PC-HELP.CZ

Hezký den,

mohli byste mi, prosím, provést kontrolu logu z HjT? Před nějakou dobou jsem začala mít problémy s Mozillou, kdy mi vždy po několika minutách začala okna prohlížeče "padat" a PC sekat. Z tohoto důvodu jsem přešla na Chrome, kde mám pro změnu problémy s videy, která se zasekávají, třebaže je video už naloadované.

Díky za pomoc.

Adéla

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:25:03, on 9.1.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17496)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Users\Aduš\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Webteh\BSplayer\bsplayer.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_246.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_246.exe
C:\Users\Aduš\Downloads\Desktop\Programy\HijackThis.exe
C:\Windows\SysWOW64\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga?type=hppppppppppppp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omigaweb/?type=dspp&q={searchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omigaweb/?type=dspp&q={searchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga?type=hppppppppppppp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga?type=hppppppppppppp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type ... H9L93CX&q={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga?type=hppppppppppppp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://isearch.omiga-plus.com/web/?type ... H9L93CX&q={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://isearch.omiga-plus.com/web/?type ... H9L93CX&q={searchTerms}
R3 - URLSearchHook: BS Player ControlBar B Toolbar - {31264a33-a653-46c4-af49-1232c59a7da5} - C:\Users\Aduš\AppData\LocalLow\BS_Player_ControlBar_B\prxtbBS_P.dll
O2 - BHO: BS Player ControlBar B - {31264a33-a653-46c4-af49-1232c59a7da5} - C:\Users\Aduš\AppData\LocalLow\BS_Player_ControlBar_B\prxtbBS_P.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O3 - Toolbar: BS Player ControlBar B Toolbar - {31264a33-a653-46c4-af49-1232c59a7da5} - C:\Users\Aduš\AppData\LocalLow\BS_Player_ControlBar_B\prxtbBS_P.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKCU\..\Run: [Sony PC Companion] "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Spotify] "C:\Users\Aduš\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Aduš\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_15_0_0_246_Plugin.exe -update plugin
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: DisplayLinkManager (DisplayLinkService) - DisplayLink Corp. - C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: IHProtect Service - TODO: <Company name> - C:\Program Files (x86)\STab\ProtectService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Toolbar Service (TBSrv) - ClientConnect Ltd. - C:\Program Files (x86)\Tbccint\ToolbarService\ToolbarService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WindowsMangerProtect Service (WindowsMangerProtect) - Fuyu LIMITED - C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10251 bytes

Stáhni a spusť AdwCleaner. Všechno co najde dej smazat.

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.


Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Stáhni AdwCleaner (by Xplode)
http://www.bleepingcomputer.com/download/adwcleaner/

Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

Stáhni si Malwarebytes' Anti-Malware
- Při instalaci odeber zatržítko u „Povolit bezplatnou zkušební verzi Malwarebytes' Anti-Malware Premium“
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a klikni na Skenovat nyní a
- po proběhnutí programu se ti objeví hláška vpravo dole tak klikni na b] Kopírovat do schránky [/b]a a vlož sem celý log.

- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).

Pokud budou problémy , spusť v nouz. režimu.

# AdwCleaner v3.302 - Report created 10/01/2015 at 03:03:21
# Updated 30/07/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : Aduš - ADUŠ-PC
# Running from : C:\Users\Aduš\Downloads\Desktop\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****

Service Found : TBSrv
Service Found : {45f53f5d-5052-4d06-bda8-a4383a454e96}Gw64

***** [ Files / Folders ] *****

File Found : C:\Users\Aduš\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.buenosearch.com_0.localstorage-journal
File Found : C:\Users\Aduš\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
File Found : C:\Users\Aduš\AppData\Roaming\Mozilla\Firefox\Profiles\75ca2718.default\user.js
File Found : C:\Windows\System32\drivers\{45f53f5d-5052-4d06-bda8-a4383a454e96}Gw64.sys
Folder Found : C:\Program Files (x86)\Tbccint
Folder Found : C:\ProgramData\Tbccint
Folder Found : C:\ProgramData\WindowsMangerProtect
Folder Found : C:\Users\Aduš\AppData\Local\cool_mirage
Folder Found : C:\Users\Aduš\AppData\Local\Tbccint
Folder Found : C:\Users\Aduš\AppData\LocalLow\Tbccint

