Kontrola logu

Puzzler · Příspěvekod **Puzzler** » 28 říj 2013 17:05

Zdravím. Po zpomalení pc Windows7 Home Premium, 64bitový OS (prohlížeč, prodleva cca 5 min. při zapínání - vypínání, otvárání souborů atd.) + přehrávání videa (dlouho se načítá, po rozjetí se seká), pc hry se vůbec nenačtou. Spybot nalezl - Ask.MyGlobalSearch, E2Give, Win32.Downloader.gen, DoubleClick (po odstranění problémů po restartu potíže přetrvávají). Pokus o bod obnovy před problémy OK, scan Cclean, Spybot - našel pouze DoubleClick. Prohlížeč funguje, ale otvírání souborů (jpg, avi, pdf), pc hrabe, videa, hry - všechno špatně jako předtím. Prosím o kontrolu logu a radu k dalšímu postupu, moc díky :

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:02:53, on 28.10.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16720)
Boot mode: Normal

Running processes:
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\Asus\Eee Docking\Eee Docking.exe
C:\Program Files (x86)\Asus\USBChargeSetting\iSeriesCharge.exe
C:\windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Users\Martin\AppData\Local\Mozilla Firefox\firefox.exe
C:\Users\Martin\AppData\Local\Mozilla Firefox\plugin-container.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
C:\Users\Martin\Downloads\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FreemakeTB - {adca5064-9e30-43fe-9856-58b07a3149fe} - C:\Program Files (x86)\FreeMake\prxtbFre2.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: DownloadHelper Class - {FF2573AE-E1ED-40e1-83BA-F544CB2EE135} - C:\Program Files (x86)\Common Files\Download Helper\DownloadHelper.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O3 - Toolbar: FreemakeTB Toolbar - {adca5064-9e30-43fe-9856-58b07a3149fe} - C:\Program Files (x86)\FreeMake\prxtbFre2.dll
O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\windows\AsScrPro.exe
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [HotkeyMon] AsusSender.exe C:\Program Files (x86)\ASUS\HotkeyService\HotKeyMon.exe
O4 - HKLM\..\Run: [HotkeyService] AsusSender.exe C:\Program Files (x86)\ASUS\HotkeyService\HotkeyService.exe
O4 - HKLM\..\Run: [SuperHybridEngine] AsusSender.exe C:\Program Files (x86)\ASUS\SHE\SuperHybridEngine.exe
O4 - HKLM\..\Run: [CapsHook] AsusSender.exe C:\Program Files (x86)\ASUS\CapsHook\CapsHook.exe
O4 - HKLM\..\Run: [Eee Docking] C:\Program Files (x86)\ASUS\Eee Docking\Eee Docking.exe autorun
O4 - HKLM\..\Run: [iSeriesCharge] C:\Program Files (x86)\ASUS\USBChargeSetting\iSeriesCharge.exe
O4 - HKLM\..\Run: [OOBESetup] C:\Program Files (x86)\asus\OOBERegBackup\OOBERegBackup.exe /restore -"C:\Program Files (x86)\asus\OOBERegBackup\OOBEReg.ini"
O4 - HKLM\..\Run: [ASUSPRP] C:\Program Files (x86)\ASUS\APRP\APRP.EXE
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe /S
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\RunOnce: [Delete] AsusSender.exe C:\Windows\Delete.exe
O4 - HKLM\..\RunOnce: [aswAhAScr.dll] "C:\Program Files\AVAST Software\Avast\aswRegSvr.exe" "C:\Program Files\AVAST Software\Avast\AhAScr.dll"
O4 - HKLM\..\RunOnce: [aswasOutExt.dll] "C:\Program Files\AVAST Software\Avast\aswRegSvr.exe" "C:\Program Files\AVAST Software\Avast\asOutExt.dll"
O4 - HKLM\..\RunOnce: [aswasOutExt64.dll] "C:\Program Files\AVAST Software\Avast\aswRegSvr64.exe" "C:\Program Files\AVAST Software\Avast\asOutExt64.dll"
O4 - HKLM\..\RunOnce: [ICQ6setup] cmd.exe /c rmdir /S /Q "C:\Program Files (x86)\ICQ7M"
O4 - Global Startup: AsusVibeLauncher.lnk = C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MIF5BA~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MIF5BA~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Asus Launcher Service (AsusService) - Unknown owner - C:\windows\SysWOW64\AsusService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12823 bytes

