91075-F457-4A8B-99EF-140B52D2F22A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{37425600-CB21-49A0-8659-476FBAB0F8E8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{431FB0E5-2CBB-4602-9FE6-F1D64488ADD7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5C9A230D-70A5-11D5-AFB0-0050DAC67890}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8911483C-C00A-4183-9FBC-6C9C00946C15}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C3F058A9-407D-4CD1-8F66-B75605B54B69}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EFDCAF05-D29C-4D4D-9836-8CDCD606A6B2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655335517}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666336617}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{5C9A2304-70A5-11D5-AFB0-0050DAC67890}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440644334417}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110611331117}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611331117}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622332217}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\SupHpUISoft
Key Deleted : HKCU\Software\SweetIM
Key Deleted : HKCU\Software\ClickMovie1-Downloaderv10
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\ClickMovie1-Downloaderv10
Key Deleted : HKLM\SOFTWARE\Driver-Soft
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : HKLM\SOFTWARE\istartsurfSoftware
Key Deleted : HKLM\SOFTWARE\SupDp
Key Deleted : HKLM\SOFTWARE\SupTab
Key Deleted : HKLM\SOFTWARE\supWindowsMangerProtect
Key Deleted : HKLM\SOFTWARE\supWPM
Key Deleted : HKLM\SOFTWARE\SweetIM
Key Deleted : HKLM\SOFTWARE\ClickMovie1-Downloaderv10
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{ea8fa6be-29be-4af2-9352-841f83215eb0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WindowsMangerProtect
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ClickMovie1-Downloaderv10
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{953AA732-9AFB-49C9-84A4-7F96CA0A08DA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{c3e85ee9-5892-4142-b537-bceb3dac4c3d}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{ea8fa6be-29be-4af2-9352-841f83215eb0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\1ClickDownload
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Babylon
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\BabylonToolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\PCSU-SL_is1
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\WindowsMangerProtect
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\WNLT
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\onlysearch
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ClickMovie1-Downloaderv10
Key Deleted : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : [x64] HKLM\SOFTWARE\Speedchecker Limited
Key Deleted : [x64] HKLM\SOFTWARE\WNLT
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WNLT
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\12BF94BD06C95F343A77631402B9556A
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2124D8A8CF720FD44866190AF560228E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\27A325ACED8CA4743A30127638591ADB
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\350D17402BD84234EAF7D32F08172D7C
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3EE8C5F419057E1478A654868CEE60B5
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4735D908D66E1BA46B6C2D7185A12B2B
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\76D8378E2DDAED3428720A631F6E3BF0
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A001B259DB7D694E818BE29B973992C
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BAE2EC163C6A68A48921573E0E7E199D
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C06C6662FA5B04646829E4A460857770
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CEEB3E14ABE8270419B0FD762E18F7C6
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1B5E9A3BDB51349BF96E842C062D98
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FECBC2BC14DA6CD459BD59A041709836
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EB6AF8AEEB922FA4392548F13812E50B
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GoogleUpdate.exe

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16584

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Google Chrome v38.0.2125.104

*************************

AdwCleaner[R0].txt - [20980 octets] - [27/10/2014 12:15:20]
AdwCleaner[S0].txt - [17166 octets] - [27/10/2014 12:21:10]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [17227 octets] ##########
# AdwCleaner v4.101 - Report created 10/11/2014 at 20:27:55
# Updated 09/11/2014 by Xplode
# Database : 2014-11-10.1 [Live]
# Operating System : Windows (TM) Vista Home Premium Service Pack 2 (64 bits)
# Username : Kubík - KUBÍK-PC
# Running from : C:\Users\Kubík\Desktop\adwcleaner_4.101.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

[#] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1EA4DBF0-3C3B-11CF-810C-00AA00389B71}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{ea8fa6be-29be-4af2-9352-841f83215eb0}

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16584

-\\ Google Chrome v38.0.2125.111

-\\ Opera v0.0.0.0

*************************

AdwCleaner[R0].txt - [22033 octets] - [27/10/2014 12:15:20]
AdwCleaner[S0].txt - [18340 octets] - [27/10/2014 12:21:10]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [18401 octets] ##########

#4 Příspěvek od **altrok** » 10 lis 2014 20:31

Ulozte na plochu zoek.exe http://hijackthis.nl/smeenk/zoek.htm

spustte jako spravce
do velkeho okna zkopirujte script uvedeny nize
kliknete na Run script
po restartu na Vas vyskoci log (pripadne jej najdete v C:\zoek-results.log) - vlozte mi jej do pristi odpovedi
Kód: Vybrat vše
```
autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts;
```

gorefest · #5 Příspěvek od **gorefest** » 10 lis 2014 21:28

Zoek.exe v5.0.0.0 Updated 10-November-2014
Tool run by Kubˇk on po 10.11.2014 at 20:44:40,80.
Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\KUBK~1\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

