VIRY.CZ

Dobrý den, prosím o zkontrolování těchto dvou logů. První je z RogueKilleru a druhý z AdwCleaneru.

RogueKiller V12.7.5.0 [Oct 31 2016] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/download/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno : Normální režim
Uživatel : Zikys [Práva správce]
Started from : C:\Users\Zikys\Desktop\RogueKiller.exe
Mód : Prohledat -- Datum : 11/07/2016 12:00:49 (Duration : 00:51:22)

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 34 ¤¤¤
[PUP] HKEY_CLASSES_ROOT\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670} (C:\Program Files\Yahoo!\Companion\Installs\cpn0\ycomp5_6_2_0.dll) -> Nalezeno
[PUP] HKEY_CLASSES_ROOT\CLSID\{1147DC83-6208-4dca-8E88-DD45BAAB3043} (C:\Program Files\Yahoo!\Companion\Installs\cpn0\pubmod.dll) -> Nalezeno
[PUP] HKEY_CLASSES_ROOT\CLSID\{11CB4723-D5A1-4a55-8D1D-5C2679D54CF5} (C:\Program Files\Yahoo!\Companion\Installs\cpn0\ypubc.dll) -> Nalezeno
[PUP] HKEY_CLASSES_ROOT\CLSID\{37B8167C-B9A4-4316-94B2-67B64BB2BA7C} (C:\Program Files\Yahoo!\Companion\Installs\cpn0\ypubc.dll) -> Nalezeno
[PUP] HKEY_CLASSES_ROOT\CLSID\{6E40017D-FB6A-4804-BDE4-3BB09F1719C1} (C:\Program Files\Yahoo!\Companion\Installs\cpn0\ypubc.dll) -> Nalezeno
[PUP] HKEY_CLASSES_ROOT\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} (C:\PROGRA~1\IObit\ADVANC~1\SURFIN~1\BROWER~1\ASCPLU~1.DLL) -> Nalezeno
[PUP] HKEY_CLASSES_ROOT\CLSID\{E1A2D448-6334-45ec-8800-6D7F71DC87FC} (C:\Program Files\Yahoo!\Companion\Installs\cpn0\ypubc.dll) -> Nalezeno
[PUP] HKEY_CLASSES_ROOT\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -> Nalezeno
[PUP] HKEY_CLASSES_ROOT\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88} (C:\Program Files\Yahoo!\Companion\Installs\cpn0\ycomp5_6_2_0.dll) -> Nalezeno
[PUP] HKEY_CLASSES_ROOT\Yahoo.PopupBlockerPlugin -> Nalezeno
[PUP] HKEY_USERS\.DEFAULT\Software\AVG Secure Search -> Nalezeno
[PUP] HKEY_USERS\S-1-5-21-3394997470-964147142-4037502327-1000\Software\IGearSettings -> Nalezeno
[PUP] HKEY_USERS\S-1-5-21-3394997470-964147142-4037502327-1000\Software\Mail.Ru -> Nalezeno
[PUP] HKEY_USERS\S-1-5-21-3394997470-964147142-4037502327-1000\Software\SetMyHomepage -> Nalezeno
[PUP] HKEY_USERS\S-1-5-18\Software\AVG Secure Search -> Nalezeno
[PUP] HKEY_USERS\.DEFAULT\Software\AppDataLow\Toolbar -> Nalezeno
[PUP] HKEY_USERS\S-1-5-21-3394997470-964147142-4037502327-1000\Software\AppDataLow\Toolbar -> Nalezeno
[PUP] HKEY_USERS\S-1-5-18\Software\AppDataLow\Toolbar -> Nalezeno
[PUP] HKEY_USERS\S-1-5-21-3394997470-964147142-4037502327-1000\Software\AppDataLow\Software\Mail.Ru -> Nalezeno
[PUP] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Companion -> Nalezeno
[PUP] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670} (C:\Program Files\Yahoo!\Companion\Installs\cpn0\ycomp5_6_2_0.dll) -> Nalezeno
[PUP] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} (C:\PROGRA~1\IObit\ADVANC~1\SURFIN~1\BROWER~1\ASCPLU~1.DLL) -> Nalezeno
[PUP] HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser | {EF99BD32-C1FB-11D2-892F-0090271D4F88} :  (C:\Program Files\Yahoo!\Companion\Installs\cpn0\ycomp5_6_2_0.dll)  -> Nalezeno
[PUP] HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser | {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} :   -> Nalezeno
[PUP] HKEY_USERS\S-1-5-21-3394997470-964147142-4037502327-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser | {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} :   -> Nalezeno
[PUP] HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser | {EF99BD32-C1FB-11D2-892F-0090271D4F88} :  (C:\Program Files\Yahoo!\Companion\Installs\cpn0\ycomp5_6_2_0.dll)  -> Nalezeno
[PUP] HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser | {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} :   -> Nalezeno
[PUM.HomePage] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Start Page : http://isearch.avg.com?cid={137AFC28-A645-4E98-8CEA-ADB295854AA7}&mid=24e693f0d18647d194a43120d393f5c4-ea00e829ffd21ae1a1b06f603638b8956d215046&lang=&ds=&coid=&cmpid=&pr=&d=&v=18.3.0.885&pid=avg&sg=&sap=hp  -> Nalezeno
[PUM.HomePage] HKEY_USERS\S-1-5-21-3394997470-964147142-4037502327-1000\Software\Microsoft\Internet Explorer\Main | Start Page : seznam.cz  -> Nalezeno
[PUM.HomePage] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Start Page : http://isearch.avg.com?cid={137AFC28-A645-4E98-8CEA-ADB295854AA7}&mid=24e693f0d18647d194a43120d393f5c4-ea00e829ffd21ae1a1b06f603638b8956d215046&lang=&ds=&coid=&cmpid=&pr=&d=&v=18.3.0.885&pid=avg&sg=&sap=hp  -> Nalezeno
[PUM.HomePage] HKEY_USERS\S-1-5-21-3394997470-964147142-4037502327-1000\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://qip.ru  -> Nalezeno
[PUM.SearchPage] HKEY_USERS\S-1-5-21-3394997470-964147142-4037502327-1000\Software\Microsoft\Internet Explorer\Main | Search Page : http://terra.im/  -> Nalezeno
[PUM.SearchPage] HKEY_USERS\S-1-5-21-3394997470-964147142-4037502327-1000\Software\Microsoft\Internet Explorer\Main | Search Bar : http://terra.im/  -> Nalezeno
[PUM.SearchPage] HKEY_USERS\S-1-5-21-3394997470-964147142-4037502327-1000\Software\Microsoft\Internet Explorer\Main | Default_Search_URL : http://search.qip.ru  -> Nalezeno