Reklama

Příspěvekod **Žbeky** » 28 říj 2013 18:10

Fixni:

Kód: Vybrat vše

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: FreemakeTB - {adca5064-9e30-43fe-9856-58b07a3149fe} - C:\Program Files (x86)\FreeMake\prxtbFre2.dll
O2 - BHO: DownloadHelper Class - {FF2573AE-E1ED-40e1-83BA-F544CB2EE135} - C:\Program Files (x86)\Common Files\Download Helper\DownloadHelper.dll
O3 - Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O3 - Toolbar: FreemakeTB Toolbar - {adca5064-9e30-43fe-9856-58b07a3149fe} - C:\Program Files (x86)\FreeMake\prxtbFre2.dll
O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\windows\AsScrPro.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [OOBESetup] C:\Program Files (x86)\asus\OOBERegBackup\OOBERegBackup.exe /restore -"C:\Program Files (x86)\asus\OOBERegBackup\OOBEReg.ini"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\RunOnce: [Delete] AsusSender.exe C:\Windows\Delete.exe
O4 - HKLM\..\RunOnce: [aswAhAScr.dll] "C:\Program Files\AVAST Software\Avast\aswRegSvr.exe" "C:\Program Files\AVAST Software\Avast\AhAScr.dll"
O4 - HKLM\..\RunOnce: [aswasOutExt.dll] "C:\Program Files\AVAST Software\Avast\aswRegSvr.exe" "C:\Program Files\AVAST Software\Avast\asOutExt.dll"
O4 - HKLM\..\RunOnce: [aswasOutExt64.dll] "C:\Program Files\AVAST Software\Avast\aswRegSvr64.exe" "C:\Program Files\AVAST Software\Avast\asOutExt64.dll"
O4 - HKLM\..\RunOnce: [ICQ6setup] cmd.exe /c rmdir /S /Q "C:\Program Files (x86)\ICQ7M"

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
- Pokud používáš Firefox, klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Chrome, nic dalšího nevybírej a dej Empty Selected.
Po vyčištění klikni na Exit k zavření programu.

Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(ZATÍM SÁM NIC NEMAŽ!).
Vlož sem pak obsah toho logu.

Stáhni AdwCleaner
Ulož si ho na svojí plochu
Ukonči všechny programy, okna a prohlížeče
Spusť program poklepáním a klikni na „Search“
Po skenu se objeví log (jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

Puzzler · Příspěvekod **Puzzler** » 02 lis 2013 22:07

Vše smazáno
ATF Cleaner proběhlo
TFC proběhlo
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.04.04.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16721
Martin :: ASUS-PC [limited]

2.11.2013 20:58:07
mbam-log-2013-11-02 (20-58-07).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 168429
Time elapsed: 49 minute(s), 4 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

Puzzler · Příspěvekod **Puzzler** » 02 lis 2013 22:58

# AdwCleaner v3.010 - Report created 02/11/2013 at 22:15:48
# Updated 20/10/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : asus - ASUS-PC
# Running from : C:\Users\Martin\Desktop\adwcleaner.exe
# Option : Scan