10.11.2014 20:48:53 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== Deleting Files \ Folders ======================

C:\user.js deleted
C:\Eye 310_v4.21.0.000.exe deleted
"C:\Windows\Installer\838944.msi" deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"hotfix@mozilla.org"="C:\Users\Kubˇk\AppData\Roaming\Mozilla\Firefox\Extensions\MozillaHotfix" [19.05.2012 20:41]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"hotfix@mozilla.org"="C:\Users\Kubˇk\AppData\Roaming\Mozilla\Firefox\Extensions\MozillaHotfix" [19.05.2012 20:41]

==== Chromium Look ======================

Seznam LiĹˇtiÄŤka - SlovnĂk - KUBK~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd
Seznam LiĹˇtiÄŤka - RychlĂˇ volba - KUBK~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.seznam.cz/"
"Default_Page_URL"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Default_Search_URL"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Default_Search_URL"="http://www.google.com"
"Search Page"="http://www.google.com"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.seznam.cz/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"

==== Reset Google Chrome ======================

C:\Users\KUBK~1\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\KUBK~1\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\FECF7F8A6AC39EC4F8AEB81BF868680F deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A8F7FCEF-3CA6-4CE9-8FEA-8BB18F8686F0} deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\KUBK~1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\KUBK~1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\KUBK~1\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully
C:\Users\KUBK~1\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=4 folders=0 5186164 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\KUBK~1\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\KUBK~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\KUBK~1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

==== EOF on po 10.11.2014 at 21:27:00,72 ======================

#6 Příspěvek od **altrok** » 10 lis 2014 21:29

Nainstalujte MBAM a udelejte vlastni sken vsech disku - http://forum.viry.cz/viewtopic.php?f=29&t=137928

gorefest · #7 Příspěvek od **gorefest** » 11 lis 2014 18:04

Nějak nestíhám

takže

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 10.11.2014
Čas skenování: 21:51:54
Protokol: log.txt
Správce: Ano

Verze: 2.00.3.1025
Databáze malwaru: v2014.11.10.09
Databáze rootkitů: v2014.11.10.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Sebeobrany: Vypnuto

OS: Windows Vista Service Pack 2
CPU: x64
Souborový systém: NTFS
Uživatel: KubAk

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 699203
Uplynulý čas: 4 hod, 59 min, 50 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Žádné zákerné zjištěny položek)

Moduly: 0
(Žádné zákerné zjištěny položek)

Klíče registru: 2
PUP.Optional.1ClickMovieDownload.A, HKLM\SOFTWARE\WOW6432NODE\ClickMovie1-Downloaderv10-nv, , [2df47bbf5d1fdd59bc261131887bb54b],
PUP.Optional.1ClickMovieDownload.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\ClickMovie1-Downloaderv10, , [7da4d169e29ab4823ba985bdfe0551af],

Hodnoty registru: 0
(Žádné zákerné zjištěny položek)

Data registru: 0
(Žádné zákerné zjištěny položek)

Složky: 0
(Žádné zákerné zjištěny položek)