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****

Shortcut Found : C:\Users\Public\Desktop\Google Chrome.lnk ( hxxp://isearch.omiga-plus.com/?type=sc& ... 93CH9L93CX )
Shortcut Found : C:\Users\Aduš\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk ( hxxp://isearch.omiga-plus.com/?type=sc& ... 93CH9L93CX )
Shortcut Found : C:\Users\Aduš\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk ( hxxp://isearch.omiga-plus.com/?type=sc& ... 93CH9L93CX )
Shortcut Found : C:\Users\Aduš\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk ( hxxp://isearch.omiga-plus.com/?type=sc& ... 93CH9L93CX )

***** [ Registry ] *****

Data Found : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command [(Default)] - "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" hxxp://isearch.omiga-plus.com/?type=sc& ... 93CH9L93CX
Data Found : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command [(Default)] - "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" hxxp://isearch.omiga-plus.com/?type=sc& ... 93CH9L93CX
Data Found : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command [(Default)] - "C:\Program Files (x86)\Internet Explorer\iexplore.exe" hxxp://isearch.omiga-plus.com/?type=sc& ... 93CH9L93CX
Key Found : HKCU\Software\1ClickDownload
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\AppDataLow\Software\Tbccint
Key Found : HKCU\Software\AppDataLow\Software\TbccintSearchScopes
Key Found : HKCU\Software\AppDataLow\Toolbar
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Found : HKCU\Software\Tbccint
Key Found : HKCU\Software\Tbccint_HKLM
Key Found : [x64] HKCU\Software\1ClickDownload
Key Found : [x64] HKCU\Software\Conduit
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Found : [x64] HKCU\Software\Tbccint
Key Found : [x64] HKCU\Software\Tbccint_HKLM
Key Found : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Found : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3329621
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Found : HKLM\Software\Conduit
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IECT3329621
Key Found : HKLM\Software\omiga-plusSoftware
Key Found : HKLM\Software\SupDp
Key Found : HKLM\Software\supWindowsMangerProtect
Key Found : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17496

Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page] - hxxp://isearch.omigaweb/?type=dspp&q={searchTerms}
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://isearch.omiga?type=hppppppppppppp
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://isearch.omiga?type=hppppppppppppp
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://isearch.omigaweb/?type=dspp&q={searchTerms}
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://isearch.omiga?type=hppppppppppppp
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://isearch.omiga-plus.com/web/?type ... H9L93CX&q={searchTerms}
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://isearch.omiga?type=hppppppppppppp
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [CustomizeSearch] - hxxp://isearch.omiga-plus.com/web/?type ... H9L93CX&q={searchTerms}
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [SearchAssistant] - hxxp://isearch.omiga-plus.com/web/?type ... H9L93CX&q={searchTerms}
Setting Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://isearch.omiga-plus.com/web/?type ... H9L93CX&q={searchTerms}
Setting Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://isearch.omiga?type=hppppppppppppp
Setting Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://isearch.omiga?type=hppppppppppppp
Setting Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://isearch.omiga-plus.com/web/?type ... H9L93CX&q={searchTerms}

-\\ Mozilla Firefox v34.0.5 (x86 cs)

[ File : C:\Users\Aduš\AppData\Roaming\Mozilla\Firefox\Profiles\75ca2718.default\prefs.js ]

Line Found : user_pref("CT3329621.FF19Solved", "true");
Line Found : user_pref("CT3329621.UserID", "UN20877578321339632");
Line Found : user_pref("CT3329621.dum", "2");
Line Found : user_pref("CT3329621.fullUserID", "UN20877578321339632.IN.20141209225316");
Line Found : user_pref("CT3329621.installDate", "09/12/2014 22:53:20");
Line Found : user_pref("CT3329621.installSessionId", "9c426efe-aa47-4295-a643-8b0743ae128d");
Line Found : user_pref("CT3329621.installSp", "FALSE");
Line Found : user_pref("CT3329621.installerVersion", "1.11.0.11");
Line Found : user_pref("CT3329621.searchRevert", "@searchrevert@");
Line Found : user_pref("CT3329621.searchUninstallUserMode", "4");
Line Found : user_pref("CT3329621.searchUserMode", "4");
Line Found : user_pref("CT3329621.toolbarInstallDate", "09-12-2014 22:53:16");
Line Found : user_pref("CT3329621.versionFromInstaller", "10.35.0.3");
Line Found : user_pref("CT3329621.xpeMode", "1");
Line Found : user_pref("browser.startup.homepage", "hxxp://isearch.omiga?type=hppppppppppppp");
Line Found : user_pref("smartbar.machineId", "U3RPJMRAC0WP8TSLIN2CSIEMJCXE20LLYTLXH75URZS3BPHPMI1WNIAM9GJFBX5SDVEWZ3VWEC3LOQUTWFYLEW");

