Prosím o kontrolu logu Vyřešeno

[Nutrix]

Zdravím,
dnes jsem zapnul PC a následně se u mého výchozího prohlížeče (Chrome) zobrazuje ruská stránka

► Zobrazit spoiler

http://www.gameharbor.org

, je plná hovadin, reklam atd...
Tedy prosím o kontrolu. Díky

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:38:33, on 10. 9. 2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17278)

FIREFOX: 29.0.1 (cs)
Boot mode: Normal

Running processes:
C:\Users\Pavel Fucik\AppData\Roaming\Seznam.cz\szninstall.exe
C:\Users\Pavel Fucik\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\WINDOWS\SysWOW64\ctfmon.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Pavel Fucik\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Bing Bar Helper - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [BitTorrent] "C:\Users\Pavel Fucik\AppData\Roaming\BitTorrent\BitTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [Lync] "C:\Program Files\Microsoft Office 15\root\office15\lync.exe" /fromrunkey
O4 - HKCU\..\Run: [Bloody2] "C:\Program Files (x86)\Bloody5\Bloody5\Bloody5.exe" Minimum
O4 - HKCU\..\Run: [MMServerListAutoUpdater] C:\Program Files (x86)\Sierra\SWAT 4\Content\System\MMServerListAutoUpdater.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Pavel Fucik\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Pavel Fucik\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [CMD] cmd.exe /c start http://extendedunlimited.org && exit
O4 - Startup: Dropbox.lnk = Pavel Fucik\AppData\Roaming\Dropbox\bin\Dropbox.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{40659A4F-4221-443F-BC58-676F176A0B7A}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CS1\Services\Tcpip\..\{40659A4F-4221-443F-BC58-676F176A0B7A}: NameServer = 8.8.8.8,8.8.4.4
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\Skype4COM.dll
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11705 bytes

[Reklama]

[memphisto]

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranìní historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit doèasné soubory Windows, vysypat koš atd.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po probìhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Stáhni AdwCleaner
Ulož si ho na svojí plochu
Ukonči všechny programy, okna a prohlížeče
Spusť program poklepáním a klikni na „Search“
Po skenu se objeví log (jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

[Nutrix]

# AdwCleaner v3.309 - Report created 10/09/2014 at 12:13:33
# Updated 02/09/2014 by Xplode
# Operating System : Windows 8.1 Pro (64 bits)
# Username : Pavel Fučik - PAVEL
# Running from : C:\Users\Pavel Fucik\Downloads\adwcleaner_3.309.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