Soubory: 47
PUP.Optional.SweetIM, C:\Windows\Installer\5219381.msi, , [a77a003a0775dc5a7aaa34346f96817f],
Trojan.P2P.Agent, C:\Windows.old.000\Windows\Temp\roqo.tmp\setup.exe, , [061b4feb9ddf48ee25f6285225db39c7],
Trojan.P2P.Agent, C:\Windows.old.000\Windows\SysWOW64\syscache.exe, , [4bd646f497e5e254c358017917e9c937],
Trojan.P2P.Agent, C:\Windows.old.000\Windows\SysWOW64\A0F8E0277894707483985525DE584535\conf\templates\3302.zip, , [77aaee4cd2aa340269b2a2d85ea2cf31],
Trojan.P2P.Agent, C:\Windows.old.000\Windows\SysWOW64\A0F8E0277894707483985525DE584535\conf\templates\3303.zip, , [65bc3a00b8c4ef471b00473311ef7888],
Trojan.P2P.Agent, C:\Windows.old.000\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J3ADGOS0\m7-401[1].zip, , [8e93ea509ddf999dd546adcd5ba5c739],
PUP.Optional.1ClickMovieDownload.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\ClickMovie1-Downloaderv10\0263b5c3-2bb1-4856-b2c0-a6de30431fed-11.exe.vir, , [42df83b7c4b8aa8ce6ced0dd1ce56c94],
PUP.Optional.1ClickMovieDownload.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\ClickMovie1-Downloaderv10\0263b5c3-2bb1-4856-b2c0-a6de30431fed-2.exe.vir, , [2bf642f880fccd69169e64498b76be42],
PUP.Optional.1ClickMovieDownload.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\ClickMovie1-Downloaderv10\0263b5c3-2bb1-4856-b2c0-a6de30431fed-3.exe.vir, , [869b1d1d5428c274dada614c738e24dc],
PUP.Optional.1ClickMovieDownload.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\ClickMovie1-Downloaderv10\0263b5c3-2bb1-4856-b2c0-a6de30431fed-4.exe.vir, , [64bd26148def6bcbf0c4fab30ef3fc04],
PUP.Optional.1ClickMovieDownload.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\ClickMovie1-Downloaderv10\0263b5c3-2bb1-4856-b2c0-a6de30431fed-5.exe.vir, , [54cdec4eb3c97bbb8b29d6d747baaa56],
PUP.Optional.Nova.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\ClickMovie1-Downloaderv10\20e81d5d-6ef4-4132-99aa-64f032203685.dll.vir, , [210095a5d6a67cbae34a776a9b66e917],
PUP.Optional.1ClickMovieDownload.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\ClickMovie1-Downloaderv10\b1d02aa7-81df-4b1f-8023-d8eb3512fbdb-2.exe.vir, , [ba672d0da1db5adc2c88ddd0ac55a060],
PUP.Optional.1ClickMovieDownload.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\ClickMovie1-Downloaderv10\b1d02aa7-81df-4b1f-8023-d8eb3512fbdb-3.exe.vir, , [c45dcf6b3c400333e0d4decf2cd5ed13],
PUP.Optional.1ClickMovieDownload.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\ClickMovie1-Downloaderv10\b1d02aa7-81df-4b1f-8023-d8eb3512fbdb-4.exe.vir, , [bf620d2d25570e2884301f8ed42dc040],
PUP.Optional.1ClickMovieDownload.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\ClickMovie1-Downloaderv10\b1d02aa7-81df-4b1f-8023-d8eb3512fbdb-5.exe.vir, , [d64b99a1a8d4d363d9dbfab3c04125db],
PUP.Optional.1ClickMovieDownload.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\ClickMovie1-Downloaderv10\b1d02aa7-81df-4b1f-8023-d8eb3512fbdb-6.exe.vir, , [1a071822f08c8aac14a0fbb27f82817f],
PUP.Optional.1ClickMovieDownload.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\ClickMovie1-Downloaderv10\b1d02aa7-81df-4b1f-8023-d8eb3512fbdb-64.exe.vir, , [f42d9e9c8cf01e18b004aa030bf6ed13],
PUP.Optional.1ClickMovieDownload.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\ClickMovie1-Downloaderv10\b1d02aa7-81df-4b1f-8023-d8eb3512fbdb-7.exe.vir, , [f22f75c57b01ec4a159fbbf238c9d729],
PUP.Optional.1ClickMovieDownload.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\ClickMovie1-Downloaderv10\ClickMovie1-Downloaderv10-bg.exe.vir, , [3be63505a5d7de58c0f44f5eb24f9e62],
PUP.Optional.1ClickMovieDownload.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\ClickMovie1-Downloaderv10\ClickMovie1-Downloaderv10-bho.dll.vir, , [4ad782b894e82115fcb85855ba47718f],
PUP.Optional.1ClickMovieDownload.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\ClickMovie1-Downloaderv10\ClickMovie1-Downloaderv10-bho64.dll.vir, , [40e1300ae399b185199b911ccb3649b7],
PUP.Optional.1ClickMovieDownload.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\ClickMovie1-Downloaderv10\ClickMovie1-Downloaderv10-buttonutil.exe.vir, , [ae7334065725e155892bbdf050b143bd],
PUP.Optional.1ClickMovieDownload.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\ClickMovie1-Downloaderv10\ClickMovie1-Downloaderv10-buttonutil64.exe.vir, , [fd24fb3fdd9f1026d8dcb8f5d52c728e],
PUP.Optional.1ClickMovieDownload.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\ClickMovie1-Downloaderv10\ClickMovie1-Downloaderv10-codedownloader.exe.vir, , [7ea353e7522acb6befc5931a14edcb35],
PUP.Optional.CrossRider.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\ClickMovie1-Downloaderv10\utils.exe.vir, , [39e892a86d0f12244def9aab10f0dc24],
PUP.Optional.1ClickMovieDownload.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\ClickMovie1-Downloaderv10\b1d02aa7-81df-4b1f-8023-d8eb3512fbdb-11.exe.vir, , [051c3efc67151b1b8f25d3dabd4404fc],
PUP.Optional.Skytech.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\DpInterface32.dll.vir, , [cf528baf5a226ccac8ecd2ccdb26d22e],
PUP.Optional.Skytech.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\DpInterface64.dll.vir, , [cd5485b598e43600fdb747576c95dc24],
PUP.Optional.SearchProtect, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\Loader64.exe.vir, , [79a8e1596f0d5bdb04b7815cb34eab55],
PUP.Optional.IEPluginService.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\RSHP.exe.vir, , [0f12f842e19ba78fd8edb6cbc73aca36],
PUP.Optional.Skytech.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SearchProtect32.dll.vir, , [61c0ab8fe09c0333169ed5c94bb6659b],
PUP.Optional.Skytech.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SearchProtect64.dll.vir, , [b66bcf6b403cf244f9bb049abc45ed13],
PUP.Optional.IePluginService.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SupIePluginServiceUpdate.exe.vir, , [fc251c1e84f8b185768c3b347988857b],
PUP.Optional.SupTab.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SupTab.dll.vir, , [ea37d664ccb02b0bb0d142f344bc649c],
PUP.Optional.SweetIM, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Communicator\mgcommon.dll.vir, , [3de4e357265693a3c85c333519ec2dd3],
PUP.Optional.SweetIM, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Communicator\mgcommunication.dll.vir, , [061b0b2f7705fd392ef6b2b655b01be5],
PUP.Optional.SweetIM, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Communicator\mgsimcommon.dll.vir, , [cd5457e345374fe70b19bcac12f3c937],
PUP.Optional.SweetIM, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Communicator\mgxml_wrapper.dll.vir, , [6ab7be7c6c104aec8b996701e02546ba],
PUP.Optional.SweetIM, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe.vir, , [dd4403379ddfd85e9094b6b223e251af],
PUP.Optional.SweetIM, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Communicator\resources\sqlite\mgSqlite3.dll.vir, , [42df46f423592f0758ccd1978c79e41c],
PUP.Optional.IePluginService.A, C:\AdwCleaner\Quarantine\C\ProgramData\IePluginServices\PluginService.exe.vir, , [4fd20733e894e94ddf23cfa0b9486d93],
PUP.Optional.WindowsProtectManger.A, C:\AdwCleaner\Quarantine\C\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe.vir, , [73ae7fbbbbc1a2947378c6f4a55c4db3],
PUP.Optional.1ClickMovieDownload.A, C:\FRST\Quarantine\C\Users\KubAk\AppData\Roaming\EKPMQFQJ.exe.xBAD, , [7da4f24809733ff7278d694405fc31cf],
PUP.Optional.1ClickMovieDownload.A, C:\FRST\Quarantine\C\Users\KubAk\AppData\Roaming\JCGKE.exe.xBAD, , [5fc25ae0abd12f0734801a935ba60ff1],
PUP.Optional.1ClickMovieDownload.A, C:\FRST\Quarantine\C\Users\KubAk\AppData\Roaming\PSOJYHO.exe.xBAD, , [61c079c13d3f3303159f199420e16898],
PUP.Optional.1ClickMovieDownload.A, C:\FRST\Quarantine\C\Users\KubAk\AppData\Roaming\QPSJJQY.exe.xBAD, , [fe239d9d5d1fb77f01b3b3fa7e8312ee],