-\\ Google Chrome v31.0.1650.63

[ File : C:\Users\Aduš\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Found [Search Provider] : hxxp://isearch.omigaweb/?type=dspp&q={searchTerms}

*************************

AdwCleaner[R0].txt - [35851 octets] - [04/08/2014 12:42:49]
AdwCleaner[R1].txt - [35918 octets] - [04/08/2014 20:41:06]
AdwCleaner[R2].txt - [8958 octets] - [10/01/2015 03:03:21]
AdwCleaner[S0].txt - [35446 octets] - [04/08/2014 20:42:45]

########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [9079 octets] ##########

Po použití AdwCleaneru měl následovat automatický restart PC a další výpis, tentokrát s provedenými akcemi. AdwCleaner jsi asi nestahovala z mého odkazu, protože aktuální verze je AdwCleaner v4.107
Soubor s výpisem po restartu PC bude na disku C:\AdwCleaner - název souboru AdwCleaner[Sxx].txt

A Malwarebytes' Anti-Malware?

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
klikni na „Prohledat-Scan“, po prohledání klikni na „ Vymazat-Clean“

Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.

Stáhni si Junkware Removal Tool by Thisisu

na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

Stáhni si RogueKiller by Adlice Software
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 10.1.2015
Scan Time: 3:09:41
Logfile: malwarelog.txt
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2015.01.10.02
Rootkit Database: v2015.01.07.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: AduA!

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 384514
Time Elapsed: 26 min, 57 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 3
PUP.Optional.WindowsProtectManger.A, C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe, 1640, , [8a30c0355f2a6acc0a891ea57c85c13f]
PUP.Optional.ClientConnect, C:\Program Files (x86)\Tbccint\ToolbarService\ToolbarService.exe, 2060, , [407ac72ef3964de9f6f6358b46bb837d]
PUP.Optional.IHProtect.A, C:\Program Files (x86)\STab\ProtectService.exe, 472, , [3189d71e0d7c8aac37712a3e2ad99868]

Modules: 0
(No malicious items detected)

Registry Keys: 16
PUP.Optional.WindowsProtectManger.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WindowsMangerProtect, , [8a30c0355f2a6acc0a891ea57c85c13f],
PUP.Optional.ClientConnect, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TBSrv, , [407ac72ef3964de9f6f6358b46bb837d],
PUP.Optional.Conduit.A, HKU\S-1-5-21-2541502201-1689814716-1813449491-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{31264a33-a653-46c4-af49-1232c59a7da5}, , [e8d2cb2a8405dd592657c520c53d758b],
PUP.Optional.Conduit.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{31264A33-A653-46C4-AF49-1232C59A7DA5}, , [e8d2cb2a8405dd592657c520c53d758b],
PUP.Optional.Conduit.A, HKU\S-1-5-21-2541502201-1689814716-1813449491-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{31264A33-A653-46C4-AF49-1232C59A7DA5}, , [e8d2cb2a8405dd592657c520c53d758b],
PUP.Optional.Sanbreel.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\{45f53f5d-5052-4d06-bda8-a4383a454e96}Gw64, , [11a937be682145f160ea87fdab58748c],
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, , [6b4f6c896c1d7abc001e7e51e51f748c],
PUP.Optional.IHProtect.A, HKLM\SOFTWARE\WOW6432NODE\IHProtect, , [e8d252a31e6b5fd7e3c6abbd6d96c838],
PUP.Optional.ISearch.A, HKLM\SOFTWARE\WOW6432NODE\omiga-plusSoftware, , [f3c744b16e1b56e0a7d463786c98649c],
PUP.Optional.WPM.A, HKLM\SOFTWARE\WOW6432NODE\supWindowsMangerProtect, , [6d4dd3225d2c55e1a2d116cda55f946c],
PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, , [f1c9e015e2a7330373abb41b33d1629e],
PUP.Optional.IHProtect.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IHProtect Service, , [3189d71e0d7c8aac37712a3e2ad99868],
PUP.Optional.WindowsMangerProtect.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\WindowsMangerProtect, , [576363926623ea4c8deb0e6509fa46ba],
PUP.Optional.1ClickDownload.A, HKU\S-1-5-21-2541502201-1689814716-1813449491-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\1ClickDownload, , [14a604f198f12511dd01e9db17edc23e],
PUP.Optional.BSPlayerControlBar.A, HKU\S-1-5-21-2541502201-1689814716-1813449491-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\BS_Player_ControlBar_B, , [76445d983c4ddd59c99b90d9df2441bf],
PUP.Optional.Qone8, HKU\S-1-5-21-2541502201-1689814716-1813449491-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, , [befca94c038681b5130a696662a2e51b],