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 5 ¤¤¤
[PUP][Složka] C:\Users\Zikys\AppData\Roaming\Enigma -> Nalezeno
[PUP][Složka] C:\Users\Zikys\AppData\Local\PackageAware -> Nalezeno
[PUP][Složka] C:\Program Files\Application Updater -> Nalezeno
[PUP][Složka] C:\Program Files\Conduit -> Nalezeno
[PUP][Složka] C:\Program Files\Yahoo!\Companion -> Nalezeno

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤

¤¤¤ Webové prohlížeče : 1 ¤¤¤
[PUP][CHROME:Addon] Default : Ads Removal [fopdddcinljmpmioaklghcalngfhbaen] -> Nalezeno

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: WDC WD6400AAKS-00H2B0 ATA Device +++++
--- User ---
[MBR] 16d99cd833c12a1c0aa88e6165984538
[BSP] b1a197667c952a71de243a9d5ceb3b49 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 610378 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: WD Elements 10B8 USB Device +++++
--- User ---
[MBR] 404653f280bddc881b80610be269e9b9
[BSP] 060141710ad51f106af5b3b666b43b68 : Windows XP|VT.Unknown MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 476907 MB [Windows XP Bootstrap | Windows XP Bootloader]
User = LL1 ... OK
Error reading LL2 MBR! ([32] Po?adavek není podporován. )

+++++ PhysicalDrive2: WD 5000BEV External USB Device +++++
--- User ---
[MBR] 63fe7554c9e0d782ed90cfe1085ae802
[BSP] 970b166c5877f1a51d9189bd896c811c : Windows XP MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 476939 MB [Windows XP Bootstrap | Windows XP Bootloader]
User = LL1 ... OK
Error reading LL2 MBR! ([32] Po?adavek není podporován. )

Kód: Vybrat vše

# AdwCleaner v6.030 - Log soubor vytvořen 07/11/2016 na 13:35:58
# Aktualizováno dne 19/10/2016 z Malwarebytes
# Databáze : 2016-11-07.1 [Server]
# Operační systém : Windows 7 Home Premium Service Pack 1 (X86)
# Uživatelské jméno : Zikys - Zikys-PC
# Beží od : C:\Users\Zikys\Desktop\adwcleaner_6.030.exe
# Mod: Skenování
# Podpora : https://www.malwarebytes.com/support



***** [ Služby ] *****

Nebyly nalezeny žádné škodlivé služby.


***** [ Adresáře ] *****

Složka nalezena: C:\Users\Zikys\AppData\Roaming\newSI_23
Složka nalezena: C:\Users\Zikys\AppData\Local\PackageAware
Složka nalezena: C:\Program Files\Application Updater
Složka nalezena: C:\Program Files\Conduit
Složka nalezena: C:\Program Files\IObit Apps Toolbar
Složka nalezena: C:\Program Files\Yahoo!\Companion
Složka nalezena: C:\Program Files\Common Files\freemake shared
Složka nalezena: C:\Windows\system32\config\systemprofile\AppData\LocalLow\Application Updater
Složka nalezena: C:\Windows\system32\config\systemprofile\AppData\LocalLow\AVG Secure Search


***** [ Soubory ] *****

Soubor nalezen: C:\user.js
Soubor nalezen: C:\prefs.js


***** [ DLL ] *****

Nebyly nalezeny žádné škodlivé DLL soubory.


***** [ WMI ] *****

Nebyly nalezeny žádné škodlivé klíče.


***** [ Zástupce ] *****

Žádné infikovaný zástupce nenalezen.


