Prosím o kontrolu logu - seká se notebook

[fandam007]

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:07:49, on 25.9.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16686)
Boot mode: Normal

Running processes:
C:\windows\system32\Dwm.exe
C:\Program Files\Oceanis\SystemSetting\WallPaperAgent.exe
C:\windows\system32\taskhost.exe
C:\windows\Explorer.exe
C:\windows\system32\taskeng.exe
C:\Program Files\IObit\Advanced SystemCare 6\Monitor.exe
C:\ExpressGateUtil\VAWinAgent.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\windows\system32\igfxsrvc.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\WebcamMax\wcmmon.exe
C:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe
C:\Program Files\Jet Screenshot\jetScreenshot.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
C:\windows\system32\SearchProtocolHost.exe
C:\windows\system32\wuauclt.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com/?l=dis&o=14672
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: My WebcamMax Toolbar - {9e35e959-d723-4b5f-9207-2a94f8ab9068} - C:\Program Files\My_WebcamMax\tbMy_W.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Trend Micro NSC BHO - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: My WebcamMax Toolbar - {9e35e959-d723-4b5f-9207-2a94f8ab9068} - C:\Program Files\My_WebcamMax\tbMy_W.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: TmBpIeBHO - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll
O2 - BHO: Windows 7 Starter Helper - {D381FF29-7CFB-4D4E-B92A-C4EDDC696614} - C:\Program Files\Oceanis\SystemSetting\StarterHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: My WebcamMax Toolbar - {9e35e959-d723-4b5f-9207-2a94f8ab9068} - C:\Program Files\My_WebcamMax\tbMy_W.dll
O4 - HKLM\..\Run: [GfxServiceInstall] C:\windows\system32\GfxCUIServiceInstall.vbs
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [HotkeyMon] AsusSender.exe C:\Program Files\ASUS\HotkeyService\HotKeyMon.exe
O4 - HKLM\..\Run: [HotkeyService] AsusSender.exe C:\Program Files\ASUS\HotkeyService\HotkeyService.exe
O4 - HKLM\..\Run: [SuperHybridEngine] AsusSender.exe C:\Program Files\ASUS\SHE\SuperHybridEngine.exe
O4 - HKLM\..\Run: [LiveUpdate] AsusSender.exe C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe auto
O4 - HKLM\..\Run: [CapsHook] AsusSender.exe C:\Program Files\ASUS\CapsHook\CapsHook.exe
O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe /S
O4 - HKLM\..\Run: [VizorHtmlDialog.exe] "C:\Program Files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe" "DEF" "EULA" "C:\Program Files\Trend Micro\Titanium\UI\Installer.cmpt\resources\preinstall_01_welcome_trial.html" "DEF" "DEF" "DEF"
O4 - HKLM\..\Run: [Trend Micro Client Framework] "C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe"
O4 - HKLM\..\Run: [Trend Micro Titanium] C:\Program Files\Trend Micro\Titanium\VizorShortCut.exe -ReFlush "none" "none"
O4 - HKLM\..\Run: [VAWinAgent] C:\ExpressGateUtil\VAWinAgent.exe
O4 - HKLM\..\Run: [IgfxTray] C:\windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ASUSPRP] C:\Program Files\ASUS\APRP\APRP.EXE
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [WebcamMaxMoniter] "C:\Program Files\WebcamMax\wcmmon.exe" /a
O4 - HKCU\..\Run: [Advanced SystemCare 6] "C:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Jana\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [Jet Screenshot] "C:\Program Files\Jet Screenshot\jetScreenshot.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Google Update] "C:\Users\Jana\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: AsusVibeLauncher.lnk = C:\Program Files\Asus\AsusVibe\AsusVibeLauncher.exe
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIF5BA~1\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll
O18 - Protocol: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 6 (AdvancedSystemCareService6) - IObit - C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
O23 - Service: Trend Micro Solution Platform (Amsp) - Trend Micro Inc. - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files\ASUS\InstantOn for EPC\InsOnSrv.exe
O23 - Service: Asus Launcher Service (AsusService) - Unknown owner - C:\windows\system32\AsusService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: SInstalátor (ssinstall) - PS Media s.r.o. - C:\windows\System32\ssins.exe
O23 - Service: TiMiniService - Trend Micro Inc. - C:\Program Files\Trend Micro\Titanium\TiMiniService.exe
O23 - Service: VideAceWindowsService - Unknown owner - C:\ExpressGateUtil\VAWinService.exe

--
End of file - 11633 bytes

[Reklama]

[guest]

Si děláš pr...., že to tu máš 4x ?