Registry Values: 6
PUP.Optional.Conduit.A, HKU\S-1-5-21-2541502201-1689814716-1813449491-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS|{31264A33-A653-46C4-AF49-1232C59A7DA5}, , [e8d2cb2a8405dd592657c520c53d758b],
PUP.Optional.Conduit.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{31264A33-A653-46C4-AF49-1232C59A7DA5}, BS Player ControlBar B Toolbar, , [e8d2cb2a8405dd592657c520c53d758b]
PUP.Optional.Conduit.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS|{31264A33-A653-46C4-AF49-1232C59A7DA5}, , [e8d2cb2a8405dd592657c520c53d758b],
PUP.Optional.Conduit.A, HKU\S-1-5-21-2541502201-1689814716-1813449491-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS\{31264a33-a653-46c4-af49-1232c59a7da5}, , [b307e213eb9ed85ed7a604e1ea187090],
PUP.Optional.Conduit.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\{31264a33-a653-46c4-af49-1232c59a7da5}, , [cded1bda8efbd75fd7a6de0747bb6a96],
PUP.Optional.Conduit.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS\{31264a33-a653-46c4-af49-1232c59a7da5}, , [e5d549ac4f3ac373bfbec025d42e0bf5],

Registry Data: 14
PUP.Optional.OmigaPlus.A, HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\FIREFOX.EXE\SHELL\OPEN\COMMAND, "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" http://isearch.omiga-plus.com/?type=sc& ... 93CH9L93CX, Good: (firefox.exe), Bad: ("C:\Program Files (x86)\Mozilla Firefox\firefox.exe" http://isearch.omiga-plus.com/?type=sc& ... 93CH9L93CX),,[76448174c5c42d090ba6117f828344bc]
PUP.Optional.OmigaPlus.A, HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\GOOGLE CHROME\SHELL\OPEN\COMMAND, "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" http://isearch.omiga-plus.com/?type=sc& ... 93CH9L93CX, Good: (Chrome.exe), Bad: ("C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" http://isearch.omiga-plus.com/?type=sc& ... 93CH9L93CX),,[a8127580107965d1a410b5dbfd08956b]
PUP.Optional.OmigaPlus.A, HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\IEXPLORE.EXE\SHELL\OPEN\COMMAND, "C:\Program Files (x86)\Internet Explorer\iexplore.exe" http://isearch.omiga-plus.com/?type=sc& ... 93CH9L93CX, Good: (iexplore.exe), Bad: ("C:\Program Files (x86)\Internet Explorer\iexplore.exe" http://isearch.omiga-plus.com/?type=sc& ... 93CH9L93CX),,[e2d89b5a78110036d8da1a7657aec937]
PUP.Optional.OmigaPlus.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, http://isearch.omiga-plus.com/web/?type ... H9L93CX&q={searchTerms}, Good: (www.google.com), Bad: (http://isearch.omiga-plus.com/web/?type ... H9L93CX&q={searchTerms}),,[f2c865903f4ade584b6b5f319d688080]
PUP.Optional.OmigaPlus.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, http://isearch.omiga-plus.com/web/?type ... H9L93CX&q={searchTerms}, Good: (www.google.com), Bad: (http://isearch.omiga-plus.com/web/?type ... H9L93CX&q={searchTerms}),,[f5c5e90cb7d26fc7f7c3068af90cb947]