***** [ Plánovač úloh ] *****

Žádný nebezpečná úloha nenalezena. 


***** [ Registry ] *****

Hodnota nalezena: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ProductUpdater]
Klíč nalezen: HKLM\SOFTWARE\Classes\Yahoo.PopupBlockerPlugin
Klíč nalezen: HKLM\SOFTWARE\Classes\Yahoo.PopupBlockerPlugin.4
Klíč nalezen: HKLM\SOFTWARE\Classes\YPUBC.BlockerCtrl
Klíč nalezen: HKLM\SOFTWARE\Classes\YPUBC.BlockerCtrl.1
Klíč nalezen: HKLM\SOFTWARE\Classes\YPUBC.DataStore
Klíč nalezen: HKLM\SOFTWARE\Classes\YPUBC.DataStore.1
Klíč nalezen: HKLM\SOFTWARE\Classes\YPUBC.PUBHTMLEventHandler
Klíč nalezen: HKLM\SOFTWARE\Classes\YPUBC.PUBHTMLEventHandler.1
Klíč nalezen: HKLM\SOFTWARE\Classes\YPUBC.StringList
Klíč nalezen: HKLM\SOFTWARE\Classes\YPUBC.StringList.1
Klíč nalezen: HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Klíč nalezen: HKLM\SOFTWARE\Classes\AppID\{FFFFE1D1-E40D-49a1-9622-BC59BD1879C3}
Klíč nalezen: HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Klíč nalezen: HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Klíč nalezen: HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Klíč nalezen: HKLM\SOFTWARE\Classes\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Klíč nalezen: HKLM\SOFTWARE\Classes\CLSID\{10921475-03CE-4E04-90CE-E2E7EF20C814}
Klíč nalezen: HKLM\SOFTWARE\Classes\CLSID\{1147DC83-6208-4dca-8E88-DD45BAAB3043}
Klíč nalezen: HKLM\SOFTWARE\Classes\CLSID\{11CB4723-D5A1-4a55-8D1D-5C2679D54CF5}
Klíč nalezen: HKLM\SOFTWARE\Classes\CLSID\{37B8167C-B9A4-4316-94B2-67B64BB2BA7C}
Klíč nalezen: HKLM\SOFTWARE\Classes\CLSID\{6E40017D-FB6A-4804-BDE4-3BB09F1719C1}
Klíč nalezen: HKLM\SOFTWARE\Classes\CLSID\{E1A2D448-6334-45ec-8800-6D7F71DC87FC}
Klíč nalezen: HKLM\SOFTWARE\Classes\Interface\{11D5E9EA-3117-4389-8E58-742F0975C980}
Klíč nalezen: HKLM\SOFTWARE\Classes\Interface\{22389F39-2CF4-47C4-B8B2-273BB16BF70C}
Klíč nalezen: HKLM\SOFTWARE\Classes\Interface\{2723E96B-905F-4C64-8999-D868A08E6370}
Klíč nalezen: HKLM\SOFTWARE\Classes\Interface\{2FCB4E7E-E5C7-4D07-BB2C-78DF2DA867AD}
Klíč nalezen: HKLM\SOFTWARE\Classes\Interface\{A310B105-FB7D-4497-A7E8-E046462B012F}
Klíč nalezen: HKLM\SOFTWARE\Classes\Interface\{DF522774-8CA0-4B15-A93A-5F61AB95DA1C}
Klíč nalezen: HKLM\SOFTWARE\Classes\TypeLib\{4A1E52AC-64F2-49E9-BFD7-0806D9494DBB}
Klíč nalezen: HKLM\SOFTWARE\Classes\TypeLib\{8A1AB044-787D-4309-8410-709768E484AB}
Klíč nalezen: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Klíč nalezen: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Klíč nalezen: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}
Klíč nalezen: HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Klíč nalezen: HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Klíč nalezen: HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Klíč nalezen: HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Klíč nalezen: HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Klíč nalezen: HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Klíč nalezen: HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Klíč nalezen: HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Klíč nalezen: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Klíč nalezen: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Klíč nalezen: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Klíč nalezen: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Klíč nalezen: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10921475-03CE-4E04-90CE-E2E7EF20C814}
Klíč nalezen: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
Klíč nalezen: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Klíč nalezen: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Klíč nalezen: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Klíč nalezen: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
