Prosím o kontrolu logu Vyřešeno
-
jerabina
- člen Security týmu
-
Level 6
- Příspěvky: 3647
- Registrován: březen 13
- Bydliště: Litoměřice
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu
Ahoj, co log ze Zoeku a HiJackThis(HJT)?
Když nevíš jak dál, přichází na řadu prostudovat manuál!
HJT návod
Pokud neodpovídám do vašich témat v sekci HJT když jsem online, tak je to jen proto, že jsem na mobilu kde je studování logů a psaní skriptů nemožné. Neberte to tedy prosím jako ignoraci.
HJT návod
Pokud neodpovídám do vašich témat v sekci HJT když jsem online, tak je to jen proto, že jsem na mobilu kde je studování logů a psaní skriptů nemožné. Neberte to tedy prosím jako ignoraci.
Re: Prosím o kontrolu logu
Ahoj, omlouvam se nedaří se mi stahnout zoek, stale mi hlásí chybu, stahování neustále selhává :( nevim si rady :(
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu
Před stažením si deaktivuj antivir a firewall,.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Prosím o kontrolu logu
Zoek.exe v5.0.0.0 Updated 02-April-2015
Tool run by ZdenŘk on ne 05.04.2015 at 11:28:40,71.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\ZDENK~1\Desktop\zoek\zoek.exe [Scan all users] [Script inserted]
==== Older Logs ======================
C:\zoek-results2015-04-04-160811.log 28898 bytes
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0a2a84f4-9092-4153-8fb5-5b8ba03750b7} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1205F046-3644-4C85-8612-2DA4339DEC8B} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{12CF63D2-2F0D-44A6-B35C-D5A932629E23} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{160dc8bf-b390-4bbc-b9d4-82613433b1a0} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1885BD11-273D-487F-BBF2-E5ABAB5751} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21BF3EB5-D99D-4C91-AAA6-FAC4FBF4F8D} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{22D479BE-3EDC-400C-B4F7-DD1492ED1EE3} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{27008620-9CA3-450F-9777-D232CE7E75A7} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{27D6CA0E-BCD8-4153-B21F-24D9A4D9CA9C} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2B4E3915-9608-466E-9251-9199B84C4528} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2C72965F-B85D-450A-9E97-A0AAF0C55639} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{33E32F7-9A22-4065-9366-3FA0BCB333E1} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3906A412-5FB1-459C-944B-171C81E2EE5D} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3c02d878-40b4-4713-b5b7-0e4d6c40f012} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3e65d2e6-1dfd-4ecb-b055-1683b4c42d7d} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{408A651C-299F-48A3-9D96-D5762CC42D98} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{41bb8c4b-59dc-41c4-a982-fa93ea7a6c20} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4353AD1A-4BB7-4AD7-8A62-6336BD5F2B15} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{449F84C9-784A-4E8C-93E1-7A3BFC86517F} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4C2B1BE5-652C-48EE-87C8-C5933488CFE3} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5C479CB8-C117-4BDA-9EE7-D814AC5E7383} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5C99527E-B258-4AEC-8BE7-A9147133655E} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5EC04285-50EA-4A8E-B5F7-29F3428CBB9} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{60065572-E5BA-47D1-AA88-82A6F14FE84B} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{623E4460-B59F-4893-8721-172948E24A5} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6353d04d-80b3-499f-8713-3dfe3b37b501} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{64AB190-3919-403B-B312-A489D6820AE} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{683E593B-8465-49F0-AAF5-2AB6109C2C21} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6BC0AB11-5028-4670-A6CE-CF227BB26F62} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6D585D18-DA54-4E41-90E6-BE6BC81F25E0} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6E51B858-E68E-4CF9-98C0-8A25784E412} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6E73F0E1-C20A-408A-A44A-402F4DF38D9A} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{723AA754-FC8F-44E6-BC1C-F3FEE1D1C493} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{74B74C2C-F50-4F58-90F-A2D4489B7F6} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{776ff69a-e3c6-4e05-85a1-4094cd4f98df} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7B80A435-6707-4622-B658-E723A89B7DE} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7DDFDEB4-FE0A-4A73-80CE-43F5D9E543C} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8BBB070B-9280-4F8E-9DF8-9C25BF964A6} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{926FC8BB-5194-4C30-A9CF-A2193E3C21E9} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{92DBDBB6-2727-4508-81D2-491B2D367F10} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99022292-A8F4-4748-B1A6-7062BEE82611} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9A0CB4B5-7389-4C8B-9A2-1737CBA29BA} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9B256BCC-BE4B-4668-A9F4-4A8B3CE1