***** [ Services ] *****

***** [ Files / Folders ] *****

File Found : C:\windows\System32\Tasks\Scheduled Update for Ask Toolbar
Folder Found : C:\Users\asus\AppData\Roaming\Mozilla\Firefox\Profiles\onhbjlmt.default-1369569016397\Extensions\{EC8030F7-C20A-464F-9B0E-13A3A9E97384}
Folder Found : C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\ah49gy5d.default\Extensions\{EC8030F7-C20A-464F-9B0E-13A3A9E97384}
Folder Found C:\Program Files (x86)\Conduit
Folder Found C:\Program Files (x86)\FreeMake
Folder Found C:\Program Files (x86)\ICQ6Toolbar
Folder Found C:\ProgramData\ICQ\ICQToolbar
Folder Found C:\Users\asus\AppData\LocalLow\Conduit
Folder Found C:\Users\asus\AppData\LocalLow\FreeMake
Folder Found C:\Users\asus\AppData\LocalLow\PriceGong
Folder Found C:\Users\Martin\AppData\LocalLow\AskToolbar
Folder Found C:\Users\Martin\AppData\LocalLow\Conduit
Folder Found C:\Users\Martin\AppData\LocalLow\FreeMake
Folder Found C:\Users\Martin\AppData\LocalLow\PriceGong
Folder Found C:\windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Found : HKCU\Software\AppDataLow\Software\AskToolbar
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Found : HKCU\Software\AppDataLow\Software\Freemake
Key Found : HKCU\Software\AppDataLow\Software\PriceGong
Key Found : HKCU\Software\AppDataLow\Software\smartbar
Key Found : HKCU\Software\AppDataLow\Toolbar
Key Found : HKCU\Software\Freemake
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{ADCA5064-9E30-43FE-9856-58B07A3149FE}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{04CEFF5B-A46D-4417-8018-43A059BDF9A6}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ADCA5064-9E30-43FE-9856-58B07A3149FE}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Softonic
Key Found : [x64] HKCU\Software\Freemake
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Found : [x64] HKCU\Software\Softonic
Key Found : HKLM\Software\AskToolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{04CEFF5B-A46D-4417-8018-43A059BDF9A6}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{ADCA5064-9E30-43FE-9856-58B07A3149FE}
Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Found : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3214568
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\Freemake
Key Found : HKLM\Software\ICQ\ICQToolbar
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{80A6407C-B707-48EB-8E08-146E8D829E38}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CBA83F1E-5BA7-4042-A255-7E49C5FAE027}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ADCA5064-9E30-43FE-9856-58B07A3149FE}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{04CEFF5B-A46D-4417-8018-43A059BDF9A6}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FreeMake Toolbar
Value Found : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{ADCA5064-9E30-43FE-9856-58B07A3149FE}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{ADCA5064-9E30-43FE-9856-58B07A3149FE}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{ADCA5064-9E30-43FE-9856-58B07A3149FE}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{ADCA5064-9E30-43FE-9856-58B07A3149FE}]

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16720

Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search] - hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd

-\\ Mozilla Firefox v

[ File : C:\Users\asus\AppData\Roaming\Mozilla\Firefox\Profiles\onhbjlmt.default-1369569016397\prefs.js ]

[ File : C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\ah49gy5d.default\prefs.js ]

-\\ Google Chrome v30.0.1599.101

[ File : C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\preferences ]

[ File : C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [6427 octets] - [02/11/2013 22:15:50]

########## EOF - \AdwCleaner\AdwCleaner[R0].txt - [6487 octets] ##########

Příspěvekod **jaro3** » 03 lis 2013 10:38

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
Klikni na „ Vymazat-Clean“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.