Fyzické sektory: 0
(Žádné zákerné zjištěny položek)

(end)

#8 Příspěvek od **altrok** » 11 lis 2014 18:07

Vsechny nalezy presunte do karanteny/smazte.

Dejte novy log FRST.txt, prilozte i Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101

Dnes musim odejit, pokracovani zitra.

gorefest · #9 Příspěvek od **gorefest** » 11 lis 2014 22:07

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-11-2014
Ran by Kubík (administrator) on KUBÍK-PC on 11-11-2014 21:58:41
Running from C:\Users\Kubík\Desktop
Loaded Profiles: Kubík & (Available profiles: Kubík)
Platform: Windows Vista (TM) Home Premium Service Pack 2 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 9
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Software602 a.s.) C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Realtek Semiconductor) C:\Windows\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(BitTorrent Inc.) C:\Users\Kubík\AppData\Roaming\uTorrent\uTorrent.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1584184 2008-01-19] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RAVCpl64.exe [5426688 2007-10-01] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] => C:\Windows\Skytel.exe [1826816 2007-08-03] (Realtek Semiconductor Corp.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [919008 2012-07-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-10-11] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-544327606-1445399380-3202246954-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [138240 2008-01-19] (Microsoft Corporation)
HKU\S-1-5-21-544327606-1445399380-3202246954-1000\...\Run: [uTorrent] => C:\Users\Kubík\AppData\Roaming\uTorrent\uTorrent.exe [1389648 2014-10-30] (BitTorrent Inc.)
HKU\S-1-5-21-544327606-1445399380-3202246954-1000\...\MountPoints2: G - G:\LaunchU3.exe -a
HKU\S-1-5-21-544327606-1445399380-3202246954-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [138240 2008-01-19] (Microsoft Corporation)
HKU\S-1-5-21-544327606-1445399380-3202246954-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [uTorrent] => C:\Users\Kubík\AppData\Roaming\uTorrent\uTorrent.exe [1389648 2014-10-30] (BitTorrent Inc.)
HKU\S-1-5-21-544327606-1445399380-3202246954-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: G - G:\LaunchU3.exe -a
ShellIconOverlayIdentifiers-x32: [Správa překryvné ikony digitálních podpisů AutoCADu ] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\SysWOW64\AcSignIcon.dll (Autodesk)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Pomocná služba pro přihlášení ke službě Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/ ... ontrol.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
Winsock: Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [50176] (Společnost Microsoft)
Winsock: Catalog5-x64 02 %SystemRoot%\system32\napinsp.dll [62976] (Společnost Microsoft)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin-x32: @software602.cz/602XML Filler -> C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll (Software602 a.s.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2011-04-10]
FF HKLM-x32\...\Firefox\Extensions: [{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}] - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension
FF Extension: Firefox Synchronisation Extension - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension [2011-09-06]
FF HKLM-x32\...\Firefox\Extensions: [hotfix@mozilla.org] - C:\Users\Kubík\AppData\Roaming\Mozilla\Firefox\Extensions\MozillaHotfix
FF Extension: Mozilla hotfix - C:\Users\Kubík\AppData\Roaming\Mozilla\Firefox\Extensions\MozillaHotfix [2012-05-19]
FF HKLM-x32\...\Thunderbird\Extensions: [{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}] - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension
FF Extension: Thunderbird Address Book Synchronisation Extension - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension [2011-09-06]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR DefaultSearchKeyword: Default -> seznam.cz
CHR DefaultSearchURL: Default -> http://search.seznam.cz/?q={searchTerms}
CHR DefaultSuggestURL: Default -> http://suggest.fulltext.seznam.cz/fullt ... earchTerms}
CHR Profile: C:\Users\Kubík\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Kubík\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-18]
CHR Extension: (Dokumenty Google) - C:\Users\Kubík\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-18]
CHR Extension: (Disk Google) - C:\Users\Kubík\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-18]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\Kubík\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2014-09-25]
CHR Extension: (YouTube) - C:\Users\Kubík\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-18]
CHR Extension: (Vyhledávání Google) - C:\Users\Kubík\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-18]
CHR Extension: (Tabulky Google) - C:\Users\Kubík\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-18]
CHR Extension: (Peněženka Google) - C:\Users\Kubík\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-18]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\Kubík\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2014-09-25]
CHR Extension: (Gmail) - C:\Users\Kubík\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-18]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 602XML Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [84520 2011-03-14] (Software602 a.s.)
S3 Autodesk Licensing Service; C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe [74360 2011-10-28] (Autodesk, Inc.)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2011-04-10] (Macrovision Europe Ltd.) [File not signed]