DCDD} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9BCF95DE-8866-4F39-887C-C4B43CC96A20} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9EB8467E-C5-4466-A21A-853125F52552} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9ED575F6-C82B-4093-8846-F84B494C2111} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9F26AF5F-16E0-4F66-9D90-E2BB210EAC5} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AAAB9674-AB0E-427A-981E-781718626D1} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B66AD454-A54F-432D-BABE-A05489E744F} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BABD2734-C0C2-445D-9627-AA83FF393C5C} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BC5E9254-6EA8-48AE-A871-34E86D5A7DF8} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BF454F84-1555-408F-96A1-25ED9BEB688} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BFCE958C-F6D3-44C3-834C-7691703BE8BF} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C643EAEE-884B-46F2-9D55-F45283A2D8} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C668EBF0-8FC8-47B9-B783-4C74DE0E0A1} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CF0840C6-886F-4C87-AB96-187FC45918F3} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D2E8078B-4B1D-4653-8C96-525FB14CE72} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D3E5AE69-8094-4F2D-ADD0-418FC7769DE2} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D86C13FB-C7D1-474B-9516-1CC79F7B27C8} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D8F96675-5010-4EA1-A6D1-677391E323B4} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DD1AA78D-B61D-4188-83F0-73527CB826CD} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E021124E-BFB1-4291-B887-0A41B3444A2} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E24BAE12-984B-42AB-AA74-6DD4367BEA92} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E4C6D3E9-921D-4A15-BC7-5D62152DFE48} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7CF9C47-C649-4384-B9B6-CFCA61B39597} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EFF608B6-9A84-42AA-8721-8972EB23664E} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{fb08f664-b812-462c-a88c-1d354a1eb4cc} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FEFEF7F-99DC-4AF1-BAD0-374BE99BAA7C} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0a2a84f4-9092-4153-8fb5-5b8ba03750b7} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{160dc8bf-b390-4bbc-b9d4-82613433b1a0} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3c02d878-40b4-4713-b5b7-0e4d6c40f012} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3e65d2e6-1dfd-4ecb-b055-1683b4c42d7d} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{41bb8c4b-59dc-41c4-a982-fa93ea7a6c20} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6353d04d-80b3-499f-8713-3dfe3b37b501} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{776ff69a-e3c6-4e05-85a1-4094cd4f98df} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{fb08f664-b812-462c-a88c-1d354a1eb4cc} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\Guest\AppData\Roaming\Mozilla\Firefox\Profiles\sbegd9rh.default\prefs.js:
Added to C:\Users\Guest\AppData\Roaming\Mozilla\Firefox\Profiles\sbegd9rh.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
Deleted from C:\Users\MULTIM~1\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
Added to C:\Users\MULTIM~1\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
Deleted from C:\Users\MULTIM~1\AppData\Roaming\Mozilla\Firefox\Profiles\n9071zb8.default-1370150688715\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
Added to C:\Users\MULTIM~1\AppData\Roaming\Mozilla\Firefox\Profiles\n9071zb8.default-1370150688715\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
Deleted from C:\Users\ZDENK~1\AppData\Roaming\Mozilla\Firefox\Profiles\jqvdt89e.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.seznam.cz/");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("browser.search.useDBForOrder", true);
Added to C:\Users\ZDENK~1\AppData\Roaming\Mozilla\Firefox\Profiles\jqvdt89e.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Deleting Files \ Folders ======================
C:\Users\ZDENK~1\.android deleted
C:\Windows\System32\Tasks\avastBCLRestartS-1-5-21-3348947890-1879374955-3345096279-1000 deleted
C:\Windows\system32\config\systemprofile\Searches deleted
==== Firefox Start and Search pages ======================
ProfilePath: C:\Users\Guest\AppData\Roaming\Mozilla\Firefox\Profiles\sbegd9rh.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
ProfilePath: C:\Users\MULTIM~1\AppData\Roaming\Mozilla\Firefox\Profiles\extensions
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
ProfilePath: C:\Users\MULTIM~1\AppData\Roaming\Mozilla\Firefox\Profiles\n9071zb8.default-1370150688715
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
ProfilePath: C:\Users\ZDENK~1\AppData\Roaming\Mozilla\Firefox\Profiles\jqvdt89e.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [10.02.2015 16:06]
==== Firefox Extensions ======================
ProfilePath: C:\Users\ZDENK~1\AppData\Roaming\Mozilla\Firefox\Profiles\jqvdt89e.default
- Undetermined - C:\Users\Zdeněk\AppData\Roaming\Mozilla\Firefox\Profiles\jqvdt89e.default\extensions\toolbar@centrumholdings.com