PUP.Optional.OmigaPlus.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|CustomizeSearch, http://isearch.omiga-plus.com/web/?type ... H9L93CX&q={searchTerms}, Good: (www.google.com), Bad: (http://isearch.omiga-plus.com/web/?type ... H9L93CX&q={searchTerms}),,[f2c88471503950e63b7d6927de2708f8]
PUP.Optional.OmigaPlus.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|SearchAssistant, http://isearch.omiga-plus.com/web/?type ... H9L93CX&q={searchTerms}, Good: (www.google.com), Bad: (http://isearch.omiga-plus.com/web/?type ... H9L93CX&q={searchTerms}),,[e5d5ae4791f806303f7a5f31877e718f]
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Good: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Bad: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),,[febcad48ee9bbf77eef7c7c78a7b51af]
PUP.Optional.OmigaPlus.A, HKLM\SOFTWARE\WOW6432NODE\CLIENTS\STARTMENUINTERNET\FIREFOX.EXE\SHELL\OPEN\COMMAND, "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" http://isearch.omiga-plus.com/?type=sc& ... 93CH9L93CX, Good: (firefox.exe), Bad: ("C:\Program Files (x86)\Mozilla Firefox\firefox.exe" http://isearch.omiga-plus.com/?type=sc& ... 93CH9L93CX),,[645661945f2a9d996b46c0d0bb4aea16]
PUP.Optional.OmigaPlus.A, HKLM\SOFTWARE\WOW6432NODE\CLIENTS\STARTMENUINTERNET\GOOGLE CHROME\SHELL\OPEN\COMMAND, "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" http://isearch.omiga-plus.com/?type=sc& ... 93CH9L93CX, Good: (Chrome.exe), Bad: ("C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" http://isearch.omiga-plus.com/?type=sc& ... 93CH9L93CX),,[aa105a9bb6d3f73ff8bcaae6778e5ba5]
PUP.Optional.OmigaPlus.A, HKLM\SOFTWARE\WOW6432NODE\CLIENTS\STARTMENUINTERNET\IEXPLORE.EXE\SHELL\OPEN\COMMAND, "C:\Program Files (x86)\Internet Explorer\iexplore.exe" http://isearch.omiga-plus.com/?type=sc& ... 93CH9L93CX, Good: (iexplore.exe), Bad: ("C:\Program Files (x86)\Internet Explorer\iexplore.exe" http://isearch.omiga-plus.com/?type=sc& ... 93CH9L93CX),,[3d7de015c9c063d30aa8860a5da815eb]
PUP.Optional.OmigaPlus.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, http://isearch.omiga-plus.com/web/?type ... H9L93CX&q={searchTerms}, Good: (www.google.com), Bad: (http://isearch.omiga-plus.com/web/?type ... H9L93CX&q={searchTerms}),,[b604fafb810845f1edcddcb41ee756aa]
PUP.Optional.OmigaPlus.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCH|CustomizeSearch, http://isearch.omiga-plus.com/web/?type ... H9L93CX&q={searchTerms}, Good: (www.google.com), Bad: (http://isearch.omiga-plus.com/web/?type ... H9L93CX&q={searchTerms}),,[4b6fcc29a6e32313a90fbdd3976e4eb2]
PUP.Optional.OmigaPlus.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCH|SearchAssistant, http://isearch.omiga-plus.com/web/?type ... H9L93CX&q={searchTerms}, Good: (www.google.com), Bad: (http://isearch.omiga-plus.com/web/?type ... H9L93CX&q={searchTerms}),,[55650aeb29609e98d0e9cec244c18e72]