File Found : C:\Users\Pavel Fucik\AppData\Roaming\Mozilla\Firefox\Profiles\nrgmks05.default-1400339372560\invalidprefs.js
File Found : C:\Users\Pavel Fucik\AppData\Roaming\Mozilla\Firefox\Profiles\nrgmks05.default-1400339372560\invalidprefs.js
File Found : C:\Users\Pavel Fucik\AppData\Roaming\Mozilla\Firefox\Profiles\nrgmks05.default-1400339372560\invalidprefs.js
File Found : C:\Users\Pavel Fucik\AppData\Roaming\Mozilla\Firefox\Profiles\nrgmks05.default-1400339372560\invalidprefs.js
File Found : C:\Users\Pavel Fucik\AppData\Roaming\Mozilla\Firefox\Profiles\nrgmks05.default-1400339372560\invalidprefs.js
File Found : C:\Users\Pavel Fucik\AppData\Roaming\Mozilla\Firefox\Profiles\nrgmks05.default-1400339372560\invalidprefs.js
File Found : C:\Users\Pavel Fucik\AppData\Roaming\Mozilla\Firefox\Profiles\nrgmks05.default-1400339372560\invalidprefs.js
File Found : C:\Users\Pavel Fucik\AppData\Roaming\Mozilla\Firefox\Profiles\nrgmks05.default-1400339372560\invalidprefs.js
File Found : C:\Users\Pavel Fucik\AppData\Roaming\Mozilla\Firefox\Profiles\nrgmks05.default-1400339372560\invalidprefs.js
File Found : C:\Users\Pavel Fucik\AppData\Roaming\Mozilla\Firefox\Profiles\nrgmks05.default-1400339372560\invalidprefs.js
File Found : C:\Users\Pavel Fucik\AppData\Roaming\Mozilla\Firefox\Profiles\nrgmks05.default-1400339372560\invalidprefs.js
File Found : C:\Users\Pavel Fucik\AppData\Roaming\Mozilla\Firefox\Profiles\nrgmks05.default-1400339372560\invalidprefs.js
File Found : C:\Users\Pavel Fucik\AppData\Roaming\Mozilla\Firefox\Profiles\nrgmks05.default-1400339372560\invalidprefs.js
File Found : C:\Users\Pavel Fucik\AppData\Roaming\Mozilla\Firefox\Profiles\nrgmks05.default-1400339372560\invalidprefs.js
File Found : C:\Users\Pavel Fucik\AppData\Roaming\Mozilla\Firefox\Profiles\nrgmks05.default-1400339372560\invalidprefs.js
File Found : C:\Users\Pavel Fucik\AppData\Roaming\Mozilla\Firefox\Profiles\nrgmks05.default-1400339372560\invalidprefs.js
File Found : C:\Users\Pavel Fucik\AppData\Roaming\Mozilla\Firefox\Profiles\nrgmks05.default-1400339372560\invalidprefs.js
File Found : C:\Users\Pavel Fucik\AppData\Roaming\Mozilla\Firefox\Profiles\nrgmks05.default-1400339372560\invalidprefs.js
File Found : C:\Users\Pavel Fucik\AppData\Roaming\Mozilla\Firefox\Profiles\nrgmks05.default-1400339372560\invalidprefs.js
File Found : C:\Users\Pavel Fucik\AppData\Roaming\Mozilla\Firefox\Profiles\nrgmks05.default-1400339372560\invalidprefs.js
File Found : C:\Users\Pavel Fucik\AppData\Roaming\Mozilla\Firefox\Profiles\nrgmks05.default-1400339372560\invalidprefs.js
File Found : C:\Users\Pavel Fucik\AppData\Roaming\Mozilla\Firefox\Profiles\nrgmks05.default-1400339372560\invalidprefs.js
File Found : C:\Users\Pavel Fucik\AppData\Roaming\Mozilla\Firefox\Profiles\nrgmks05.default-1400339372560\invalidprefs.js
File Found : C:\Users\Pavel Fucik\AppData\Roaming\Mozilla\Firefox\Profiles\nrgmks05.default-1400339372560\invalidprefs.js
File Found : C:\Users\Pavel Fucik\AppData\Roaming\Mozilla\Firefox\Profiles\nrgmks05.default-1400339372560\invalidprefs.js
File Found : C:\Users\Pavel Fucik\AppData\Roaming\Mozilla\Firefox\Profiles\nrgmks05.default-1400339372560\invalidprefs.js
File Found : C:\Users\Pavel Fucik\AppData\Roaming\Mozilla\Firefox\Profiles\nrgmks05.default-1400339372560\invalidprefs.js
File Found : C:\Users\Pavel Fucik\AppData\Roaming\Mozilla\Firefox\Profiles\nrgmks05.default-1400339372560\invalidprefs.js

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17278


-\\ Mozilla Firefox v29.0.1 (cs)

[ File : C:\Users\Pavel Fucik\AppData\Roaming\Mozilla\Firefox\Profiles\nrgmks05.default-1400339372560\prefs.js ]


[ File : C:\Users\Pavel Fucik\AppData\Roaming\Mozilla\Firefox\Profiles\nrgmks05.default-1400339372560\prefs.js ]


[ File : C:\Users\Pavel Fucik\AppData\Roaming\Mozilla\Firefox\Profiles\nrgmks05.default-1400339372560\prefs.js ]


[ File : C:\Users\Pavel Fucik\AppData\Roaming\Mozilla\Firefox\Profiles\nrgmks05.default-1400339372560\prefs.js ]


[ File : C:\Users\Pavel Fucik\AppData\Roaming\Mozilla\Firefox\Profiles\nrgmks05.default-1400339372560\prefs.js ]


[ File : C:\Users\Pavel Fucik\AppData\Roaming\Mozilla\Firefox\Profiles\nrgmks05.default-1400339372560\prefs.js ]


[ File : C:\Users\Pavel Fucik\AppData\Roaming\Mozilla\Firefox\Profiles\nrgmks05.default-1400339372560\prefs.js ]


[ File : C:\Users\Pavel Fucik\AppData\Roaming\Mozilla\Firefox\Profiles\nrgmks05.default-1400339372560\prefs.js ]


[ File : C:\Users\Pavel Fucik\AppData\Roaming\Mozilla\Firefox\Profiles\nrgmks05.default-1400339372560\prefs.js ]


[ File : C:\Users\Pavel Fucik\AppData\Roaming\Mozilla\Firefox\Profiles\nrgmks05.default-1400339372560\prefs.js ]


[ File : C:\Users\Pavel Fucik\AppData\Roaming\Mozilla\Firefox\Profiles\nrgmks05.default-1400339372560\prefs.js ]