Stáhni si Junkware Removal Tool

na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

Puzzler · Příspěvekod **Puzzler** » 03 lis 2013 12:37

# AdwCleaner v3.010 - Report created 03/11/2013 at 11:26:02
# Updated 20/10/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : asus - ASUS-PC
# Running from : C:\Users\Martin\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\ICQ\ICQToolbar
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\ICQ6Toolbar
Folder Deleted : C:\Program Files (x86)\FreeMake
Folder Deleted : C:\windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
Folder Deleted : C:\Users\asus\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\asus\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\asus\AppData\LocalLow\FreeMake
Folder Deleted : C:\Users\Martin\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\Martin\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Martin\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Martin\AppData\LocalLow\FreeMake
Folder Deleted : C:\Users\asus\AppData\Roaming\Mozilla\Firefox\Profiles\onhbjlmt.default-1369569016397\Extensions\{EC8030F7-C20A-464F-9B0E-13A3A9E97384}
Folder Deleted : C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\ah49gy5d.default\Extensions\{EC8030F7-C20A-464F-9B0E-13A3A9E97384}
File Deleted : C:\windows\System32\Tasks\Scheduled Update for Ask Toolbar

***** [ Shortcuts ] *****

***** [ Registry ] *****

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3214568
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADCA5064-9E30-43FE-9856-58B07A3149FE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{04CEFF5B-A46D-4417-8018-43A059BDF9A6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ADCA5064-9E30-43FE-9856-58B07A3149FE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ADCA5064-9E30-43FE-9856-58B07A3149FE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{04CEFF5B-A46D-4417-8018-43A059BDF9A6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{ADCA5064-9E30-43FE-9856-58B07A3149FE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{04CEFF5B-A46D-4417-8018-43A059BDF9A6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{80A6407C-B707-48EB-8E08-146E8D829E38}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CBA83F1E-5BA7-4042-A255-7E49C5FAE027}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{ADCA5064-9E30-43FE-9856-58B07A3149FE}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{ADCA5064-9E30-43FE-9856-58B07A3149FE}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{ADCA5064-9E30-43FE-9856-58B07A3149FE}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{ADCA5064-9E30-43FE-9856-58B07A3149FE}]
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\Freemake
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\smartbar
Key Deleted : HKCU\Software\AppDataLow\Software\Freemake
Key Deleted : HKLM\Software\AskToolbar
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\ICQ\ICQToolbar
Key Deleted : HKLM\Software\Freemake
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FreeMake Toolbar
Key Deleted : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16720

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]

-\\ Mozilla Firefox v

[ File : C:\Users\asus\AppData\Roaming\Mozilla\Firefox\Profiles\onhbjlmt.default-1369569016397\prefs.js ]

[ File : C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\ah49gy5d.default\prefs.js ]

-\\ Google Chrome v30.0.1599.101

[ File : C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\preferences ]

[ File : C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [6577 octets] - [02/11/2013 22:15:50]
AdwCleaner[R1].txt - [6637 octets] - [03/11/2013 10:51:47]
AdwCleaner[S0].txt - [6453 octets] - [03/11/2013 11:26:02]