Hodnota nalezena: HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Hodnota nalezena: HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Hodnota nalezena: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Klíč nalezen: HKU\.DEFAULT\Software\AVG Secure Search
Klíč nalezen: HKU\.DEFAULT\Software\Yahoo\Companion
Klíč nalezen: HKU\.DEFAULT\Software\AppDataLow\Toolbar
Klíč nalezen: HKU\.DEFAULT\Software\AppDataLow\Software\IObit Apps
Klíč nalezen: HKU\S-1-5-21-3394997470-964147142-4037502327-1000\Software\IGearSettings
Klíč nalezen: HKU\S-1-5-21-3394997470-964147142-4037502327-1000\Software\IObit Apps
Klíč nalezen: HKU\S-1-5-21-3394997470-964147142-4037502327-1000\Software\SetMyHomePage
Klíč nalezen: HKU\S-1-5-21-3394997470-964147142-4037502327-1000\Software\Yahoo\Companion
Klíč nalezen: HKU\S-1-5-21-3394997470-964147142-4037502327-1000\Software\Yahoo\YFriendsBar
Klíč nalezen: HKU\S-1-5-21-3394997470-964147142-4037502327-1000\Software\Mail.Ru
Klíč nalezen: HKU\S-1-5-21-3394997470-964147142-4037502327-1000\Software\AppDataLow\Toolbar
Klíč nalezen: HKU\S-1-5-21-3394997470-964147142-4037502327-1000\Software\AppDataLow\Software\IObit Apps
Klíč nalezen: HKU\S-1-5-21-3394997470-964147142-4037502327-1000\Software\AppDataLow\Software\Mail.Ru
Klíč nalezen: HKU\S-1-5-18\Software\AVG Secure Search
Klíč nalezen: HKU\S-1-5-18\Software\Yahoo\Companion
Klíč nalezen: HKU\S-1-5-18\Software\AppDataLow\Toolbar
Klíč nalezen: HKU\S-1-5-18\Software\AppDataLow\Software\IObit Apps
Klíč nalezen: HKCU\Software\IGearSettings
Klíč nalezen: HKCU\Software\IObit Apps
Klíč nalezen: HKCU\Software\SetMyHomePage
Klíč nalezen: HKCU\Software\Yahoo\Companion
Klíč nalezen: HKCU\Software\Yahoo\YFriendsBar
Klíč nalezen: HKCU\Software\Mail.Ru
Klíč nalezen: HKCU\Software\AppDataLow\Toolbar
Klíč nalezen: HKCU\Software\AppDataLow\Software\IObit Apps
Klíč nalezen: HKCU\Software\AppDataLow\Software\Mail.Ru
Klíč nalezen: HKLM\SOFTWARE\IObit Apps
Klíč nalezen: HKLM\SOFTWARE\Yahoo\Companion
Klíč nalezen: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Companion
Klíč nalezen: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\30C16B15B255BD349A1157B8A83E2AF9
Klíč nalezen: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1CAE30F47D14B41B5FC8FA53658044
Data nalezena: HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://isearch.avg.com?cid={137AFC28-A645-4E98-8CEA-ADB295854AA7}&mid=24e693f0d18647d194a43120d393f5c4-ea00e829ffd21ae1a1b06f60363
Data nalezena: HKU\S-1-5-21-3394997470-964147142-4037502327-1000\Software\Microsoft\Internet Explorer\Main [Secondary Start Pages] - hxxp://isearch.avg.com/?cid={7149999F-7152-4A04-8AE3-8E20743B6FDA}&mid=24e693f0d18
Data nalezena: HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://isearch.avg.com?cid={137AFC28-A645-4E98-8CEA-ADB295854AA7}&mid=24e693f0d18647d194a43120d393f5c4-ea00e829ffd21ae1a1b06f60363
Data nalezena: HKCU\Software\Microsoft\Internet Explorer\Main [Secondary Start Pages] - hxxp://isearch.avg.com/?cid={7149999F-7152-4A04-8AE3-8E20743B6FDA}&mid=24e693f0d18647d194a43120d393f5c4-ea00e829ffd21ae1a1b06f6
Klíč nalezen: HKU\S-1-5-21-3394997470-964147142-4037502327-1000\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Data nalezena: HKU\S-1-5-21-3394997470-964147142-4037502327-1000\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] - 
Klíč nalezen: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Data nalezena: HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] - 
Klíč nalezen: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\isearch.avg.com
Klíč nalezen: HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Klíč nalezen: HKLM\SOFTWARE\Classes\AppID\YPUBC.DLL