[ File : C:\Users\Pavel Fucik\AppData\Roaming\Mozilla\Firefox\Profiles\nrgmks05.default-1400339372560\prefs.js ]


[ File : C:\Users\Pavel Fucik\AppData\Roaming\Mozilla\Firefox\Profiles\nrgmks05.default-1400339372560\prefs.js ]


[ File : C:\Users\Pavel Fucik\AppData\Roaming\Mozilla\Firefox\Profiles\nrgmks05.default-1400339372560\prefs.js ]


[ File : C:\Users\Pavel Fucik\AppData\Roaming\Mozilla\Firefox\Profiles\nrgmks05.default-1400339372560\prefs.js ]


[ File : C:\Users\Pavel Fucik\AppData\Roaming\Mozilla\Firefox\Profiles\nrgmks05.default-1400339372560\prefs.js ]


[ File : C:\Users\Pavel Fucik\AppData\Roaming\Mozilla\Firefox\Profiles\nrgmks05.default-1400339372560\prefs.js ]


[ File : C:\Users\Pavel Fucik\AppData\Roaming\Mozilla\Firefox\Profiles\nrgmks05.default-1400339372560\prefs.js ]


[ File : C:\Users\Pavel Fucik\AppData\Roaming\Mozilla\Firefox\Profiles\nrgmks05.default-1400339372560\prefs.js ]


[ File : C:\Users\Pavel Fucik\AppData\Roaming\Mozilla\Firefox\Profiles\nrgmks05.default-1400339372560\prefs.js ]


[ File : C:\Users\Pavel Fucik\AppData\Roaming\Mozilla\Firefox\Profiles\nrgmks05.default-1400339372560\prefs.js ]


[ File : C:\Users\Pavel Fucik\AppData\Roaming\Mozilla\Firefox\Profiles\nrgmks05.default-1400339372560\prefs.js ]


[ File : C:\Users\Pavel Fucik\AppData\Roaming\Mozilla\Firefox\Profiles\nrgmks05.default-1400339372560\prefs.js ]


[ File : C:\Users\Pavel Fucik\AppData\Roaming\Mozilla\Firefox\Profiles\nrgmks05.default-1400339372560\prefs.js ]


[ File : C:\Users\Pavel Fucik\AppData\Roaming\Mozilla\Firefox\Profiles\nrgmks05.default-1400339372560\prefs.js ]


[ File : C:\Users\Pavel Fucik\AppData\Roaming\Mozilla\Firefox\Profiles\nrgmks05.default-1400339372560\prefs.js ]


[ File : C:\Users\Pavel Fucik\AppData\Roaming\Mozilla\Firefox\Profiles\nrgmks05.default-1400339372560\prefs.js ]


[ File : C:\Users\Pavel Fucik\AppData\Roaming\Mozilla\Firefox\Profiles\nrgmks05.default-1400339372560\prefs.js ]


-\\ Google Chrome v37.0.2062.120

[ File : C:\Users\Pavel Fucik\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Users\Pavel Fucik\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Users\Pavel Fucik\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Users\Pavel Fucik\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Users\Pavel Fucik\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Users\Pavel Fucik\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Users\Pavel Fucik\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Users\Pavel Fucik\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Users\Pavel Fucik\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Users\Pavel Fucik\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Users\Pavel Fucik\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Users\Pavel Fucik\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Users\Pavel Fucik\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Users\Pavel Fucik\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Users\Pavel Fucik\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Users\Pavel Fucik\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Users\Pavel Fucik\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Users\Pavel Fucik\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Users\Pavel Fucik\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Users\Pavel Fucik\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Users\Pavel Fucik\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Users\Pavel Fucik\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Users\Pavel Fucik\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Users\Pavel Fucik\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Users\Pavel Fucik\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Users\Pavel Fucik\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Users\Pavel Fucik\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R3].txt - [9916 octets] - [10/09/2014 12:13:33]

########## EOF - C:\AdwCleaner\AdwCleaner[R3].txt - [9976 octets] ##########

[Nutrix]

Malware nic nenašlo

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 10. 9. 2014
Čas skenování: 12:12:32
Protokol: mbam.txt
Správce: Ano

Verze: 2.00.2.1012
Databáze malwaru: v2014.09.10.04
Databáze rootkitů: v2014.08.21.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Self-protection: Vypnuto

OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: Pavel FuÄ?ik

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 366161
Uplynulý čas: 12 min, 41 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristics: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(No malicious items detected)

Moduly: 0
(No malicious items detected)

Klíče registru: 0
(No malicious items detected)