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [217088 2007-06-04] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [131072 2007-06-04] (Hewlett-Packard Co.) [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [69632 2006-11-08] (Hewlett-Packard) [File not signed]
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [88064 2006-11-08] (Hewlett-Packard) [File not signed]
S3 ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [633856 2011-06-08] (Nokia) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 3xHybr64; C:\Windows\System32\DRIVERS\3xHybr64.sys [873216 2007-04-20] (Philips Semiconductors GmbH)
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [303616 2012-11-22] () [File not signed]
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-10-26] (Disc Soft Ltd)
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [275432 2009-04-11] (Společnost Microsoft)
S3 ialm; C:\Windows\System32\DRIVERS\igdkmd64.sys [7709056 2008-02-11] (Intel Corporation)
S2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [35328 2012-11-22] () [File not signed]
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-11-11] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
R3 Ntfs; C:\Windows\System32\Drivers\Ntfs.sys [1513320 2013-03-03] (Společnost Microsoft)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-11 21:58 - 2014-11-11 21:59 - 00014962 _____ () C:\Users\Kubík\Desktop\FRST.txt
2014-11-10 21:48 - 2014-11-11 18:35 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-10 21:48 - 2014-11-10 21:48 - 00000947 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-11-10 21:48 - 2014-11-10 21:48 - 00000947 _____ () C:\ProgramData\Desktop\Malwarebytes Anti-Malware.lnk
2014-11-10 21:48 - 2014-11-10 21:48 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-11-10 21:48 - 2014-11-10 21:48 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-11-10 21:48 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-11-10 21:48 - 2014-10-01 11:11 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-11-10 21:48 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-11-10 21:20 - 2014-11-10 20:44 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-11-10 20:48 - 2014-11-10 21:27 - 00006921 _____ () C:\zoek-results.log
2014-11-10 20:44 - 2014-11-10 21:16 - 00000000 ____D () C:\zoek_backup
2014-11-10 20:43 - 2014-11-10 20:43 - 01294848 _____ () C:\Users\Kubík\Desktop\zoek.exe
2014-11-10 20:29 - 2014-11-11 17:59 - 00001028 _____ () C:\Windows\PFRO.log
2014-11-10 20:24 - 2014-11-10 20:24 - 02140160 _____ () C:\Users\Kubík\Desktop\adwcleaner_4.101.exe
2014-11-09 10:12 - 2014-11-09 10:12 - 00000000 ____D () C:\Program Files\trend micro
2014-11-09 10:11 - 2014-11-09 10:11 - 01222144 _____ () C:\Users\Kubík\Desktop\RSITx64.exe
2014-11-09 10:10 - 2014-11-11 20:14 - 02116096 _____ (Farbar) C:\Users\Kubík\Desktop\FRST64.exe
2014-10-30 17:36 - 2014-10-30 17:36 - 00002420 _____ () C:\Users\Kubík\Desktop\Riddles of Fate 3 - Memento Mori Collectors Edition.lnk
2014-10-30 17:36 - 2014-10-30 17:36 - 00000000 ____D () C:\Users\Kubík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Riddles of Fate 3 - Memento Mori Collectors Edition
2014-10-30 17:13 - 2014-10-30 17:13 - 00000763 _____ () C:\Users\Kubík\Desktop\µTorrent.lnk
2014-10-30 17:13 - 2014-10-30 17:13 - 00000743 _____ () C:\Users\Kubík\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2014-10-27 14:12 - 2014-10-27 14:12 - 00000892 _____ () C:\DelFix.txt
2014-10-27 13:06 - 2014-11-11 21:58 - 00000000 ____D () C:\FRST
2014-10-27 12:15 - 2014-11-11 20:11 - 00000000 ____D () C:\AdwCleaner
2014-10-26 11:09 - 2014-10-26 11:09 - 00002055 _____ () C:\Users\Kubík\Desktop\Google Chrome.lnk
2014-10-16 22:53 - 2014-10-16 22:53 - 00008656 _____ () C:\Users\Kubík\Documents\cc_20141016_235334.reg
2014-10-15 21:18 - 2014-09-17 07:57 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-15 21:18 - 2014-09-16 17:56 - 00066560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-15 21:17 - 2014-09-28 00:41 - 02782208 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-15 21:11 - 2014-06-15 23:18 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-15 21:11 - 2014-06-15 23:18 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-15 21:11 - 2014-06-13 19:22 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-15 21:11 - 2014-06-13 19:22 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-15 21:11 - 2014-06-13 18:36 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-15 21:11 - 2014-06-13 18:36 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-15 21:10 - 2014-09-05 00:38 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2014-10-15 20:34 - 2014-09-20 01:09 - 17867776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-15 20:34 - 2014-09-20 00:55 - 02339328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-15 20:34 - 2014-09-20 00:54 - 10920960 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-15 20:34 - 2014-09-20 00:50 - 01385472 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-15 20:34 - 2014-09-20 00:49 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-15 20:34 - 2014-09-20 00:48 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-15 20:34 - 2014-09-20 00:48 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-10-15 20:34 - 2014-09-20 00:48 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-15 20:34 - 2014-09-20 00:47 - 02157056 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-15 20:34 - 2014-09-20 00:47 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-10-15 