[Vikinic]

Už pětkrát

[fandam007]

Omlouvám se, sekl se mi notebook a já na to asi 4x kliknul. Nechám tu jen toto a ty ostatní označím za vyřesené.

[fandam007]

Tak a je to, ještě jednou se omlouvám.

[jaro3]

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.


Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Stáhni AdwCleaner

Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Pokud budou problémy , spusť v nouz. režimu.

[fandam007]

Tady je log z adwCleaneru:

# AdwCleaner v3.009 - Report created 20/10/2013 at 17:21:08
# Updated 19/10/2013 by Xplode
# Operating System : Windows 7 Starter Service Pack 1 (32 bits)
# Username : Jana - MININOTAS
# Running from : C:\Users\Jana\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\Program Files\My_WebcamMax
Folder Deleted : C:\Users\Jana\AppData\Local\apn
File Deleted : C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\mvo7k138.default\invalidprefs.js
File Deleted : C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\mvo7k138.default\searchplugins\Askcom.xml
File Deleted : C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\mvo7k138.default\user.js

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_angry-birds-theme_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_angry-birds-theme_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9E35E959-D723-4B5F-9207-2A94F8AB9068}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9E35E959-D723-4B5F-9207-2A94F8AB9068}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9E35E959-D723-4B5F-9207-2A94F8AB9068}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9E35E959-D723-4B5F-9207-2A94F8AB9068}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{9E35E959-D723-4B5F-9207-2A94F8AB9068}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{9E35E959-D723-4B5F-9207-2A94F8AB9068}]
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\My_WebcamMax
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\My_WebcamMax
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\My WebcamMax Toolbar

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16720

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v17.0.1 (cs)

[ File : C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\mvo7k138.default\prefs.js ]

Line Deleted : user_pref("browser.search.order.1", "Ask.com");
Line Deleted : user_pref("browser.search.selectedEngine", "Ask.com");
Line Deleted : user_pref("browser.startup.homepage", "hxxp://eu.ask.com/?l=dis&o=14672");

-\\ Google Chrome v30.0.1599.101

[ File : C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [3896 octets] - [20/10/2013 16:49:11]
AdwCleaner[S0].txt - [3865 octets] - [20/10/2013 17:21:08]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3925 octets] ##########

[fandam007]

Tady je log z MbAM:

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2013.10.20.05

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 10.0.9200.16721
Jana :: MININOTAS [administrátor]

Ochrana: Povolena

20.10.2013 20:39:01
MBAM-log-2013-10-20 (21-24-22).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 218322
Uplynulý čas: 43 minut, 4 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 2
C:\Users\Jana\Downloads\SoftonicDownloader_for_angry-birds-theme.exe (PUP.Optional.Softonic.A) -> Nebyla provedena žádná instrukce.
C:\Users\Public\Desktop\MP3 Downloader.lnk (Rogue.Link) -> Nebyla provedena žádná instrukce.

(konec)

[Orcus]

No v Adw jsi naštěstí nesmazal nic důležitýho ale příště nejdřív log a pak až budem mazat. OK USA?

Znovu spusť MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- ujistit se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Remove Selected
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit

====================================================

Stáhni si Junkware Removal Tool

na svojí plochu.
Deaktivuj si svůj antivirový program.
Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

====================================================

Stáhni si TDSSKiller

Na svojí plochu. Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.

[fandam007]

Log číslo 2 z mbam:

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2013.10.26.06

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 10.0.9200.16721
Jana :: MININOTAS [administrátor]

Ochrana: Povolena

26.10.2013 21:41:38
mbam-log-2013-10-26 (21-41-38).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 219561
Uplynulý čas: 34 minut, 1 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 2
C:\Users\Jana\Downloads\SoftonicDownloader_for_angry-birds-theme.exe (PUP.Optional.Softonic.A) -> Přesun do karantény a smazání se zdařilo.
C:\Users\Public\Desktop\MP3 Downloader.lnk (Rogue.Link) -> Přesun do karantény a smazání se zdařilo.

(konec)

[jaro3]

A Junkware Removal Tool? TDSSKiller?