Hodnoty registru: 0
(No malicious items detected)

Data registru: 0
(No malicious items detected)

Složky: 0
(No malicious items detected)

Soubory: 0
(No malicious items detected)

Fyzické sektory: 0
(No malicious items detected)


(end)

[memphisto]

V adw nech vše smazat a dodej log po smazání

Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

Stáhni si Junkware Removal Tool

na svojí plochu.
Deaktivuj si svůj antivirový program.
Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

[Nutrix]

# AdwCleaner v3.309 - Report created 10/09/2014 at 16:43:27
# Updated 02/09/2014 by Xplode
# Operating System : Windows 8.1 Pro (64 bits)
# Username : Pavel Fučik - PAVEL
# Running from : C:\Users\Pavel Fucik\Downloads\adwcleaner_3.309.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

File Deleted : C:\Users\Pavel Fucik\AppData\Roaming\Mozilla\Firefox\Profiles\nrgmks05.default-1400339372560\invalidprefs.js

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17278


-\\ Mozilla Firefox v32.0 (x86 cs)

[ File : C:\Users\Pavel Fucik\AppData\Roaming\Mozilla\Firefox\Profiles\nrgmks05.default-1400339372560\prefs.js ]


[ File : C:\Users\Pavel Fucik\AppData\Roaming\Mozilla\Firefox\Profiles\nrgmks05.default-1400339372560\prefs.js ]


[ File : C:\Users\Pavel Fucik\AppData\Roaming\Mozilla\Firefox\Profiles\nrgmks05.default-1400339372560\prefs.js ]


[ File : C:\Users\Pavel Fucik\AppData\Roaming\Mozilla\Firefox\Profiles\nrgmks05.default-1400339372560\prefs.js ]


[ File : C:\Users\Pavel Fucik\AppData\Roaming\Mozilla\Firefox\Profiles\nrgmks05.default-1400339372560\prefs.js ]


[ File : C:\Users\Pavel Fucik\AppData\Roaming\Mozilla\Firefox\Profiles\nrgmks05.default-1400339372560\prefs.js ]


[ File : C:\Users\Pavel Fucik\AppData\Roaming\Mozilla\Firefox\Profiles\nrgmks05.default-1400339372560\prefs.js ]


[ File : C:\Users\Pavel Fucik\AppData\Roaming\Mozilla\Firefox\Profiles\nrgmks05.default-1400339372560\prefs.js ]


[ File : C:\Users\Pavel Fucik\AppData\Roaming\Mozilla\Firefox\Profiles\nrgmks05.default-1400339372560\prefs.js ]


[ File : C:\Users\Pavel Fucik\AppData\Roaming\Mozilla\Firefox\Profiles\nrgmks05.default-1400339372560\prefs.js ]


[ File : C:\Users\Pavel Fucik\AppData\Roaming\Mozilla\Firefox\Profiles\nrgmks05.default-1400339372560\prefs.js ]


[ File : C:\Users\Pavel Fucik\AppData\Roaming\Mozilla\Firefox\Profiles\nrgmks05.default-1400339372560\prefs.js ]


[ File : C:\Users\Pavel Fucik\AppData\Roaming\Mozilla\Firefox\Profiles\nrgmks05.default-1400339372560\prefs.js ]


[ File : C:\Users\Pavel Fucik\AppData\Roaming\Mozilla\Firefox\Profiles\nrgmks05.default-1400339372560\prefs.js ]


[ File : C:\Users\Pavel Fucik\AppData\Roaming\Mozilla\Firefox\Profiles\nrgmks05.default-1400339372560\prefs.js ]


[ File : C:\Users\Pavel Fucik\AppData\Roaming\Mozilla\Firefox\Profiles\nrgmks05.default-1400339372560\prefs.js ]


[ File : C:\Users\Pavel Fucik\AppData\Roaming\Mozilla\Firefox\Profiles\nrgmks05.default-1400339372560\prefs.js ]


[ File : C:\Users\Pavel Fucik\AppData\Roaming\Mozilla\Firefox\Profiles\nrgmks05.default-1400339372560\prefs.js ]


[ File : C:\Users\Pavel Fucik\AppData\Roaming\Mozilla\Firefox\Profiles\nrgmks05.default-1400339372560\prefs.js ]


[ File : C:\Users\Pavel Fucik\AppData\Roaming\Mozilla\Firefox\Profiles\nrgmks05.default-1400339372560\prefs.js ]


[ File : C:\Users\Pavel Fucik\AppData\Roaming\Mozilla\Firefox\Profiles\nrgmks05.default-1400339372560\prefs.js ]