***** [ Internetové prohlížeče ] *****

Nebyly nalezeny žádné škodlivé položky prohlížeče Firefox báze.
Nebyly nalezeny žádné škodlivé položky prohlížeče Chromium báze.

*************************

C:\AdwCleaner\AdwCleaner[S0].txt - [10845 Bajtů] - [07/11/2016 13:35:58]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [10920 Bajtů] ##########

Zdravím!
Vše, co nalezl ADW odstraňte kliknutím na mazání. Pokud je nějaký problém, řekněte jaký a dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .

Pomocí AdwCleaneru dáno promazání nalezených souborů, následně restart kompu, zobrazil se tento log.

Kód: Vybrat vše

# AdwCleaner v6.030 - Log soubor vytvořen 07/11/2016 na 18:23:34
# Aktualizováno dne 19/10/2016 z Malwarebytes
# Databáze : 2016-11-07.1 [Server]
# Operační systém : Windows 7 Home Premium Service Pack 1 (X86)
# Uživatelské jméno : Pavel - PAVEL-PC
# Beží od : C:\Users\Pavel\Desktop\adwcleaner_6.030.exe
# Mod: Čištění
# Podpora : hxxps://www.malwarebytes.com/support



***** [ Služby ] *****



***** [ Adresáře ] *****

[-] Adresář smazán:C:\Users\Pavel\AppData\Roaming\newSI_23
[-] Adresář smazán:C:\Users\Pavel\AppData\Local\PackageAware
[-] Adresář smazán:C:\Program Files\Application Updater
[-] Adresář smazán:C:\Program Files\Conduit
[-] Adresář smazán:C:\Program Files\IObit Apps Toolbar
[-] Adresář smazán:C:\Program Files\Yahoo!\Companion
[-] Adresář smazán:C:\Program Files\Common Files\freemake shared
[-] Adresář smazán:C:\Windows\system32\config\systemprofile\AppData\LocalLow\Application Updater
[-] Adresář smazán:C:\Windows\system32\config\systemprofile\AppData\LocalLow\AVG Secure Search


***** [ Soubory ] *****

[-] Soubor smazán:C:\user.js
[-] Soubor smazán:C:\prefs.js


***** [ DLL ] *****



***** [ WMI ] *****



***** [ Zástupce ] *****



***** [ Plánovač úloh ] *****



***** [ Registry ] *****

[-] Hodnota smazána:HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ProductUpdater]
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Yahoo.PopupBlockerPlugin
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Yahoo.PopupBlockerPlugin.4
[-] Klíč smazán:HKLM\SOFTWARE\Classes\YPUBC.BlockerCtrl
[-] Klíč smazán:HKLM\SOFTWARE\Classes\YPUBC.BlockerCtrl.1
[-] Klíč smazán:HKLM\SOFTWARE\Classes\YPUBC.DataStore
[-] Klíč smazán:HKLM\SOFTWARE\Classes\YPUBC.DataStore.1
[-] Klíč smazán:HKLM\SOFTWARE\Classes\YPUBC.PUBHTMLEventHandler
[-] Klíč smazán:HKLM\SOFTWARE\Classes\YPUBC.PUBHTMLEventHandler.1
[-] Klíč smazán:HKLM\SOFTWARE\Classes\YPUBC.StringList
[-] Klíč smazán:HKLM\SOFTWARE\Classes\YPUBC.StringList.1
[-] Klíč smazán:HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\AppID\{FFFFE1D1-E40D-49a1-9622-BC59BD1879C3}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\CLSID\{10921475-03CE-4E04-90CE-E2E7EF20C814}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\CLSID\{1147DC83-6208-4dca-8E88-DD45BAAB3043}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\CLSID\{11CB4723-D5A1-4a55-8D1D-5C2679D54CF5}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\CLSID\{37B8167C-B9A4-4316-94B2-67B64BB2BA7C}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\CLSID\{6E40017D-FB6A-4804-BDE4-3BB09F1719C1}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\CLSID\{E1A2D448-6334-45ec-8800-6D7F71DC87FC}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Interface\{11D5E9EA-3117-4389-8E58-742F0975C980}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Interface\{22389F39-2CF4-47C4-B8B2-273BB16BF70C}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Interface\{2723E96B-905F-4C64-8999-D868A08E6370}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Interface\{2FCB4E7E-E5C7-4D07-BB2C-78DF2DA867AD}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Interface\{A310B105-FB7D-4497-A7E8-E046462B012F}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Interface\{DF522774-8CA0-4B15-A93A-5F61AB95DA1C}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\TypeLib\{4A1E52AC-64F2-49E9-BFD7-0806D9494DBB}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\TypeLib\{8A1AB044-787D-4309-8410-709768E484AB}
[-] Klíč smazán:HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
[-] Klíč smazán:HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Klíč smazán:HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}
[-] Klíč smazán:HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
[-] Klíč smazán:HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Klíč smazán:HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