Folders: 6
PUP.Optional.Conduit.A, C:\Users\AduA!\AppData\LocalLow\BS_Player_ControlBar_B, , [cfeb6c89a1e8be78e6eb70d7fa097a86],
PUP.Optional.Conduit.A, C:\Users\AduA!\AppData\LocalLow\BS_Player_ControlBar_B\Logs, , [cfeb6c89a1e8be78e6eb70d7fa097a86],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect, , [1b9f6194494024120ef2b298ca3927d9],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update, , [1b9f6194494024120ef2b298ca3927d9],
PUP.Optional.IHProtectUpDate.A, C:\ProgramData\IHProtectUpDate, , [4179e70eb4d5fb3b1152ec7bf0130000],
PUP.Optional.IHProtectUpDate.A, C:\ProgramData\IHProtectUpDate\update, , [4179e70eb4d5fb3b1152ec7bf0130000],

Files: 21
PUP.Optional.WindowsProtectManger.A, C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe, , [8a30c0355f2a6acc0a891ea57c85c13f],
PUP.Optional.ClientConnect, C:\Program Files (x86)\Tbccint\ToolbarService\ToolbarService.exe, , [407ac72ef3964de9f6f6358b46bb837d],
PUP.Optional.4Shared, C:\blocem54.exe, , [c7f315e093f6f640e92cb54a25dc6c94],
PUP.Optional.ClientConnect, C:\Users\AduA!\AppData\Local\Tbccint\Community Alerts\Alert.dll, , [ad0d3abb92f7cf67db11c5fb51b02dd3],
PUP.Optional.Conduit.A, C:\Users\AduA!\AppData\Local\Tbccint\CT3329621\BS_Player_ControlBar_BAutoUpdateHelper.exe, , [e4d645b058310234eb626dd3768af808],
PUP.Optional.Conduit.A, C:\Users\AduA!\AppData\Local\Tbccint\CT3329621\BS_Player_ControlBar_BToolbarHelper.exe, , [9a2060950980e6502c21db65946c619f],
PUP.Optional.AZLyrics.A, C:\Users\AduA!\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.azlyrics.com_0.localstorage, , [2991e90c6326f34331674e1f7f8428d8],
PUP.Optional.AZLyrics.A, C:\Users\AduA!\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.azlyrics.com_0.localstorage-journal, , [4e6ca550d9b0de580494b9b4b54e05fb],
PUP.Optional.OmigaPlus.A, C:\Users\AduA!\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_isearch.omiga-plus.com_0.localstorage-journal, , [a71337be57327abcdf2ddd91ed1644bc],
PUP.Optional.Sanbreel.A, C:\Windows\System32\drivers\{45f53f5d-5052-4d06-bda8-a4383a454e96}Gw64.sys, , [11a937be682145f160ea87fdab58748c],
PUP.Optional.BuenoSearch.A, C:\Users\AduA!\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.buenosearch.com_0.localstorage-journal, , [9f1b6194b3d6c670ab6703a27d860ff1],
PUP.Optional.ISearch.A, C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\omiga-plus.xml, , [506a817486032313e1d1d002ba4a39c7],
PUP.Optional.IHProtect.A, C:\Program Files (x86)\STab\ProtectService.exe, , [3189d71e0d7c8aac37712a3e2ad99868],
PUP.Optional.Conduit.A, C:\Users\AduA!\AppData\LocalLow\BS_Player_ControlBar_B\cctoolbar.cfg, , [cfeb6c89a1e8be78e6eb70d7fa097a86],
PUP.Optional.Conduit.A, C:\Users\AduA!\AppData\LocalLow\BS_Player_ControlBar_B\hk64tbBS_P.dll, , [cfeb6c89a1e8be78e6eb70d7fa097a86],
PUP.Optional.Conduit.A, C:\Users\AduA!\AppData\LocalLow\BS_Player_ControlBar_B\hktbBS_P.dll, , [cfeb6c89a1e8be78e6eb70d7fa097a86],
PUP.Optional.Conduit.A, C:\Users\AduA!\AppData\LocalLow\BS_Player_ControlBar_B\ldrtbBS_P.dll, , [cfeb6c89a1e8be78e6eb70d7fa097a86],
PUP.Optional.Conduit.A, C:\Users\AduA!\AppData\LocalLow\BS_Player_ControlBar_B\prxtbBS_P.dll, , [cfeb6c89a1e8be78e6eb70d7fa097a86],
PUP.Optional.Conduit.A, C:\Users\AduA!\AppData\LocalLow\BS_Player_ControlBar_B\tbBS_P.dll, , [cfeb6c89a1e8be78e6eb70d7fa097a86],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update\conf, , [1b9f6194494024120ef2b298ca3927d9],
PUP.Optional.IHProtectUpDate.A, C:\ProgramData\IHProtectUpDate\update\conf, , [4179e70eb4d5fb3b1152ec7bf0130000],

Physical Sectors: 0
(No malicious items detected)


(end)

# AdwCleaner v3.302 - Report created 10/01/2015 at 15:28:12
# Updated 30/07/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : Aduš - ADUŠ-PC
# Running from : C:\Users\Aduš\Downloads\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : TBSrv
Service Deleted : {45f53f5d-5052-4d06-bda8-a4383a454e96}Gw64

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Tbccint
Folder Deleted : C:\ProgramData\WindowsMangerProtect
Folder Deleted : C:\Program Files (x86)\Tbccint
Folder Deleted : C:\Users\Aduš\AppData\Local\cool_mirage
Folder Deleted : C:\Users\Aduš\AppData\Local\Tbccint
Folder Deleted : C:\Users\Aduš\AppData\LocalLow\Tbccint
File Deleted : C:\Windows\System32\drivers\{45f53f5d-5052-4d06-bda8-a4383a454e96}Gw64.sys
File Deleted : C:\Users\Aduš\AppData\Roaming\Mozilla\Firefox\Profiles\75ca2718.default\user.js
File Deleted : C:\Users\Aduš\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.buenosearch.com_0.localstorage-journal
File Deleted : C:\Users\Aduš\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****