[ File : C:\Users\Pavel Fucik\AppData\Roaming\Mozilla\Firefox\Profiles\nrgmks05.default-1400339372560\prefs.js ]


[ File : C:\Users\Pavel Fucik\AppData\Roaming\Mozilla\Firefox\Profiles\nrgmks05.default-1400339372560\prefs.js ]


[ File : C:\Users\Pavel Fucik\AppData\Roaming\Mozilla\Firefox\Profiles\nrgmks05.default-1400339372560\prefs.js ]


[ File : C:\Users\Pavel Fucik\AppData\Roaming\Mozilla\Firefox\Profiles\nrgmks05.default-1400339372560\prefs.js ]


[ File : C:\Users\Pavel Fucik\AppData\Roaming\Mozilla\Firefox\Profiles\nrgmks05.default-1400339372560\prefs.js ]


[ File : C:\Users\Pavel Fucik\AppData\Roaming\Mozilla\Firefox\Profiles\nrgmks05.default-1400339372560\prefs.js ]


[ File : C:\Users\Pavel Fucik\AppData\Roaming\Mozilla\Firefox\Profiles\nrgmks05.default-1400339372560\prefs.js ]


-\\ Google Chrome v37.0.2062.120

[ File : C:\Users\Pavel Fucik\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Users\Pavel Fucik\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Users\Pavel Fucik\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Users\Pavel Fucik\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Users\Pavel Fucik\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Users\Pavel Fucik\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Users\Pavel Fucik\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Users\Pavel Fucik\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Users\Pavel Fucik\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Users\Pavel Fucik\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Users\Pavel Fucik\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Users\Pavel Fucik\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Users\Pavel Fucik\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Users\Pavel Fucik\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Users\Pavel Fucik\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Users\Pavel Fucik\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Users\Pavel Fucik\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Users\Pavel Fucik\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Users\Pavel Fucik\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Users\Pavel Fucik\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Users\Pavel Fucik\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Users\Pavel Fucik\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Users\Pavel Fucik\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Users\Pavel Fucik\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Users\Pavel Fucik\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Users\Pavel Fucik\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Users\Pavel Fucik\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R3].txt - [10056 octets] - [10/09/2014 12:16:06]
AdwCleaner[R4].txt - [10120 octets] - [10/09/2014 16:43:09]
AdwCleaner[S2].txt - [6722 octets] - [10/09/2014 16:43:27]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [6782 octets] ##########

[Nutrix]

RogueKiller V9.2.10.0 (x64) [Jul 11 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 8.1 (6.3.9200 ) 64 bits version
Spuštěno v : Normální režim
Uživatel : Pavel Fučik [Práva správce]
Mód : Kontrola -- Datum : 09/10/2014 16:56:21

¤¤¤ Škodlivé procesy: : 4 ¤¤¤
[Suspicious.Path] szninstall.exe -- C:\Users\Pavel Fucik\AppData\Roaming\Seznam.cz\szninstall.exe[7] -> SMAZÁNO [TermProc]
[Suspicious.Path] szndesktop.exe -- C:\Users\Pavel Fucik\AppData\Roaming\Seznam.cz\bin\szndesktop.exe[7] -> SMAZÁNO [TermProc]
[Suspicious.Path] listicka-x64.exe -- C:\Users\Pavel Fucik\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe[7] -> SMAZÁNO [TermThr]
[Suspicious.Path] explorer.exe -- C:\Users\Pavel Fucik\AppData\Roaming\Seznam.cz\bin\14034libfoxloader-x64.dll[-] -> ODEBRÁNO

¤¤¤ ¤¤¤ Záznamy Registrů: : 10 ¤¤¤
[Suspicious.Path] (X64) HKEY_USERS\S-1-5-21-1757082252-1188810969-1256951622-1001\Software\Microsoft\Windows\CurrentVersion\Run | cz.seznam.software.autoupdate : "C:\Users\Pavel Fucik\AppData\Roaming\Seznam.cz\szninstall.exe" -c -> NALEZENO
[Suspicious.Path] (X64) HKEY_USERS\S-1-5-21-1757082252-1188810969-1256951622-1001\Software\Microsoft\Windows\CurrentVersion\Run | cz.seznam.software.szndesktop : "C:\Users\Pavel Fucik\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q -> NALEZENO
[Suspicious.Path] (X86) HKEY_USERS\S-1-5-21-1757082252-1188810969-1256951622-1001\Software\Microsoft\Windows\CurrentVersion\Run | cz.seznam.software.autoupdate : "C:\Users\Pavel Fucik\AppData\Roaming\Seznam.cz\szninstall.exe" -c -> NALEZENO
[Suspicious.Path] (X86) HKEY_USERS\S-1-5-21-1757082252-1188810969-1256951622-1001\Software\Microsoft\Windows\CurrentVersion\Run | cz.seznam.software.szndesktop : "C:\Users\Pavel Fucik\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q -> NALEZENO
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\xhunter1 (\??\C:\WINDOWS\xhunter1.sys) -> NALEZENO
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\xhunter1 (\??\C:\WINDOWS\xhunter1.sys) -> NALEZENO
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> NALEZENO
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> NALEZENO
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> NALEZENO
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> NALEZENO