- Lita Centrum.cz - %ProfilePath%\extensions\toolbar@centrumholdings.com
AppDir: C:\Program Files\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
==== Firefox Plugins ======================
==== Chromium Look ======================
Google Chrome Version: 41.0.2272.118 (Latest Stable version: 41.0.2272.118)
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[17.12.2014 19:53]
Avast Online Security - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
Avast Online Security - ZDENK~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
==== Chromium Startpages ======================
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Preferences
"startup_urls": [ "http://www.google.com/" ]
C:\Users\ZDENK~1\AppData\Local\Google\Chrome\User Data\Default\Preferences
"startup_urls": [ "http://www.google.com/" ]
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
==== Reset Google Chrome ======================
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\ZDENK~1\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\ZDENK~1\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
C:\Users\ZDENK~1\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\ZDENK~1\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
==== Empty IE Cache ======================
C:\Users\ZDENK~1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
C:\Users\ZDENK~1\AppData\Local\Mozilla\Firefox\Profiles\jqvdt89e.default\cache2 emptied successfully
==== Empty Chrome Cache ======================
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\ZDENK~1\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=28 folders=14 7381896 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Guest\AppData\Local\Temp emptied successfully
C:\Users\ZDENK~1\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\ZDENK~1\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on ne 05.04.2015 at 12:18:47,21 ======================
Tool run by ZdenŘk on ne 05.04.2015 at 11:28:40,71.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\ZDENK~1\Desktop\zoek\zoek.exe [Scan all users] [Script inserted]
==== Older Logs ======================
C:\zoek-results2015-04-04-160811.log 28898 bytes
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0a2a84f4-9092-4153-8fb5-5b8ba03750b7} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1205F046-3644-4C85-8612-2DA4339DEC8B} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{12CF63D2-2F0D-44A6-B35C-D5A932629E23} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{160dc8bf-b390-4bbc-b9d4-82613433b1a0} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1885BD11-273D-487F-BBF2-E5ABAB5751} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21BF3EB5-D99D-4C91-AAA6-FAC4FBF4F8D} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{22D479BE-3EDC-400C-B4F7-DD1492ED1EE3} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{27008620-9CA3-450F-9777-D232CE7E75A7} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{27D6CA0E-BCD8-4153-B21F-24D9A4D9CA9C} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2B4E3915-9608-466E-9251-9199B84C4528} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2C72965F-B85D-450A-9E97-A0AAF0C55639} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{33E32F7-9A22-4065-9366-3FA0BCB333E1} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3906A412-5FB1-459C-944B-171C81E2EE5D} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3c02d878-40b4-4713-b5b7-0e4d6c40f012} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3e65d2e6-1dfd-4ecb-b055-1683b4c42d7d} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{408A651C-299F-48A3-9D96-D5762CC42D98} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{41bb8c4b-59dc-41c4-a982-fa93ea7a6c20} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4353AD1A-4BB7-4AD7-8A62-6336BD5F2B15} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{449F84C9-784A-4E8C-93E1-7A3BFC86517F} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4C2B1BE5-652C-48EE-87C8-C5933488CFE3} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5C479CB8-C117-4BDA-9EE7-D814AC5E7383} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5C99527E-B258-4AEC-8BE7-A9147133655E} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5EC04285-50EA-4A8E-B5F7-29F3428CBB9} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{60065572-E5BA-47D1-AA88-82A6F14FE84B} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{623E4460-B59F-4893-8721-172948E24A5} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6353d04d-80b3-499f-8713-3dfe3b37b501} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{64AB190-3919-403B-B312-A489D6820AE} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{683E593B-8465-49F0-AAF5-2AB6109C2C21} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6BC0AB11-5028-4670-A6CE-CF227BB26F62} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6D585D18-DA54-4E41-90E6-BE6BC81F25E0} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6E51B858-E68E-4CF9-98C0-8A25784E412} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6E73F0E1-C20A-408A-A44A-402F4DF38D9A} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{723AA754-FC8F-44E6-BC1C