Shortcut Disinfected : C:\Users\Public\Desktop\Google Chrome.lnk
Shortcut Disinfected : C:\Users\Aduš\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Shortcut Disinfected : C:\Users\Aduš\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Shortcut Disinfected : C:\Users\Aduš\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk

***** [ Registry ] *****

Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IECT3329621
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3329621
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command
Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Tbccint
Key Deleted : HKCU\Software\Tbccint_HKLM
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\Tbccint
Key Deleted : HKCU\Software\AppDataLow\Software\TbccintSearchScopes
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\omiga-plusSoftware
Key Deleted : HKLM\Software\SupDp
Key Deleted : HKLM\Software\supWindowsMangerProtect

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17496

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [CustomizeSearch]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [SearchAssistant]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Mozilla Firefox v34.0.5 (x86 cs)

[ File : C:\Users\Aduš\AppData\Roaming\Mozilla\Firefox\Profiles\75ca2718.default\prefs.js ]

Line Deleted : user_pref("CT3329621.FF19Solved", "true");
Line Deleted : user_pref("CT3329621.UserID", "UN20877578321339632");
Line Deleted : user_pref("CT3329621.dum", "2");
Line Deleted : user_pref("CT3329621.fullUserID", "UN20877578321339632.IN.20141209225316");
Line Deleted : user_pref("CT3329621.installDate", "09/12/2014 22:53:20");
Line Deleted : user_pref("CT3329621.installSessionId", "9c426efe-aa47-4295-a643-8b0743ae128d");
Line Deleted : user_pref("CT3329621.installSp", "FALSE");
Line Deleted : user_pref("CT3329621.installerVersion", "1.11.0.11");
Line Deleted : user_pref("CT3329621.searchRevert", "@searchrevert@");
Line Deleted : user_pref("CT3329621.searchUninstallUserMode", "4");
Line Deleted : user_pref("CT3329621.searchUserMode", "4");
Line Deleted : user_pref("CT3329621.toolbarInstallDate", "09-12-2014 22:53:16");
Line Deleted : user_pref("CT3329621.versionFromInstaller", "10.35.0.3");
Line Deleted : user_pref("CT3329621.xpeMode", "1");
Line Deleted : user_pref("browser.startup.homepage", "hxxp://isearch.omiga?type=hppppppppppppp");
Line Deleted : user_pref("smartbar.machineId", "U3RPJMRAC0WP8TSLIN2CSIEMJCXE20LLYTLXH75URZS3BPHPMI1WNIAM9GJFBX5SDVEWZ3VWEC3LOQUTWFYLEW");

-\\ Google Chrome v31.0.1650.63

[ File : C:\Users\Aduš\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Search Provider] : hxxp://isearch.omigaweb/?type=dspp&q={searchTerms}
Deleted [Search Provider] : hxxp://isearch.omigaweb/?type=dspp&q={searchTerms}

*************************

AdwCleaner[R0].txt - [35851 octets] - [04/08/2014 12:42:49]
AdwCleaner[R1].txt - [35918 octets] - [04/08/2014 20:41:06]
AdwCleaner[R2].txt - [9211 octets] - [10/01/2015 03:03:21]
AdwCleaner[R3].txt - [9193 octets] - [10/01/2015 15:08:38]
AdwCleaner[S0].txt - [35446 octets] - [04/08/2014 20:42:45]
AdwCleaner[S1].txt - [7088 octets] - [10/01/2015 15:28:12]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [7148 octets] ##########

Z hlediska AdwCleaneru se to zdá už v pořádku. Proč sis nestáhla ten aktuální AdwCleaner z toho mého odkazu?
Aktualizuje se to cca 1x do týdne, takže máš hodně zastaralou verzi.

Co se týká Firefoxu, zkus ho spustit v nouzovém režimu (při spouštění Firefoxu přidrž Shift).
Pokud to pak nebude padat, byla chyba asi v Rozšířeních (Ctrl+Shift+A).