20:34 - 2014-09-20 00:47 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-15 20:34 - 2014-09-20 00:47 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-15 20:34 - 2014-09-20 00:47 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-15 20:34 - 2014-09-20 00:46 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-15 20:34 - 2014-09-20 00:46 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-15 20:34 - 2014-09-20 00:46 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-15 20:34 - 2014-09-20 00:46 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-15 20:34 - 2014-09-20 00:46 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-10-15 20:34 - 2014-09-20 00:46 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-10-15 20:34 - 2014-09-20 00:45 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-15 20:34 - 2014-09-20 00:45 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-10-15 20:34 - 2014-09-19 23:53 - 12364288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-15 20:34 - 2014-09-19 23:44 - 01810432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-15 20:34 - 2014-09-19 23:41 - 09739776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-15 20:34 - 2014-09-19 23:39 - 01138688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-15 20:34 - 2014-09-19 23:38 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-15 20:34 - 2014-09-19 23:37 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-15 20:34 - 2014-09-19 23:36 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-10-15 20:34 - 2014-09-19 23:36 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-10-15 20:34 - 2014-09-19 23:36 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-15 20:34 - 2014-09-19 23:35 - 01802752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-15 20:34 - 2014-09-19 23:35 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-10-15 20:34 - 2014-09-19 23:35 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-15 20:34 - 2014-09-19 23:35 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-15 20:34 - 2014-09-19 23:35 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-10-15 20:34 - 2014-09-19 23:34 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-15 20:34 - 2014-09-19 23:34 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-15 20:34 - 2014-09-19 23:34 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-15 20:34 - 2014-09-19 23:34 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-15 20:34 - 2014-09-19 23:34 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-10-15 20:34 - 2014-09-19 23:34 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-10-15 20:34 - 2014-09-19 23:33 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-11 22:00 - 2011-04-20 16:45 - 00000000 ____D () C:\Users\Kubík\AppData\Roaming\uTorrent
2014-11-11 21:58 - 2008-03-28 21:58 - 00000000 ____D () C:\Users\Kubík\Documents\Michal
2014-11-11 21:41 - 2006-11-02 16:22 - 00004976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-11 21:41 - 2006-11-02 16:22 - 00004976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-11 21:18 - 2012-04-12 16:59 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-11 18:28 - 2006-11-02 16:27 - 01386745 _____ () C:\Windows\WindowsUpdate.log
2014-11-11 18:06 - 2007-01-08 23:10 - 00645076 _____ () C:\Windows\system32\perfh005.dat
2014-11-11 18:06 - 2007-01-08 23:10 - 00137762 _____ () C:\Windows\system32\perfc005.dat
2014-11-11 18:06 - 2006-11-02 13:46 - 01532822 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-11 17:59 - 2006-11-02 16:42 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-11 06:30 - 2012-06-08 08:05 - 00000012 _____ () C:\Windows\bthservsdp.dat
2014-11-11 06:30 - 2006-11-02 16:42 - 00032560 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-11-09 19:48 - 2011-05-17 22:03 - 00131584 _____ () C:\Users\Kubík\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-11-08 14:33 - 2012-12-06 17:36 - 00000000 ____D () C:\Users\Kubík\Tracing
2014-11-08 14:33 - 2011-04-07 21:45 - 00000000 ____D () C:\Users\Kubík
2014-10-30 17:38 - 2011-05-10 19:58 - 00000000 ____D () C:\Users\Kubík\AppData\Roaming\Elephant Games
2014-10-30 17:18 - 2014-06-10 10:44 - 00000000 ____D () C:\Games
2014-10-30 17:16 - 2012-12-22 18:01 - 00000000 ____D () C:\Program Files (x86)\Foxy Games
2014-10-30 12:25 - 2011-04-08 20:31 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-28 17:43 - 2011-12-15 22:28 - 00000000 ____D () C:\Users\Kubík\AppData\Roaming\EleFun Games
2014-10-28 09:40 - 2014-09-18 21:53 - 00002031 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-28 09:40 - 2014-09-18 21:53 - 00002031 _____ () C:\ProgramData\Desktop\Google Chrome.lnk
2014-10-27 12:33 - 2014-09-25 14:40 - 00000000 ____D () C:\Users\Kubík\AppData\Roaming\Seznam.cz
2014-10-27 12:22 - 2012-09-27 17:33 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-10-27 12:22 - 2011-04-28 20:30 - 00000861 _____ () C:\Users\Kubík\Desktop\Launch Internet Explorer Browser.lnk
2014-10-20 21:40 - 2011-08-21 23:27 - 00003948 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-20 21:40 - 2011-08-21 23:27 - 00003696 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-16 14:02 - 2006-11-02 16:21 - 00453352 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-15 21:15 - 2011-04-10 19:15 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-10-15 21:09 - 2013-08-15 22:13 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-15 21:01 - 2012-05-19 20:41 - 00000000 ____D () C:\Users\Kubík\AppData\Roaming\WinLive
2014-10-15 20:55 - 2006-11-02 13:35 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe

Some content of TEMP:
====================
C:\Users\Kubík\AppData\Local\Temp\Quarantine.exe
C:\Users\Kubík\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-11-11 18:07

==================== End Of Log ============================

#10 Příspěvek od **altrok** » 12 lis 2014 02:34

Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
znovu spustte FRST a kliknete na Fix

po restartu na Vas vyskoci fixlog (pripadne bude ulozen na Plose), jehoz obsah mi vlozte do pristi odpovedi

Kód: Vybrat vše

Start
CloseProcesses:
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1584184 2008-01-19] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [919008 2012-07-27] (Adobe Systems Incorporated)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-544327606-1445399380-3202246954-1000\...\MountPoints2: G - G:\LaunchU3.exe -a
HKU\S-1-5-21-544327606-1445399380-3202246954-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: G - G:\LaunchU3.exe -a
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
REG: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}" /f
CHR DefaultSearchURL: Default -> http://search.seznam.cz/?q={searchTerms}
CHR DefaultSuggestURL: Default -> http://suggest.fulltext.seznam.cz/fulltext_ff?phrase={searchTerms}
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\Kubík\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2014-09-25]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\Kubík\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2014-09-25]
2014-11-10 21:20 - 2014-11-10 20:44 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-11-10 20:48 - 2014-11-10 21:27 - 00006921 _____ () C:\zoek-results.log
2014-11-10 20:44 - 2014-11-10 21:16 - 00000000 ____D () C:\zoek_backup
2014-11-10 20:43 - 2014-11-10 20:43 - 01294848 _____ () C:\Users\Kubík\Desktop\zoek.exe
2014-11-09 10:12 - 2014-11-09 10:12 - 00000000 ____D () C:\Program Files\trend micro
Hosts:
EmptyTemp:
End