+
Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

[fandam007]

Vše si stáhnu a nechám to prohledat. Tady je log z JRT:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.7 (10.15.2013:3)
OS: Windows 7 Starter x86
Ran by Jana on ne 27.10.2013 at 9:49:09,75
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{7CD59B26-5079-41DD-A1C7-B40AA4A9BA28}



~~~ Files



~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\Jana\appdata\local\{00F0BEE6-1552-4DD4-9D55-D0733216E0F2}
Successfully deleted: [Empty Folder] C:\Users\Jana\appdata\local\{02F9DFA6-E074-434C-8DB1-413C0D50BC5A}
Successfully deleted: [Empty Folder] C:\Users\Jana\appdata\local\{046EDFDE-DD69-4FE1-8E58-9314CC93CD5D}
Successfully deleted: [Empty Folder] C:\Users\Jana\appdata\local\{08BC783C-5583-4200-8FD6-24543B3E1255}
Successfully deleted: [Empty Folder] C:\Users\Jana\appdata\local\{12F54794-0E8A-46F8-9BEC-B5432B017826}
Successfully deleted: [Empty Folder] C:\Users\Jana\appdata\local\{14C5BCD0-6BC7-48DF-9D99-096931C127FC}
Successfully deleted: [Empty Folder] C:\Users\Jana\appdata\local\{1B556DF8-6566-4BD5-9519-E2E0EC40D578}
Successfully deleted: [Empty Folder] C:\Users\Jana\appdata\local\{1CC5AC7C-7535-4B8E-9469-176C9892C163}
Successfully deleted: [Empty Folder] C:\Users\Jana\appdata\local\{1EF65A94-4AF6-49DD-809B-D3BB63C2DF54}
Successfully deleted: [Empty Folder] C:\Users\Jana\appdata\local\{1F1ADAC5-AA26-4012-80C5-798E41292ED2}
Successfully deleted: [Empty Folder] C:\Users\Jana\appdata\local\{22234065-1A46-4183-BDAB-90C76C9CE432}
Successfully deleted: [Empty Folder] C:\Users\Jana\appdata\local\{2262E551-E3E7-4395-B80C-53B405B6260A}
Successfully deleted: [Empty Folder] C:\Users\Jana\appdata\local\{2ADD4702-C9FA-4579-A15D-788691A19B7A}
Successfully deleted: [Empty Folder] C:\Users\Jana\appdata\local\{2AE7FC2B-D586-4C62-9196-857BE6E7549C}
Successfully deleted: [Empty Folder] C:\Users\Jana\appdata\local\{30DCF4AB-2C88-4B88-9C46-5389E3DE3BF0}
Successfully deleted: [Empty Folder] C:\Users\Jana\appdata\local\{337FA595-EAF2-4788-85FD-D6ED6D65F7CB}
Successfully deleted: [Empty Folder] C:\Users\Jana\appdata\local\{343729F9-C0DA-46D7-B167-1F6A5393764B}
Successfully deleted: [Empty Folder] C:\Users\Jana\appdata\local\{3506A185-971F-4D47-9CA9-787D03218530}
Successfully deleted: [Empty Folder] C:\Users\Jana\appdata\local\{36C938E9-2CFA-4D41-8F11-AF57E05BECA9}
Successfully deleted: [Empty Folder] C:\Users\Jana\appdata\local\{3F248C3D-772C-4C30-B721-3C2CDBD9A1F5}
Successfully deleted: [Empty Folder] C:\Users\Jana\appdata\local\{43288E82-6EC5-4222-991E-45E1FF7231B5}
Successfully deleted: [Empty Folder] C:\Users\Jana\appdata\local\{48253573-1FF2-41C9-A323-C8740E0FCC1E}
Successfully deleted: [Empty Folder] C:\Users\Jana\appdata\local\{4A631535-6D22-4604-BBAC-ED36E0931E86}
Successfully deleted: [Empty Folder] C:\Users\Jana\appdata\local\{4B017180-98F9-40A2-ACB4-3C3D24AFF128}
Successfully deleted: [Empty Folder] C:\Users\Jana\appdata\local\{4D606CF6-6835-4D7D-A7DA-8DCFF42B8827}