[-] Klíč smazán:HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Klíč smazán:HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
[-] Klíč smazán:HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Klíč smazán:HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
[-] Klíč smazán:HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Klíč smazán:HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
[-] Klíč smazán:HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
[-] Klíč smazán:HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
[-] Klíč smazán:HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Klíč smazán:HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10921475-03CE-4E04-90CE-E2E7EF20C814}
[-] Klíč smazán:HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Klíč smazán:HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
[-] Klíč smazán:HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
[-] Klíč smazán:HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
[-] Klíč smazán:HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Hodnota smazána:HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
[-] Hodnota smazána:HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
[-] Hodnota smazána:HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
[-] Klíč smazán:HKU\.DEFAULT\Software\AVG Secure Search
[-] Klíč smazán:HKU\.DEFAULT\Software\Yahoo\Companion
[-] Klíč smazán:HKU\.DEFAULT\Software\AppDataLow\Toolbar
[-] Klíč smazán:HKU\.DEFAULT\Software\AppDataLow\Software\IObit Apps
[-] Klíč smazán:HKU\S-1-5-21-3394997470-964147142-4037502327-1000\Software\IGearSettings
[-] Klíč smazán:HKU\S-1-5-21-3394997470-964147142-4037502327-1000\Software\IObit Apps
[-] Klíč smazán:HKU\S-1-5-21-3394997470-964147142-4037502327-1000\Software\SetMyHomePage
[-] Klíč smazán:HKU\S-1-5-21-3394997470-964147142-4037502327-1000\Software\Yahoo\Companion
[-] Klíč smazán:HKU\S-1-5-21-3394997470-964147142-4037502327-1000\Software\Yahoo\YFriendsBar
[-] Klíč smazán:HKU\S-1-5-21-3394997470-964147142-4037502327-1000\Software\Mail.Ru
[-] Klíč smazán:HKU\S-1-5-21-3394997470-964147142-4037502327-1000\Software\AppDataLow\Toolbar
[-] Klíč smazán:HKU\S-1-5-21-3394997470-964147142-4037502327-1000\Software\AppDataLow\Software\IObit Apps
[-] Klíč smazán:HKU\S-1-5-21-3394997470-964147142-4037502327-1000\Software\AppDataLow\Software\Mail.Ru
[#] Klíč smazán po restartování:HKU\S-1-5-18\Software\AVG Secure Search
[#] Klíč smazán po restartování:HKU\S-1-5-18\Software\Yahoo\Companion
[#] Klíč smazán po restartování:HKU\S-1-5-18\Software\AppDataLow\Toolbar
[#] Klíč smazán po restartování:HKU\S-1-5-18\Software\AppDataLow\Software\IObit Apps
[#] Klíč smazán po restartování:HKCU\Software\IGearSettings
[#] Klíč smazán po restartování:HKCU\Software\IObit Apps
[#] Klíč smazán po restartování:HKCU\Software\SetMyHomePage
[#] Klíč smazán po restartování:HKCU\Software\Yahoo\Companion
[#] Klíč smazán po restartování:HKCU\Software\Yahoo\YFriendsBar
[#] Klíč smazán po restartování:HKCU\Software\Mail.Ru
[#] Klíč smazán po restartování:HKCU\Software\AppDataLow\Toolbar
[#] Klíč smazán po restartování:HKCU\Software\AppDataLow\Software\IObit Apps
[#] Klíč smazán po restartování:HKCU\Software\AppDataLow\Software\Mail.Ru
[-] Klíč smazán:HKLM\SOFTWARE\IObit Apps
[-] Klíč smazán:HKLM\SOFTWARE\Yahoo\Companion
[-] Klíč smazán:HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Companion
[-] Klíč smazán:HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\30C16B15B255BD349A1157B8A83E2AF9
[-] Klíč smazán:HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1CAE30F47D14B41B5FC8FA53658044
[-] Data obnovena:HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main [Start Page] 
[-] Data obnovena:HKU\S-1-5-21-3394997470-964147142-4037502327-1000\Software\Microsoft\Internet Explorer\Main [Secondary Start Pages] 
[-] Data obnovena:HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Main [Start Page] 
[-] Data obnovena:HKCU\Software\Microsoft\Internet Explorer\Main [Secondary Start Pages] 
[-] Klíč smazán:HKU\S-1-5-21-3394997470-964147142-4037502327-1000\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Data obnovena:HKU\S-1-5-21-3394997470-964147142-4037502327-1000\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[#] Klíč smazán po restartování:HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Data obnovena:HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Klíč smazán:HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\isearch.avg.com
[-] Klíč smazán:HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
[-] Klíč smazán:HKLM\SOFTWARE\Classes\AppID\YPUBC.DLL