gorefest · #11 Příspěvek od **gorefest** » 12 lis 2014 18:26

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 10-11-2014
Ran by Kubík at 2014-11-12 18:20:59 Run:2
Running from C:\Users\Kubík\Desktop
Loaded Profile: Kubík (Available profiles: Kubík)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1584184 2008-01-19] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [919008 2012-07-27] (Adobe Systems Incorporated)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-544327606-1445399380-3202246954-1000\...\MountPoints2: G - G:\LaunchU3.exe -a
HKU\S-1-5-21-544327606-1445399380-3202246954-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: G - G:\LaunchU3.exe -a
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
REG: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}" /f
CHR DefaultSearchURL: Default -> http://search.seznam.cz/?q={searchTerms}
CHR DefaultSuggestURL: Default -> http://suggest.fulltext.seznam.cz/fullt ... earchTerms}
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\Kubík\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2014-09-25]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\Kubík\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2014-09-25]
2014-11-10 21:20 - 2014-11-10 20:44 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-11-10 20:48 - 2014-11-10 21:27 - 00006921 _____ () C:\zoek-results.log
2014-11-10 20:44 - 2014-11-10 21:16 - 00000000 ____D () C:\zoek_backup
2014-11-10 20:43 - 2014-11-10 20:43 - 01294848 _____ () C:\Users\Kubík\Desktop\zoek.exe
2014-11-09 10:12 - 2014-11-09 10:12 - 00000000 ____D () C:\Program Files\trend micro
Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Windows Defender => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value deleted successfully.
HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run\\WindowsWelcomeCenter => value deleted successfully.
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Run\\WindowsWelcomeCenter => Value not found.
HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run\\WindowsWelcomeCenter => value deleted successfully.
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Run\\WindowsWelcomeCenter => Value not found.
"HKU\S-1-5-21-544327606-1445399380-3202246954-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\S-1-5-21-544327606-1445399380-3202246954-1000" => Key not found.
"HKU\S-1-5-21-544327606-1445399380-3202246954-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}" => Key not found.
"HKCR\CLSID\{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}" => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}" => Key deleted successfully.
C:\Program Files (x86)\Windows Live\Companion\companioncore.dll => Moved successfully.

========= reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}" /f =========

Chyba: Syst‚m nenalezl zadaně klˇź registru nebo po§adovanou hodnotu.

========= End of Reg: =========

Chrome DefaultSearchURL deleted successfully.
Chrome DefaultSuggestURL deleted successfully.
C:\Users\Kubík\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd => Moved successfully.
C:\Users\Kubík\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak => Moved successfully.
C:\Windows\zoek-delete.exe => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\Kubík\Desktop\zoek.exe => Moved successfully.
C:\Program Files\trend micro => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 24.5 MB temporary data.

The system needed a reboot.

==== End of Fixlog ====

#12 Příspěvek od **altrok** » 12 lis 2014 20:53

Jak se pocitac chova ted? Porad neco na pozadi srotuje?

gorefest · #13 Příspěvek od **gorefest** » 12 lis 2014 22:34

Teď je to mnohem lepší, vlastně už nic nešrotuje.

#14 Příspěvek od **altrok** » 12 lis 2014 22:35

Takze jeste uklidime.

Stahnete a spustte DelFix - https://toolslib.net/downloads/viewdownload/2-delfix/
Oznacte jen moznost "Remove disinfection tools"
kliknete na Run

A pokud nejsou dotazy ci jine problemy, je to ode mne vse.

gorefest · #15 Příspěvek od **gorefest** » 12 lis 2014 22:41

Mockrát děkuji

VIRY.CZ

Prosím o preventivku logu

Prosím o preventivku logu

Re: Prosím o preventivku logu

Re: Prosím o preventivku logu

Re: Prosím o preventivku logu

Re: Prosím o preventivku logu

Re: Prosím o preventivku logu

Re: Prosím o preventivku logu

Re: Prosím o preventivku logu

Re: Prosím o preventivku logu

Re: Prosím o preventivku logu

Re: Prosím o preventivku logu

Re: Prosím o preventivku logu

Re: Prosím o preventivku logu

Re: Prosím o preventivku logu

Re: Prosím o preventivku logu