########## EOF - \AdwCleaner\AdwCleaner[S0].txt - [6513 octets] ##########

Příspěvekod **memphisto** » 03 lis 2013 13:58

Ještě ten Rogue dodej

Puzzler · Příspěvekod **Puzzler** » 03 lis 2013 14:48

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.7 (10.15.2013:3)
OS: Windows 7 Home Premium x64
Ran by asus on ne 03.11.2013 at 13:20:16,85
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{4EB20372-9F22-4982-B819-F8AFA2FED4CB}
Successfully deleted: [Registry Key] "hkey_current_user\software\microsoft\internet explorer\low rights\elevationpolicy\{a5aa24ea-11b8-4113-95ae-9ed71deaf12a}"

~~~ Files

~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{01342C1E-5098-4737-ADEA-274559CE6784}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{025019B8-4CA7-41A0-A4C9-25AD88B37BA1}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{035D2C2C-5035-499B-B1FB-9E5DD7E04CAB}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{08EB705A-2627-4BD2-A69B-5247EFDBEDF2}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{0F7519A7-B5C9-4C31-9B8B-9303D1B3A511}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{108D93A7-AF1B-4A2F-BFAD-99297C649D11}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{1206FD1D-FFE8-4919-9AF7-B33566F91C7D}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{1536384A-A201-4E33-AEE7-DDC2B104F42A}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{177D1018-DC27-4B0C-B783-B091A5F1E580}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{1B84180E-0DC3-40DB-A209-3191DB17006F}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{1BD04B55-C669-442F-A1FE-72CE26601074}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{1DEA15DE-1329-4972-B119-D852EFADE2D1}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{1EEE78D3-1017-44F1-94E6-7C760893BB3A}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{2555702E-8B5F-4428-83C0-1E64E9E3DF3F}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{298BFB6E-473E-4E30-8C72-ECC552105480}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{2E825299-A75B-462B-B0E0-E15636C5B3BD}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{2EB2E74C-DE5A-4143-BB79-24599647DBCF}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{2F49CD77-053C-42BB-8A58-D5A05E9FAC5B}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{308B1059-2A43-4113-9985-4B1B612EC488}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{31552057-7DAD-437A-AB50-97224E693EDD}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{32FF9D93-5C06-4052-B704-1A4C37166E2A}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{33C9C707-E785-47DE-9695-16D3337338BF}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{35F5940A-4825-446E-890F-82492D367C35}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{371AFD71-901F-4A5A-9EC7-FD4904B1527A}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{3CBFBB55-E837-43EB-A562-885D37D7877C}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{3DB7EC27-9950-4D5E-B776-8EA8A406A121}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{3E3EB5FD-0973-4B1F-BF46-93A9F7860018}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{3E73A7BD-9D7D-4759-826F-0C43B7902487}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{3F0136F2-1D20-4492-B67F-BD29C82AD1A2}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{40D2A784-1068-437A-A4AF-266706703CD4}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{439C9A5C-08ED-42A5-A5EA-9BC8A0FA2B91}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{43BF577F-DD1B-4992-9888-5E09D7121B5D}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{44BED64C-C68D-4C35-B596-CAC8CEBB446A}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{46242CD0-2BEA-4DF3-AAE7-A2C82372E6FB}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{4721E85F-C614-4436-8A1D-854F6AF616D2}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{474D6B6A-73C3-4D17-AEF4-BA34B7D2F160}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{4862A80A-5600-4D8F-A162-9EF610FFB3B6}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{4B7608A4-2F89-4F1D-A99A-FF754E5DF138}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{4C41067D-C7DA-4460-A519-DCC3EC5B0ABE}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{4C576A5D-9F01-440C-B42D-304A0F7D5E12}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{4CABC2F0-3D12-489E-AD5A-5157FBC6A9F1}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{502E8E70-8ED2-4C36-91B7-5B6F38790E3D}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{5084841E-D150-4E5E-ADF7-AACF1DEC15E1}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{50AF7A3C-A477-438D-A5FE-0A0BF46988F2}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{608FA12C-397C-4761-BAC6-B8EBF7D3C24C}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{656FB0E6-196B-4B96-9CD4-2CE284FC42EA}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{669AC27E-73E8-447C-85DD-DABA75C8E5F6}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{66D60FF9-3490-466F-8093-D6D5E029BF1A}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{6762BC8E-7292-4E1A-96FA-CE86CD7BC03B}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{6CB2AAB5-62C8-4CE3-8916-3FC3079C0438}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{6CD7D95E-223C-4134-8B16-45DEE2F7FF51}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{6EA9FF77-9EA1-4DF9-80E6-91D29B6F23DC}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{6F8D4FF7-B43C-4C87-A79A-A33BCF28C345}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{75413003-45AA-4599-B843-6476616485BB}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{77031975-B38C-49DA-8F42-A70C54A0EF34}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{782BAB4B-B83