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 3 ¤¤¤
[C:\WINDOWS\System32\drivers\etc\hosts] 127.0.0.1 is360.iobit.com
[C:\WINDOWS\System32\drivers\etc\hosts] 127.0.0.1 bandicam.com
[C:\WINDOWS\System32\drivers\etc\hosts] 127.0.0.1 ssl.bandisoft.com

¤¤¤ Antirootkit : 1 (Driver: NAHRÁNO) ¤¤¤
[Filter(Kernel.Filter)] \Driver\atapi @ Unknown : \Driver\cdrom @ \Device\CdRom0 (\SystemRoot\System32\Drivers\Wof.sys)

¤¤¤ Webové prohlížeče : 1 ¤¤¤
[PUM.HomePage][FIREFX:Config] nrgmks05.default-1400339372560 : user_pref("browser.startup.homepage", "www.seznam.cz"); -> NALEZENO

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: Hitachi HDS721050CLA362 ATA Device +++++
--- User ---
[MBR] 2dcb8975b0882dbf88cd158402b72ccc
[BSP] a19d4ef0b94de318154667423826ea97 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 350 MB
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 718848 | Size: 476586 MB
User = LL1 ... OK
User = LL2 ... OK

[Nutrix]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 8.1 Pro x64
Ran by Pavel Fuźik on st 10. 09. 2014 at 16:58:24,99
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\\Software\Microsoft\Internet Explorer\Main\\Start Page



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{C0E9DACB-F819-4CE4-8A9B-7A1F0C940460}



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\Pavel Fucik\AppData\Roaming\mozilla\firefox\profiles\nrgmks05.default-1400339372560\minidumps [1 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on st 10. 09. 2014 at 17:02:05,47
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[jaro3]

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB nebo externí disky z počítače před spuštěním tohoto programu.
Spusť znovu RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Pak klikni na "Prohledat " ,po jeho skončení:


- V záložkách (Registry , Tasks , Web Browser apod.) vše zatrhni (dej zatržítka)

- Klikni na "Smazat"
- Počkej, dokud Status box nezobrazí " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

Stáhni
Zoek.exe

a uloz si ho na plochu.
Zavři všechny ostatní programy , okna i prohlížeče.
Spusť Zoek.exe ( u win vista , win7, 8 klikni na něj pravým a vyber : „Spustit jako správce“
- pozor , náběh programu může trvat déle.

Do okna programu vlož skript níže:

Kód: Vybrat vše

autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts;

klikni na Run Script
Program provede sken , opravu, sken i oprava může trvat i více minut ,je třeba posečkat do konce. Do okna neklikej!
Program nabídne restart , potvrď .

Po restartu se může nějaký čas ukázat pouze černá plocha , to je normální. Je třeba počkat až se vytvoří log. Ten si můžeš uložit třeba do dokumentů , jinak se sám ukládá do:
C:\zoek-results.log
Zkopíruj sem celý obsah toho logu.

[Nutrix]

RogueKiller V9.2.10.0 (x64) [Jul 11 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 8.1 (6.3.9200 ) 64 bits version
Spuštěno v : Normální režim
Uživatel : Pavel Fučik [Práva správce]
Mód : Odebrat -- Datum : 09/10/2014 21:44:51