Successfully deleted: [Empty Folder] C:\Users\Jana\appdata\local\{4EC1DB18-A74F-4A95-B983-0C103609CA4E}
Successfully deleted: [Empty Folder] C:\Users\Jana\appdata\local\{4FFDE9D2-71F4-4278-A1A8-BF670AC098F3}
Successfully deleted: [Empty Folder] C:\Users\Jana\appdata\local\{5583864D-FAFE-4877-A610-487F9FA4E699}
Successfully deleted: [Empty Folder] C:\Users\Jana\appdata\local\{5A6C2F61-FCF8-4EA2-BA24-479335275B9E}
Successfully deleted: [Empty Folder] C:\Users\Jana\appdata\local\{5AF26B3B-E641-4F70-A881-9BD1A71A04EC}
Successfully deleted: [Empty Folder] C:\Users\Jana\appdata\local\{5C928932-DDCA-4D35-AF10-3DC9C2CAA622}
Successfully deleted: [Empty Folder] C:\Users\Jana\appdata\local\{5E5D6689-0D13-43EE-9020-4273E4084149}
Successfully deleted: [Empty Folder] C:\Users\Jana\appdata\local\{5EE8B5C5-58E2-4729-8989-A59001BC65D3}
Successfully deleted: [Empty Folder] C:\Users\Jana\appdata\local\{61D914E9-B9CD-4BDD-B687-FF1BF584C4E2}
Successfully deleted: [Empty Folder] C:\Users\Jana\appdata\local\{63FBFB0C-3273-46A6-BA23-CD461A98959F}
Successfully deleted: [Empty Folder] C:\Users\Jana\appdata\local\{641282FA-1846-4676-8F5C-93947996F59E}
Successfully deleted: [Empty Folder] C:\Users\Jana\appdata\local\{6BF76BEC-6B3C-4ED8-8C66-B159BBF0D40E}
Successfully deleted: [Empty Folder] C:\Users\Jana\appdata\local\{6FAA4FA4-AC5A-4BDA-B751-2425C8884449}
Successfully deleted: [Empty Folder] C:\Users\Jana\appdata\local\{74F814A5-4FB3-4306-9716-0EB5F89A2041}
Successfully deleted: [Empty Folder] C:\Users\Jana\appdata\local\{79999F3A-5B06-4ABD-B080-653D9A2632B8}
Successfully deleted: [Empty Folder] C:\Users\Jana\appdata\local\{7A729B19-0DE2-468D-B91B-DF3903B37AC2}
Successfully deleted: [Empty Folder] C:\Users\Jana\appdata\local\{7B3C515D-C036-41A4-9176-F8B030021A26}
Successfully deleted: [Empty Folder] C:\Users\Jana\appdata\local\{7B98A815-B3F1-469A-9A2B-8926A3DF3F86}
Successfully deleted: [Empty Folder] C:\Users\Jana\appdata\local\{7F24F40A-F6FC-467E-998C-8B82EB27FC8D}
Successfully deleted: [Empty Folder] C:\Users\Jana\appdata\local\{809DD26C-53F6-4C39-BCEB-F771B8D26452}
Successfully deleted: [Empty Folder] C:\Users\Jana\appdata\local\{82940E07-ADE5-4931-8320-9AFF1A0A83F2}
Successfully deleted: [Empty Folder] C:\Users\Jana\appdata\local\{84C593B2-396F-4C5F-8473-44AD37ABC951}
Successfully deleted: [Empty Folder] C:\Users\Jana\appdata\local\{85577D12-01FE-4D30-B1AA-563774B263EC}
Successfully deleted: [Empty Folder] C:\Users\Jana\appdata\local\{89327EDC-331D-4DAF-8C99-B0B2A2C75833}
Successfully deleted: [Empty Folder] C:\Users\Jana\appdata\local\{8B70C615-2B27-4E21-B3C8-71CB534E027D}
Successfully deleted: [Empty Folder] C:\Users\Jana\appdata\local\{8F7213D5-905C-40A7-92D2-88A9D6E1F396}
Successfully deleted: [Empty Folder] C:\Users\Jana\appdata\local\{917DD897-DF1A-4740-A8AE-A0A4348D0048}
Successfully deleted: [Empty Folder] C:\Users\Jana\appdata\local\{9232543C-3A03-4255-935F-64FCD9D14F35}
Successfully deleted: [Empty Folder] C:\Users\Jana\appdata\local\{92FC5438-73A8-4E79-80F9-92662B49FC5E}