A-4A48-A085-BF8C66DF461E}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{7B420DD8-4C0B-4874-9121-BD40D964EA1B}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{7D34D373-CE65-41C0-B6D8-2E8FC68E4F57}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{81D36957-E3E5-4867-B380-BA5AE8CE0B09}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{81D4BE3D-28A2-4043-95B3-83681BFF4AFA}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{8719AE05-C4CB-43CF-BDAB-46C1F66CCD4F}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{8893D266-B3DD-431C-BC9E-6C8F2C95EF60}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{88BA0DD4-09A5-46E5-B88C-E1CED7C33D72}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{8AE0B686-8B0C-4202-8B65-CB3AD0A7FBF4}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{8B19CF90-09C0-4F59-85CB-CBE913C7D57E}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{8EB81EF9-D2E4-4B01-AB09-4B8E66CCB790}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{8FA11F2B-A019-4827-A944-6819920E2C93}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{8FCB8E03-95EE-4ECC-A61C-76A723399E32}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{9089BB22-9A87-45DE-8F57-4523E264299E}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{91659603-D4EB-4FBE-A090-0FD2F48CF90B}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{91D9AB1D-F3B3-4667-87AC-0E434531955E}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{9351F24E-A5AC-4A3C-A3EA-899437F20FC4}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{9C1DFF5D-3CC4-41C5-AD15-741B25EAA91F}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{9DD266A3-62D1-44F9-9135-9E6D8D631AED}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{A0ED1BF1-14CF-42CD-8799-89C39376782D}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{A537B336-2ADD-455C-A601-676A6FA84BBE}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{A5633959-F333-4EC8-926E-DC3E39BEA712}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{A65D2CC4-FCE6-4F55-9012-E617FE240B9D}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{A6787487-9745-4CD3-8BA8-5656665D6E03}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{A8878484-EC96-4758-AD89-E299A03638BE}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{ADDC7F31-A5F0-4736-9CA9-B6366EA24FD9}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{AF27BD58-2710-4F49-80E2-C05820C3429F}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{B1877203-DC14-4865-8551-AAF3F1E6177F}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{B8D09E99-E987-429C-8654-A3FEE87844D1}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{B9E06391-7BA7-4601-8B89-7F118B91801B}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{BF10E1AB-200D-4686-B124-01245F4F8B19}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{C11AD7B3-1DB5-4B34-B6F4-A179E766D1C6}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{C34F13F2-7C8B-4EE3-ACAE-04BA56DD1156}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{C36DB6AC-1AA1-4AC5-9006-A04DDFD717CB}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{C3CA8977-65EB-4FE0-B22D-F16E199709C6}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{C3E12B43-3270-40A7-B142-EB1D68519246}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{C54EBF56-1908-411F-A4F7-56C02D2244C1}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{C6A76DFD-3CA9-4370-B35E-30AE719E2EA5}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{CDD838CF-B5D3-4CDF-8C81-2E5D3AAF9CB1}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{CE75C75B-FE07-4B98-9E5C-1F960C75C40A}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{D12D88A8-EDF5-43CB-A1AE-F7F3E560CD0A}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{D59ED61E-561E-4788-AD20-2F5733DCECBB}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{D78EC10F-F0F8-46B5-8391-E78DA62C4C96}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{D9F8B07D-8950-4479-B2E4-B306B4D5D4A9}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{DEA24F7A-02A9-4C34-A7F9-59C3C3AD711E}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{E3DB8674-5A11-4238-80AA-9323ED5F06BA}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{E6493F89-D6E4-4B72-8569-89B1A0847020}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{E7F4B62A-A63E-46DF-B06E-19B52244AE70}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{E94AD0D1-079A-4D1B-A996-30E3FFF6FFC9}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{E97F0DED-F74C-43B4-B112-482F9B8A3DCF}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{EAAB824B-990F-4F95-8439-B3B4FD40FBA4}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{EDD53CBF-D21C-401E-92DB-C3AC553C5E2B}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{EEEE3A04-26FE-4828-A1D4-0812B1339DF6}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{F452FAC8-4C3F-4BBF-9BA2-BDF885AE75C9}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{F4A8B690-1E78-495E-A62A-E8148AA17A21}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{F76B0328-1AD4-4E60-9520-294098B3104D}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{F805449E-9079-4C00-B300-2E457FC95CA7}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{F9683D9B-E597-4360-A8BE-FD8989E257B6}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{F9E01DBB-79E3-49E0-A3F3-D9BDED87A9A6}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{FA1CC403-E621-4AA8-9640-F347C3947A7F}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{FAFD5218-A86C-4667-9E51-1C32436D1A49}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{FC23E6D7-9D24-4345-B4A1-EAD15E0662BE}
Successfully deleted: [Empty Folder] C:\Users\asus\appdata\local\{FC588DE6-82FE-4A45-8F42-E256CB5BAC78}