***** [ Prohlížeče ] *****



*************************

:: "Tracing" klíč smazán
:: Winsock nastavení vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [10731 Bajtů] - [07/11/2016 18:23:34]
C:\AdwCleaner\AdwCleaner[S0].txt - [11001 Bajtů] - [07/11/2016 13:35:58]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [10881 Bajtů] ##########

Stále přetrvává ten problém s Browser Modifier.

Nově proveden další FRST scan, logy ke stažení níže.

Při otvírání souborů v archivu mi to hodí chybu.

Zikys píše:Stále přetrvává ten problém s Browser Modifier.

Nikde se tu o něm nezmiňujete. O co go?

Jak se stalo několika dalším uživatelům, nejsem ani já výjimkou. Což je také důvod, proč jsem prvně vyzkoušel několik těchto čisticích aplikací na havěť v počítači.

Jde o tento problém. Promiňte.

Otevření logu by již mělo proběhnout v pořádku. Komprimováno ve WinRAR.

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKU\S-1-5-21-3394997470-964147142-4037502327-1000\...\MountPoints2: E - E:\setup.exe
AppInit_DLLs: 4x-xőqÜÉvb => No File
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page =
HKU\S-1-5-21-3394997470-964147142-4037502327-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://terra.im/
HKU\S-1-5-21-3394997470-964147142-4037502327-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://qip.ru
HKU\S-1-5-21-3394997470-964147142-4037502327-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.qip.ru
HKU\S-1-5-21-3394997470-964147142-4037502327-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://terra.im/
SearchScopes: HKLM -> DefaultScope {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> {95289393-33EA-4F8D-B952-483415B9C955} URL = hxxp://search.qip.ru/?query={searchTerms}
SearchScopes: HKU\S-1-5-21-3394997470-964147142-4037502327-1000 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://isearch.avg.com/search?cid={7149999F-7152-4A04-8AE3-8E20743B6FDA}&mid=24e693f0d18647d194a43120d393f5c4-ea00e829ffd21ae1a1b06f603638b8956d215046&lang=cs&ds=AVG&pr=pr&d=2012-07-28 17:11:17&v=15.2.0.5&pid=avg&sg=0&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3394997470-964147142-4037502327-1000 -> {4187F0FC-AF41-4E4B-AE67-84C8FD35A0AE} URL = hxxp://terra.im/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3394997470-964147142-4037502327-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://isearch.avg.com/search?cid={7149999F-7152-4A04-8AE3-8E20743B6FDA}&mid=24e693f0d18647d194a43120d393f5c4-ea00e829ffd21ae1a1b06f603638b8956d215046&lang=cs&ds=AVG&pr=pr&d=2012-07-28 17:11:17&v=15.2.0.5&pid=avg&sg=0&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3394997470-964147142-4037502327-1000 -> {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} URL = hxxp://search.qip.ru/search?query={searchTerms}&from=IE
S3 cpuz135; no ImagePath
S3 TuneUpUtilitiesDrv; no ImagePath
C:\Windows\system32\Drivers\4DB173CE.sys
C:\Windows\system32\Drivers\55496944.sys
C:\Windows\system32\Drivers\7CC11D70.sys
C:\Windows\system32\Drivers\16E40BEC.sys
C:\Windows\system32\Drivers\496A6CD4.sys
C:\Windows\system32\Drivers\4ECF64D4.sys
C:\Windows\system32\Drivers\72D373A6.sys
C:\Windows\system32\Drivers\2C7C39CD.sys
C:\Windows\system32\Drivers\1FD2160F.sys
C:\Windows\system32\Drivers\13D57834.sys
C:\Windows\system32\Drivers\61C15687.sys
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3394997470-964147142-4037502327-1000UA.job
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3394997470-964147142-4037502327-1000Core.job
C:\ProgramData\mntemp
C:\Users\Pavel\AppData\Local\Temp
Task: {179A630E-BF37-4B5F-B6A0-94CA48C6B0E8} - \ASC9_PerformanceMonitor -> No File <==== ATTENTION
Task: {89B2219B-EE34-4BC7-B1BF-76F5A1E1F991} - \ASC9_SkipUac_Pavel -> No File <==== ATTENTION
AlternateDataStreams: C:\ProgramData\TEMP:39413AC3 [127]
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Provedeno, výsledný log.

Kód: Vybrat vše

Fix result of Farbar Recovery Scan Tool (x86) Version: 06-11-2016
Ran by Pavel (07-11-2016 21:25:59) Run:1
Running from C:\Users\Pavel\Desktop
Loaded Profiles: Pavel (Available Profiles: Pavel)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
HKU\S-1-5-21-3394997470-964147142-4037502327-1000\...\MountPoints2: E - E:\setup.exe
AppInit_DLLs: 4x-xőqÜÉvb => No File
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = 
HKU\S-1-5-21-3394997470-964147142-4037502327-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://terra.im/
HKU\S-1-5-21-3394997470-964147142-4037502327-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://qip.ru
HKU\S-1-5-21-3394997470-964147142-4037502327-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.qip.ru
HKU\S-1-5-21-3394997470-964147142-4037502327-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://terra.im/
SearchScopes: HKLM -> DefaultScope {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} URL = 
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\.DEFAULT -> {95289393-33EA-4F8D-B952-483415B9C955} URL = hxxp://search.qip.ru/?query={searchTerms}
SearchScopes: HKU\S-1-5-21-3394997470-964147142-4037502327-1000 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://isearch.avg.com/search?cid={7149999F-7152-4A04-8AE3-8E20743B6FDA}&mid=24e693f0d18647d194a43120d393f5c4-ea00e829ffd21ae1a1b06f603638b8956d215046&lang=cs&ds=AVG&pr=pr&d=2012-07-28 17:11:17&v=15.2.0.5&pid=avg&sg=0&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3394997470-964147142-4037502327-1000 -> {4187F0FC-AF41-4E4B-AE67-84C8FD35A0AE} URL = hxxp://terra.im/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3394997470-964147142-4037502327-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://isearch.avg.com/search?cid={7149999F-7152-4A04-8AE3-8E20743B6FDA}&mid=24e693f0d18647d194a43120d393f5c4-ea00e829ffd21ae1a1b06f603638b8956d215046&lang=cs&ds=AVG&pr=pr&d=2012-07-28 17:11:17&v=15.2.0.5&pid=avg&sg=0&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3394997470-964147142-4037502327-1000 -> {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} URL = hxxp://search.qip.ru/search?query={searchTerms}&from=IE
S3 cpuz135; no ImagePath
S3 TuneUpUtilitiesDrv; no ImagePath
C:\Windows\system32\Drivers\4DB173CE.sys
C:\Windows\system32\Drivers\55496944.sys
C:\Windows\system32\Drivers\7CC11D70.sys
C:\Windows\system32\Drivers\16E40BEC.sys
C:\Windows\system32\Drivers\496A6CD4.sys
C:\Windows\system32\Drivers\4ECF64D4.sys
C:\Windows\system32\Drivers\72D373A6.sys
C:\Windows\system32\Drivers\2C7C39CD.sys
C:\Windows\system32\Drivers\1FD2160F.sys
C:\Windows\system32\Drivers\13D57834.sys
C:\Windows\system32\Drivers\61C15687.sys
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3394997470-964147142-4037502327-1000UA.job
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3394997470-964147142-4037502327-1000Core.job
C:\ProgramData\mntemp
C:\Users\Pavel\AppData\Local\Temp
Task: {179A630E-BF37-4B5F-B6A0-94CA48C6B0E8} - \ASC9_PerformanceMonitor -> No File <==== ATTENTION
Task: {89B2219B-EE34-4BC7-B1BF-76F5A1E1F991} - \ASC9_SkipUac_Pavel -> No File <==== ATTENTION
AlternateDataStreams: C:\ProgramData\TEMP:39413AC3 [127]
End
*****************