-F3FEE1D1C493} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{74B74C2C-F50-4F58-90F-A2D4489B7F6} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{776ff69a-e3c6-4e05-85a1-4094cd4f98df} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7B80A435-6707-4622-B658-E723A89B7DE} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7DDFDEB4-FE0A-4A73-80CE-43F5D9E543C} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8BBB070B-9280-4F8E-9DF8-9C25BF964A6} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{926FC8BB-5194-4C30-A9CF-A2193E3C21E9} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{92DBDBB6-2727-4508-81D2-491B2D367F10} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99022292-A8F4-4748-B1A6-7062BEE82611} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9A0CB4B5-7389-4C8B-9A2-1737CBA29BA} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9B256BCC-BE4B-4668-A9F4-4A8B3CE1DCDD} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9BCF95DE-8866-4F39-887C-C4B43CC96A20} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9EB8467E-C5-4466-A21A-853125F52552} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9ED575F6-C82B-4093-8846-F84B494C2111} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9F26AF5F-16E0-4F66-9D90-E2BB210EAC5} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AAAB9674-AB0E-427A-981E-781718626D1} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B66AD454-A54F-432D-BABE-A05489E744F} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BABD2734-C0C2-445D-9627-AA83FF393C5C} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BC5E9254-6EA8-48AE-A871-34E86D5A7DF8} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BF454F84-1555-408F-96A1-25ED9BEB688} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BFCE958C-F6D3-44C3-834C-7691703BE8BF} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C643EAEE-884B-46F2-9D55-F45283A2D8} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C668EBF0-8FC8-47B9-B783-4C74DE0E0A1} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CF0840C6-886F-4C87-AB96-187FC45918F3} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D2E8078B-4B1D-4653-8C96-525FB14CE72} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D3E5AE69-8094-4F2D-ADD0-418FC7769DE2} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D86C13FB-C7D1-474B-9516-1CC79F7B27C8} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D8F96675-5010-4EA1-A6D1-677391E323B4} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DD1AA78D-B61D-4188-83F0-73527CB826CD} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E021124E-BFB1-4291-B887-0A41B3444A2} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E24BAE12-984B-42AB-AA74-6DD4367BEA92} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E4C6D3E9-921D-4A15-BC7-5D62152DFE48} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7CF9C47-C649-4384-B9B6-CFCA61B39597} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EFF608B6-9A84-42AA-8721-8972EB23664E} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{fb08f664-b812-462c-a88c-1d354a1eb4cc} deleted successfully
HKEY_USERS\S-1-5-21-3348947890-1879374955-3345096279-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FEFEF7F-99DC-4AF1-BAD0-374BE99BAA7C} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0a2a84f4-9092-4153-8fb5-5b8ba03750b7} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{160dc8bf-b390-4bbc-b9d4-82613433b1a0} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3c02d878-40b4-4713-b5b7-0e4d6c40f012} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3e65d2e6-1dfd-4ecb-b055-1683b4c42d7d} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{41bb8c4b-59dc-41c4-a982-fa93ea7a6c20} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6353d04d-80b3-499f-8713-3dfe3b37b501} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{776ff69a-e3c6-4e05-85a1-4094cd4f98df} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{fb08f664-b812-462c-a88c-1d354a1eb4cc} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\Guest\AppData\Roaming\Mozilla\Firefox\Profiles\sbegd9rh.default\prefs.js:
Added to C:\Users\Guest\AppData\Roaming\Mozilla\Firefox\Profiles\sbegd9rh.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
Deleted from C:\Users\MULTIM~1\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
Added to C:\Users\MULTIM~1\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
Deleted from C:\Users\MULTIM~1\AppData\Roaming\Mozilla\Firefox\Profiles\n9071zb8.default-1370150688715\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
Added to C:\Users\MULTIM~1\AppData\Roaming\Mozilla\Firefox\Profiles\n9071zb8.default-1370150688715\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
Deleted from C:\Users\ZDENK~1\AppData\Roaming\Mozilla\Firefox\Profiles\jqvdt89e.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.seznam.cz/");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("browser.search.useDBForOrder", true);
Added to C:\Users\ZDENK~1\AppData\Roaming\Mozilla\Firefox\Profiles\jqvdt89e.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Deleting Files \ Folders ======================
C:\Users\ZDENK~1\.android deleted