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 14 ¤¤¤
[Suspicious.Path] (X64) HKEY_USERS\S-1-5-21-1757082252-1188810969-1256951622-1001\Software\Microsoft\Windows\CurrentVersion\Run | cz.seznam.software.autoupdate : "C:\Users\Pavel Fucik\AppData\Roaming\Seznam.cz\szninstall.exe" -c [x] -> VYMAZÁNO
[Suspicious.Path] (X64) HKEY_USERS\S-1-5-21-1757082252-1188810969-1256951622-1001\Software\Microsoft\Windows\CurrentVersion\Run | cz.seznam.software.szndesktop : "C:\Users\Pavel Fucik\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q [x] -> VYMAZÁNO
[Suspicious.Path] (X86) HKEY_USERS\S-1-5-21-1757082252-1188810969-1256951622-1001\Software\Microsoft\Windows\CurrentVersion\Run | cz.seznam.software.autoupdate : "C:\Users\Pavel Fucik\AppData\Roaming\Seznam.cz\szninstall.exe" -c -> ERROR [2]
[Suspicious.Path] (X86) HKEY_USERS\S-1-5-21-1757082252-1188810969-1256951622-1001\Software\Microsoft\Windows\CurrentVersion\Run | cz.seznam.software.szndesktop : "C:\Users\Pavel Fucik\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q -> ERROR [2]
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\xhunter1 () -> VYMAZÁNO
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\xhunter1 () -> VYMAZÁNO
[PUM.Policies] (X64) HKEY_USERS\S-1-5-21-1757082252-1188810969-1256951622-1001\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> VYMAZÁNO
[PUM.Policies] (X64) HKEY_USERS\S-1-5-21-1757082252-1188810969-1256951622-1001\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableTaskMgr : 0 -> VYMAZÁNO
[PUM.Policies] (X86) HKEY_USERS\S-1-5-21-1757082252-1188810969-1256951622-1001\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> ERROR [2]
[PUM.Policies] (X86) HKEY_USERS\S-1-5-21-1757082252-1188810969-1256951622-1001\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableTaskMgr : 0 -> ERROR [2]
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> NAHRAZENO (0)
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> NAHRAZENO (0)
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> NAHRAZENO (0)
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> NAHRAZENO (0)

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 3 ¤¤¤
[C:\WINDOWS\System32\drivers\etc\hosts] 127.0.0.1 is360.iobit.com -> VYMAZÁNO
[C:\WINDOWS\System32\drivers\etc\hosts] 127.0.0.1 bandicam.com -> VYMAZÁNO
[C:\WINDOWS\System32\drivers\etc\hosts] 127.0.0.1 ssl.bandisoft.com -> VYMAZÁNO

¤¤¤ Antirootkit : 1 (Driver: NAHRÁNO) ¤¤¤
[Filter(Kernel.Filter)] \Driver\atapi @ Unknown : \Driver\cdrom @ \Device\CdRom0 (\SystemRoot\System32\Drivers\Wof.sys)

¤¤¤ Webové prohlížeče : 15 ¤¤¤
[IE:Addon] System : Bing Bar [{eec0f710-38b5-4aba-99bf-ec87564a4e13}] -> VYMAZÁNO
[FIREFX:Addon] nrgmks05.default-1400339372560 : Seznam lištička [{ea614400-e918-4741-9a97-7a972ff7c30b}] -> VYMAZÁNO
[FIREFX:Addon] nrgmks05.default-1400339372560 : Adblock Plus [{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}] -> VYMAZÁNO
[FIREFX:Addon] nrgmks05.default-1400339372560 : Mozilla Firefox hotfix [firefox-hotfix@mozilla.org] -> VYMAZÁNO
[FIREFX:Addon] nrgmks05.default-1400339372560 : Skype Click to Call [{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}] -> VYMAZÁNO
[PUM.HomePage][FIREFX:Config] nrgmks05.default-1400339372560 : user_pref("browser.startup.homepage", "www.seznam.cz"); -> NAHRAZENO (about:home)
[CHROME:Addon] Default : Google Slides [aapocclcgogkmnckokdopfmhonfmgoek] -> VYMAZÁNO
[CHROME:Addon] Default : Google Docs [aohghmighlieiainnegkcijnfilokake] -> ERROR [2]
[CHROME:Addon] Default : Google Drive [apdfllckaahabafndbhieahigkjlhalf] -> ERROR [2]
[CHROME:Addon] Default : YouTube [blpcfgokakmgnkcojhhkbfbldkacnbeo] -> ERROR [2]
[CHROME:Addon] Default : Google Search [coobgpohoikkiipiblmjeljniedjpjpf] -> ERROR [2]
[CHROME:Addon] Default : Google Sheets [felcaaldnbdncclmgdcncolpebgiejap] -> ERROR [2]
[CHROME:Addon] Default : AdBlock [gighmmpiobklfepjocnamgkkbiglidom] -> ERROR [2]
[CHROME:Addon] Default : Google Wallet [nmmhkkegccagdldgiimedpiccmgmieda] -> ERROR [2]
[CHROME:Addon] Default : Gmail [pjkljhegncpnkpknbcohdijeoejaedia] -> ERROR [2]