Successfully deleted: [Empty Folder] C:\Users\Jana\appdata\local\{93B6EFF1-85E0-452B-B8C0-8E6198951E2D}
Successfully deleted: [Empty Folder] C:\Users\Jana\appdata\local\{96679A3E-D941-4C93-A1BC-CEC0B5DA1AD8}
Successfully deleted: [Empty Folder] C:\Users\Jana\appdata\local\{974264F5-7F55-416D-B33C-5C60A2D9723D}
Successfully deleted: [Empty Folder] C:\Users\Jana\appdata\local\{98E88000-0F65-4231-871C-78D2351AEF2F}
Successfully deleted: [Empty Folder] C:\Users\Jana\appdata\local\{A4A13100-994F-4F34-96EF-0DC3EC385760}
Successfully deleted: [Empty Folder] C:\Users\Jana\appdata\local\{A795AC6E-A5ED-4291-8AEF-831D7E9686C2}
Successfully deleted: [Empty Folder] C:\Users\Jana\appdata\local\{AF6AFCA1-FA29-4E9F-B8EB-11635DC70A23}
Successfully deleted: [Empty Folder] C:\Users\Jana\appdata\local\{B090E0EE-01A5-4542-A3B4-09B3240AAAE2}
Successfully deleted: [Empty Folder] C:\Users\Jana\appdata\local\{B4061AAF-A347-4C88-B831-E22772A3A396}
Successfully deleted: [Empty Folder] C:\Users\Jana\appdata\local\{B5F65402-BB70-4A51-9A64-54B865A2663B}
Successfully deleted: [Empty Folder] C:\Users\Jana\appdata\local\{B6B2D0FD-1A82-4625-888D-5EBDA15C64E9}
Successfully deleted: [Empty Folder] C:\Users\Jana\appdata\local\{B9C6AD05-7AC7-487F-BF4E-89CA73280D8B}
Successfully deleted: [Empty Folder] C:\Users\Jana\appdata\local\{BEE97D13-E4FB-42FA-AF82-4AF4C3A12D3F}
Successfully deleted: [Empty Folder] C:\Users\Jana\appdata\local\{C1125CA3-2BE7-4B10-8916-D68C7F70590B}
Successfully deleted: [Empty Folder] C:\Users\Jana\appdata\local\{C5243D01-E470-4450-90BA-43C97A7945C7}
Successfully deleted: [Empty Folder] C:\Users\Jana\appdata\local\{C91C4235-C677-488E-AC70-5D2BF43625C2}
Successfully deleted: [Empty Folder] C:\Users\Jana\appdata\local\{D39BFDF9-070B-4AEE-896F-F858B5341077}
Successfully deleted: [Empty Folder] C:\Users\Jana\appdata\local\{DD876F94-F031-4363-A63A-054CE35F1C77}
Successfully deleted: [Empty Folder] C:\Users\Jana\appdata\local\{DE3E66E3-BBF0-4317-861F-4670C04579EF}
Successfully deleted: [Empty Folder] C:\Users\Jana\appdata\local\{E475FF04-160E-4878-B7C5-7AAFF3E02A01}
Successfully deleted: [Empty Folder] C:\Users\Jana\appdata\local\{E7E9E90B-347B-4EA5-AE7A-D8523776B691}
Successfully deleted: [Empty Folder] C:\Users\Jana\appdata\local\{EB3EC804-87E3-4E9E-B477-92137F10FF82}
Successfully deleted: [Empty Folder] C:\Users\Jana\appdata\local\{ED66700F-7D9E-483C-9511-0A2429624C76}
Successfully deleted: [Empty Folder] C:\Users\Jana\appdata\local\{EF404596-0895-47A7-8D38-1850BBCAF621}
Successfully deleted: [Empty Folder] C:\Users\Jana\appdata\local\{F38A59C8-A313-4D05-AF2E-DAD2150C2DF4}
Successfully deleted: [Empty Folder] C:\Users\Jana\appdata\local\{F47E5794-5F62-498A-BD6E-3BC3DE0D164B}
Successfully deleted: [Empty Folder] C:\Users\Jana\appdata\local\{F5AF0701-2AE1-4F76-9B8B-E325F0C5AEBD}



~~~ Chrome

Successfully deleted: [Folder] C:\Users\Jana\appdata\local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on ne 27.10.2013 at 10:37:08,09
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~