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.1 (12.28.2014:1)
OS: Windows 7 Professional x64
Ran by Aduç on so 10.01.2015 at 15:43:55,47
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\update linkswift
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\util linkswift
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\updateLinkSwift_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\updateLinkSwift_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\utilLinkSwift_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\utilLinkSwift_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\updateLinkSwift_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\updateLinkSwift_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\utilLinkSwift_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\utilLinkSwift_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{15C4DF55-4B67-495A-A3D3-A497C4A49EE0}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{9339A9DE-3FB5-4A1C-8194-13FFAC938BCB}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{15C4DF55-4B67-495A-A3D3-A497C4A49EE0}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31264a33-a653-46c4-af49-1232c59a7da5}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{31264a33-a653-46c4-af49-1232c59a7da5}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31264a33-a653-46c4-af49-1232c59a7da5}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{31264a33-a653-46c4-af49-1232c59a7da5}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31264a33-a653-46c4-af49-1232c59a7da5}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{31264a33-a653-46c4-af49-1232c59a7da5}



~~~ Files

Successfully deleted: [File] "C:\Users\Aduç\appdata\local\google\chrome\user data\default\local storage\http_www.azlyrics.com_0.localstorage"
Successfully deleted: [File] "C:\Users\Aduç\appdata\local\google\chrome\user data\default\local storage\http_www.azlyrics.com_0.localstorage-journal"



~~~ Folders



~~~ FireFox

Successfully deleted: [File] C:\Users\Aduç\AppData\Roaming\mozilla\firefox\profiles\75ca2718.default\user.js
Emptied folder: C:\Users\Aduç\AppData\Roaming\mozilla\firefox\profiles\75ca2718.default\minidumps [8 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on so 10.01.2015 at 15:50:21,96
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ogueKiller V10.1.2.0 (x64) [Jan 7 2015] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno : Normální režim
Uživatel : Aduš [Práva správce]
Mód : Prohledat -- Datum : 01/10/2015 17:06:02

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 17 ¤¤¤
[PUP] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\WindowsMangerProtect (C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe -service) -> Nalezeno
[PUP] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WindowsMangerProtect (C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe -service) -> Nalezeno
[PUP] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\WindowsMangerProtect (C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe -service) -> Nalezeno
[PUM.HomePage] (X64) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir.dl ... ar=msnhome -> Nalezeno
[PUM.HomePage] (X86) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir.dl ... ar=msnhome -> Nalezeno
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir.dl ... ar=msnhome -> Nalezeno
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir.dl ... ar=msnhome -> Nalezeno
[PUM.SearchPage] (X64) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dl ... r=iesearch -> Nalezeno
[PUM.SearchPage] (X86) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dl ... r=iesearch -> Nalezeno
[PUM.SearchPage] (X64) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dl ... r=iesearch -> Nalezeno
[PUM.SearchPage] (X86) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dl ... r=iesearch -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.138 [(Private Address) (XX)] -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.138 [(Private Address) (XX)] -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.138 [(Private Address) (XX)] -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{B903DCBD-16E7-4B31-90D9-814C828842DD} | DhcpNameServer : 10.0.0.138 [(Private Address) (XX)] -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{B903DCBD-16E7-4B31-90D9-814C828842DD} | DhcpNameServer : 10.0.0.138 [(Private Address) (XX)] -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{B903DCBD-16E7-4B31-90D9-814C828842DD} | DhcpNameServer : 10.0.0.138 [(Private Address) (XX)] -> Nalezeno

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 1 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost

¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: Hitachi HTS547564A9E384 ATA Device +++++
--- User ---
[MBR] b83bd3c75d10d3cb2a7dc12b6d2df943
[BSP] 7ad93314db0007bbac2689e6bcc97239 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 99900 MB
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 204802048 | Size: 510477 MB
User = LL1 ... OK
User = LL2 ... OK


============================================
RKreport_DEL_08052014_125150.log - RKreport_SCN_08042014_224743.log - RKreport_SCN_08052014_124939.log

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB nebo externí disky z počítače před spuštěním tohoto programu.
Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "
- V záložkách (Registry , Tasks , Web Browser apod.) vše zatrhni (dej zatržítka).
- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje " Mazání dokončeno "
- Klikni na "Zpráva" a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

====================================================

Stáhni
Zoek.exe

a ulož si ho na plochu.
Zavři všechny ostatní programy, okna i prohlížeče.
Spusť Zoek.exe ( u win vista , win7, 8 klikni na něj pravým a vyber : „Spustit jako správce“
- pozor, náběh programu může trvat déle.

Do okna programu vlož skript níže:


Klikni na Run Script
Program provede sken, opravu, sken i oprava může trvat i více minut, je třeba posečkat do konce. Do okna neklikej!
rogram nabídne restart , potvrď .

Po restartu se může nějaký čas ukázat pouze černá plocha , to je normální. Je třeba počkat až se vytvoří log. Ten si můžeš uložit třeba do dokumentů, jinak se sám ukládá do:
C:\zoek-results.log
Zkopíruj sem celý obsah toho logu.