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: Hitachi HDS721050CLA362 ATA Device +++++
--- User ---
[MBR] 2dcb8975b0882dbf88cd158402b72ccc
[BSP] a19d4ef0b94de318154667423826ea97 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 350 MB
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 718848 | Size: 476586 MB
User = LL1 ... OK
User = LL2 ... OK


============================================
RKreport_SCN_09102014_165621.log - RKreport_SCN_09102014_214115.log

[Nutrix]

Zoek.exe v5.0.0.0 Updated 10-September-2014
Tool run by Pavel Fuźik on st 10. 09. 2014 at 22:01:13,56.
Microsoft Windows 8.1 Pro 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Pavel Fucik\Desktop\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2014-09-10-195836.log 14346 bytes

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\PAVELF~1\AppData\Roaming\Mozilla\Firefox\Profiles\7juqj2a5.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

Added to C:\Users\PAVELF~1\AppData\Roaming\Mozilla\Firefox\Profiles\7juqj2a5.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Users\PAVELF~1\AppData\Roaming\Mozilla\Firefox\Profiles\nrgmks05.default-1400339372560\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.useDBForOrder", true);

Added to C:\Users\PAVELF~1\AppData\Roaming\Mozilla\Firefox\Profiles\nrgmks05.default-1400339372560\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Users\PAVELF~1\AppData\Roaming\Mozilla\Firefox\Profiles\pbmw5vl2.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

Added to C:\Users\PAVELF~1\AppData\Roaming\Mozilla\Firefox\Profiles\pbmw5vl2.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

==== Firefox Extensions ======================

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
- Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\Pavel Fucik\AppData\Roaming\Mozilla\Firefox\Profiles\7juqj2a5.default
D6ED6EB98E759460AD8C66DE23070132 - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll - Microsoft Office 2013
18CF51689186AEB9D1D149AEB0E92D03 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL - Microsoft Office 2013

Profilepath: C:\Users\Pavel Fucik\AppData\Roaming\Mozilla\Firefox\Profiles\nrgmks05.default-1400339372560
DFC9460CC37E5C414DC4680B10C19E7A - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll - Shockwave Flash
D6ED6EB98E759460AD8C66DE23070132 - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll - Microsoft Office 2013
18CF51689186AEB9D1D149AEB0E92D03 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL - Microsoft Office 2013


==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[14. 07. 2014 18:22]

Yappyz - Pavel Fucik\AppData\Local\Yappyz\User Data\Default\Extensions\kjhpfcjlhjpbdpfcffaiopddnpojdpok
Yappyz - Pavel Fucik\AppData\Local\Yappyz\User Data\Default\Extensions\onjgfkedmajckgeodakihmpbgjeokfap

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{215AC033-303B-47B8-B0D7-B00D3557C7C5} Encyklopedie Seznam Url="http://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454"
{4AE0EC22-8D8D-421A-BB53-C0F77C7801D6} Seznam TV Program Url="http://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454"
{69E2BE29-D751-444C-844F-B61898551C2E} Mapy.cz Url="http://www.mapy.cz/?query={searchTerms}&sourceid=QuickSearch_12454"
{7D5AC4D3-8DAB-4199-B6F9-B87266C1D21E} Firmy.cz Url="http://www.firmy.cz/?q={searchTerms}&sourceid=QuickSearch_12454"
{9CAE7298-8FC4-4C1F-86B7-DDD549A89E25} Novinky.cz Url="http://www.novinky.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454"
{9E52D373-DB65-407E-BF25-7436BA1C6AB9} Zbo§ˇ.cz Url="http://www.zbozi.cz/?q={searchTerms}&r=campmoz&sourceid=QuickSearch_12454"
{B57C84CF-86DC-4CEC-BFB4-33AD76AB711A} Slovnˇk EN/CZ Url="http://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454"
{C45D0597-3C8E-434A-ABBE-1BA15857D56A} Slovnˇk CZ/EN Url="http://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454"

==== Reset Google Chrome ======================

Nothing found to reset

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Pavel Fucik\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Pavel Fucik\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Pavel Fucik\AppData\Local\Mozilla\Firefox\Profiles\7juqj2a5.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Pavel Fucik\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully
C:\Users\Pavel Fucik\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\Pavel Fucik\AppData\Local\Yappyz\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=221 folders=80 35408623 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Pavel Fucik\AppData\Local\Temp will be emptied at reboot
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\PAVELF~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted
"C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted

==== EOF on st 10. 09. 2014 at 22:13:14,29 ======================

[Orcus]

Stáhni si TDSSKiller

Na svojí plochu. Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.

Pokud se log nevejde do jedné zprávy, rozděl jej na více částí.