"HKU\S-1-5-21-3394997470-964147142-4037502327-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E" => key removed successfully.
"4x-xőqÜÉvb" => Value data removed successfully..
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page => value removed successfully.
HKU\S-1-5-21-3394997470-964147142-4037502327-1000\Software\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKU\S-1-5-21-3394997470-964147142-4037502327-1000\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKU\S-1-5-21-3394997470-964147142-4037502327-1000\Software\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKU\S-1-5-21-3394997470-964147142-4037502327-1000\Software\Microsoft\Internet Explorer\Main\\Search Bar => value removed successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully.
"HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95289393-33EA-4F8D-B952-483415B9C955}" => key removed successfully.
HKCR\CLSID\{95289393-33EA-4F8D-B952-483415B9C955} => key not found. 
HKU\S-1-5-21-3394997470-964147142-4037502327-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully.
"HKU\S-1-5-21-3394997470-964147142-4037502327-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{4187F0FC-AF41-4E4B-AE67-84C8FD35A0AE}" => key removed successfully.
HKCR\CLSID\{4187F0FC-AF41-4E4B-AE67-84C8FD35A0AE} => key not found. 
"HKU\S-1-5-21-3394997470-964147142-4037502327-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}" => key removed successfully.
HKCR\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => key not found. 
"HKU\S-1-5-21-3394997470-964147142-4037502327-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}" => key removed successfully.
HKCR\CLSID\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} => key not found. 
cpuz135 => service removed successfully.
TuneUpUtilitiesDrv => service removed successfully.
C:\Windows\system32\Drivers\4DB173CE.sys => moved successfully
C:\Windows\system32\Drivers\55496944.sys => moved successfully
C:\Windows\system32\Drivers\7CC11D70.sys => moved successfully
C:\Windows\system32\Drivers\16E40BEC.sys => moved successfully
C:\Windows\system32\Drivers\496A6CD4.sys => moved successfully
C:\Windows\system32\Drivers\4ECF64D4.sys => moved successfully
C:\Windows\system32\Drivers\72D373A6.sys => moved successfully
C:\Windows\system32\Drivers\2C7C39CD.sys => moved successfully
C:\Windows\system32\Drivers\1FD2160F.sys => moved successfully
C:\Windows\system32\Drivers\13D57834.sys => moved successfully
C:\Windows\system32\Drivers\61C15687.sys => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3394997470-964147142-4037502327-1000UA.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3394997470-964147142-4037502327-1000Core.job => moved successfully
C:\ProgramData\mntemp => moved successfully

"C:\Users\Pavel\AppData\Local\Temp" folder move:

Could not move "C:\Users\Pavel\AppData\Local\Temp" => Scheduled to move on reboot.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{179A630E-BF37-4B5F-B6A0-94CA48C6B0E8}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{179A630E-BF37-4B5F-B6A0-94CA48C6B0E8}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASC9_PerformanceMonitor" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{89B2219B-EE34-4BC7-B1BF-76F5A1E1F991}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{89B2219B-EE34-4BC7-B1BF-76F5A1E1F991}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASC9_SkipUac_Pavel" => key removed successfully.
C:\ProgramData\TEMP => ":39413AC3" ADS removed successfully..

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 07-11-2016 21:32:29)

C:\Users\Pavel\AppData\Local\Temp => moved successfully

==== End of Fixlog 21:32:30 ====

Smazáno. Nastala nějaká změna?

Bohužel, problém přetrvává.

Ještě jednou spustíme FRST tímto sriptem:

Start
c:\Users\Pavel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<.

Kód: Vybrat vše

Fix result of Farbar Recovery Scan Tool (x86) Version: 06-11-2016
Ran by Pavel (07-11-2016 22:47:57) Run:2
Running from C:\Users\Pavel\Desktop
Loaded Profiles: Pavel (Available Profiles: Pavel)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
c:\Users\Pavel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
End
*****************

c:\Users\Pavel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk => moved successfully

==== End of Fixlog 22:47:57 ====

Jo, tenhle parametr to prozatím vypnul. Uvidím dál. Momentálně mi to na liště nevyskakuje.

OK. Nechám to tu zatím otevřené.

Potíže už odezněly. Díky za pomoc.

To jsem rád. Nemáte zač!

VIRY.CZ

Dva logy

Dva logy

Re: Dva logy

Re: Dva logy

Re: Dva logy

Re: Dva logy

Re: Dva logy

Re: Dva logy

Re: Dva logy

Re: Dva logy

Re: Dva logy

Re: Dva logy

Re: Dva logy

Re: Dva logy

Re: Dva logy