C:\Windows\System32\Tasks\avastBCLRestartS-1-5-21-3348947890-1879374955-3345096279-1000 deleted
C:\Windows\system32\config\systemprofile\Searches deleted
==== Firefox Start and Search pages ======================
ProfilePath: C:\Users\Guest\AppData\Roaming\Mozilla\Firefox\Profiles\sbegd9rh.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
ProfilePath: C:\Users\MULTIM~1\AppData\Roaming\Mozilla\Firefox\Profiles\extensions
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
ProfilePath: C:\Users\MULTIM~1\AppData\Roaming\Mozilla\Firefox\Profiles\n9071zb8.default-1370150688715
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
ProfilePath: C:\Users\ZDENK~1\AppData\Roaming\Mozilla\Firefox\Profiles\jqvdt89e.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [10.02.2015 16:06]
==== Firefox Extensions ======================
ProfilePath: C:\Users\ZDENK~1\AppData\Roaming\Mozilla\Firefox\Profiles\jqvdt89e.default
- Undetermined - C:\Users\Zdeněk\AppData\Roaming\Mozilla\Firefox\Profiles\jqvdt89e.default\extensions\toolbar@centrumholdings.com
- Lita Centrum.cz - %ProfilePath%\extensions\toolbar@centrumholdings.com
AppDir: C:\Program Files\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
==== Firefox Plugins ======================
==== Chromium Look ======================
Google Chrome Version: 41.0.2272.118 (Latest Stable version: 41.0.2272.118)
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[17.12.2014 19:53]
Avast Online Security - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
Avast Online Security - ZDENK~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
==== Chromium Startpages ======================
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Preferences
"startup_urls": [ "http://www.google.com/" ]
C:\Users\ZDENK~1\AppData\Local\Google\Chrome\User Data\Default\Preferences
"startup_urls": [ "http://www.google.com/" ]
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
==== Reset Google Chrome ======================
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\ZDENK~1\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\ZDENK~1\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
C:\Users\ZDENK~1\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\ZDENK~1\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
==== Empty IE Cache ======================
C:\Users\ZDENK~1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
C:\Users\ZDENK~1\AppData\Local\Mozilla\Firefox\Profiles\jqvdt89e.default\cache2 emptied successfully
==== Empty Chrome Cache ======================
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\ZDENK~1\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=28 folders=14 7381896 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Guest\AppData\Local\Temp emptied successfully
C:\Users\ZDENK~1\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\ZDENK~1\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on ne 05.04.2015 at 12:18:47,21 ======================
Re: Prosím o kontrolu logu
už se podařilo.. :)
Re: Prosím o kontrolu logu
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:23:06, on 5.4.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17689)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Samsung\Samsung Update Plus\SUPBackground.exe
C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe
C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
C:\Windows\system32\igfxext.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\notepad.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\Samsung\MagicKBD\MagicKBD.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
C:\Users\Zdeněk\Desktop\Zdeny\čištění Pc\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [MagicKeyboard] C:\Program Files\SAMSUNG\MagicKBD\PreMKBD.exe
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
--
End of file - 4110 bytes
Scan saved at 12:23:06, on 5.4.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17689)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Samsung\Samsung Update Plus\SUPBackground.exe
C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe
C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
C:\Windows\system32\igfxext.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\notepad.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\Samsung\MagicKBD\MagicKBD.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
C:\Users\Zdeněk\Desktop\Zdeny\čištění Pc\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [MagicKeyboard] C:\Program Files\SAMSUNG\MagicKBD\PreMKBD.exe
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
--
End of file - 4110 bytes
Re: Prosím o kontrolu logu
Problémy nejsou, Pc v pořádku...
Děkuji :)
Děkuji :)
-
jerabina
- člen Security týmu
-
Level 6
- Příspěvky: 3647
- Registrován: březen 13
- Bydliště: Litoměřice
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu
Zavři ostatní programy/prohlížeče, odpoj se od internetu a v HJT fixni:
NÁVOD
Vyčisti počítač CCleanerem
Stáhni si zde DelFix
https://toolslib.net/downloads/viewdownload/2-delfix/
ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7 a 8, musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore) .
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci.
Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem. Jinak je zpráva zde:
v C: \ DelFix.txt
Pokud nejsou problémy, je to vše a můžeš dát vyřešeno - zelenou "fajfku"
NÁVOD
Kód: Vybrat vše
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')Vyčisti počítač CCleanerem
Stáhni si zde DelFix
https://toolslib.net/downloads/viewdownload/2-delfix/
ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7 a 8, musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore) .
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci.
Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem. Jinak je zpráva zde:
v C: \ DelFix.txt
Pokud nejsou problémy, je to vše a můžeš dát vyřešeno - zelenou "fajfku"
Když nevíš jak dál, přichází na řadu prostudovat manuál!
HJT návod
Pokud neodpovídám do vašich témat v sekci HJT když jsem online, tak je to jen proto, že jsem na mobilu kde je studování logů a psaní skriptů nemožné. Neberte to tedy prosím jako ignoraci.
HJT návod
Pokud neodpovídám do vašich témat v sekci HJT když jsem online, tak je to jen proto, že jsem na mobilu kde je studování logů a psaní skriptů nemožné. Neberte to tedy prosím jako ignoraci.
Re: Prosím o kontrolu logu
# DelFix v10.9 - Logfile created 05/04/2015 at 16:53:05
# Updated 27/02/2015 by Xplode
# Username : Zdeněk - ZDENEK-PC
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
~ Removing disinfection tools ...
Deleted : C:\AdwCleaner
~ Cleaning system restore ...
Deleted : RP #96 [Windows Update | 03/17/2015 08:45:37]
Deleted : RP #97 [Windows Update | 03/20/2015 11:56:00]
Deleted : RP #98 [Windows Update | 03/24/2015 08:58:07]
Deleted : RP #99 [Windows Update | 03/26/2015 07:57:01]
Deleted : RP #100 [Windows Update | 03/27/2015 06:32:54]
Deleted : RP #101 [Windows Update | 03/31/2015 12:49:36]
Deleted : RP #102 [Windows Update | 04/04/2015 21:39:29]
New restore point created !
########## - EOF - ##########
# DelFix v10.9 - Logfile created 05/04/2015 at 16:52:15
# Updated 27/02/2015 by Xplode
# Username : Zdeněk - ZDENEK-PC
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
~ Removing disinfection tools ...
Deleted : C:\zoek_backup
Deleted : C:\AdwCleaner
Deleted : C:\zoek-results.log
Deleted : C:\zoek-results2015-04-04-160811.log
Deleted : C:\Users\Zdeněk\Desktop\JRT.txt
Deleted : C:\Users\Zdeněk\Desktop\zoek.zip
Deleted : HKLM\SOFTWARE\OldTimer Tools
Deleted : HKLM\SOFTWARE\AdwCleaner
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis
########## - EOF - ##########
# Updated 27/02/2015 by Xplode
# Username : Zdeněk - ZDENEK-PC
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
~ Removing disinfection tools ...
Deleted : C:\AdwCleaner
~ Cleaning system restore ...
Deleted : RP #96 [Windows Update | 03/17/2015 08:45:37]
Deleted : RP #97 [Windows Update | 03/20/2015 11:56:00]
Deleted : RP #98 [Windows Update | 03/24/2015 08:58:07]
Deleted : RP #99 [Windows Update | 03/26/2015 07:57:01]
Deleted : RP #100 [Windows Update | 03/27/2015 06:32:54]
Deleted : RP #101 [Windows Update | 03/31/2015 12:49:36]
Deleted : RP #102 [Windows Update | 04/04/2015 21:39:29]
New restore point created !
########## - EOF - ##########
# DelFix v10.9 - Logfile created 05/04/2015 at 16:52:15
# Updated 27/02/2015 by Xplode
# Username : Zdeněk - ZDENEK-PC
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
~ Removing disinfection tools ...
Deleted : C:\zoek_backup
Deleted : C:\AdwCleaner
Deleted : C:\zoek-results.log
Deleted : C:\zoek-results2015-04-04-160811.log
Deleted : C:\Users\Zdeněk\Desktop\JRT.txt
Deleted : C:\Users\Zdeněk\Desktop\zoek.zip
Deleted : HKLM\SOFTWARE\OldTimer Tools
Deleted : HKLM\SOFTWARE\AdwCleaner
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis
########## - EOF - ##########
Re: Prosím o kontrolu logu
vše OK :) děkuji :)
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 88 hostů