~~~ Chrome

Successfully deleted: [Folder] C:\Users\asus\appdata\local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on ne 03.11.2013 at 14:11:40,53
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Puzzler · Příspěvekod **Puzzler** » 03 lis 2013 17:50

RogueKiller V8.7.6 _x64_ [Oct 28 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : asus [Práva správce]
Mód : Kontrola -- Datum : 11/03/2013 17:49:59
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 11 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : Boxoft Tools ("C:\ProgramData\Boxtools\Boxofttoolbox.exe" -autorun [-]) -> NALEZENO
[RUN][SUSP PATH] HKUS\S-1-5-21-1946843517-722322352-3031627691-1001\[...]\Run : Boxoft Tools ("C:\ProgramData\Boxtools\Boxofttoolbox.exe" -autorun [-]) -> NALEZENO
[RUN][SUSP PATH] HKLM\[...]\Wow6432Node\[...]\RunOnce : Delete (AsusSender.exe C:\Windows\Delete.exe [x][-]) -> NALEZENO
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> NALEZENO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 1 ¤¤¤
[asus][SUSP UNIC] Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk : C:\Users\asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk @C:\PROGRA~2\MIF5BA~1\Office14\ONENOTEM.EXE /tsr [-][7] -> NALEZENO

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

127.0.0.1 3dns-1.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-4.adobe.com
127.0.0.1 3dns.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 activate.adobe.com
127.0.0.1 activate.adobe.com
127.0.0.1 activate.wip.adobe.com
127.0.0.1 activate.wip1.adobe.com
127.0.0.1 activate.wip2.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 activate.wip4.adobe.com
127.0.0.1 adobe-dns-1.adobe.com
[...]

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST9500325AS +++++
--- User ---
[MBR] 5b30288b69502bbc4146c136c766b14f
[BSP] 56d8289e8b12eb96ab688e6714ed55d6 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 102400 Mo
1 - [XXXXXX] FAT32 (0x1b) [HIDDEN!] Offset (sectors): 209717248 | Size: 15360 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 241174528 | Size: 359162 Mo
3 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 976738304 | Size: 16 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_S_11032013_174959.txt >>

Příspěvekod **jaro3** » 04 lis 2013 09:55

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB nebo externí disky z počítače před spuštěním tohoto programu.
Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "
- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

Stáhni si TDSSKiller
Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller. 2.8.16.0_(datum)_log.txt , vlož sem prosím celý obsah logu.

Puzzler · Příspěvekod **Puzzler** » 13 lis 2013 09:47

Zdravím po časové prodlevě. Mám jen dotaz, abych třeba nesmazal něco, co nemám.
Vše jsem vypnul, zavřel, odpojil atd. podle návodu, spustil RogueKiller jako správce, proběhl Prescan (našlo to jeden odkaz) - ten jsem měl Smazat,
nebo ještě nechat projít Prohledat (což mi našlo zatím cca 14 odkazů) a tyto teprve nechat Smazat ? Díky.

Příspěvekod **jaro3** » 13 lis 2013 11:11

Dej prohledat a klikni na Zpráva a zkopíruj ho sem celý.

Kontrola logu

Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Kdo je online