Prosím o kontrolu LOGU

Max583 · Příspěvekod **Max583** » 16 led 2015 10:33

Prosím o kontrolu Logu. Začal se mi sekat PC a hodně se zpomalil. Mám i problém s připojením. Poskytovatel tvrdí, že je vše v pořádku ale když měřím rychlost tak to hrozně kolísá v závislosti na stránkách, kde ji měřím a to při Dow -od 39-61Mbps a u Upl 12-42 Mbps. Nevím zda je to možné, že by každý měřil jinak ale takové rozdíly jsou divné. Děkuji

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:25:00, on 16.1.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17420)

Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
C:\Windows\SOUNDMAN.EXE
C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
D:\Programy\RocketDock\RocketDock.exe
D:\Programy\Rainlendar2\Rainlendar2.exe
C:\Users\Bohouš\AppData\Local\temp\Rar$EXa0.014\HotkeyP.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avpui.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\cmd.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\plugin-nm-server.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\klwtblfs.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
D:\Stažené soubory\Downloads\HijackThis.exe
C:\Windows\system32\DllHost.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll
O2 - BHO: ContentBlockerBrowserHelperObject - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: VirtualKeyboardBrowserHelperObject - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: (no name) - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - (no file)
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\UrlAdvisor\klwtbbho.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [CDAServer] C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
O4 - HKCU\..\Run: [RocketDock] "D:\Programy\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [Rainlendar2] D:\Programy\Rainlendar2\Rainlendar2.exe
O4 - HKCU\..\Run: [HotkeyP] C:\Users\Bohouš\AppData\Local\temp\Rar$EXa0.014\HotkeyP.exe 0
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Open with WordPerfect - c:\Program Files\Corel\WordPerfect Office X7\Programs\WPLauncher.hta
O9 - Extra button: Virtuální klávesnice - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
O9 - Extra button: Kontrola adres URL - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\UrlAdvisor\klwtbbho.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} (20-20 3D Viewer for IKEA) - http://kitchenplanner.ikea.com/CZ/Core/ ... _Win32.cab
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Služba Kaspersky Anti-Virus 15.0.0 (AVP15.0.0) - Kaspersky Lab ZAO - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files\Sony\Sony PC Companion\PCCService.exe

--
End of file - 5769 bytes

Reklama

Příspěvekod **jaro3** » 16 led 2015 10:47

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.

Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Stáhni AdwCleaner (by Xplode)
http://www.bleepingcomputer.com/download/adwcleaner/

Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

Stáhni si Malwarebytes' Anti-Malware
- Při instalaci odeber zatržítko u „Povolit bezplatnou zkušební verzi Malwarebytes' Anti-Malware Premium“
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a klikni na Skenovat nyní a
- po proběhnutí programu se ti objeví hláška vpravo dole tak klikni na b] Kopírovat do schránky [/b]a a vlož sem celý log.

- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).

Pokud budou problémy , spusť v nouz. režimu.

Max583 · Příspěvekod **Max583** » 16 led 2015 13:36

Bohužel Mbam mi vůbec nešel nainstalovat.

# AdwCleaner v4.107 - Report created 16/01/2015 at 11:42:30
# Updated 07/01/2015 by Xplode
# Database : 2015-01-13.2 [Live]
# Operating System : Windows 7 Ultimate Service Pack 1 (32 bits)
# Username : Bohouš - BOHOUŠ-PC
# Running from : C:\Users\Bohouš\Desktop\AdwCleaner (3).exe
# Option : Scan

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Found : C:\Program Files\ShopperPro
Folder Found : C:\Program Files\YouTube Accelerator
Folder Found : C:\ProgramData\22ab63285fa54721
Folder Found : C:\ProgramData\ShopperPro
Folder Found : C:\Users\Bohouš\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bbglkiiiofelplniblholffbhhjmdhhi
Folder Found : C:\Users\Bohouš\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\kigpmgkoelepakabiliblldhdpnidcod
Folder Found : C:\Users\Bohouš\AppData\Local\CrashRpt
Folder Found : C:\Users\Bohouš\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Folder Found : C:\Users\Bohouš\AppData\Local\Slick Savings
Folder Found : C:\Users\Bohouš\AppData\LocalLow\Internet Speed Checker
Folder Found : C:\Users\Public\Documents\Goobzo
Folder Found : C:\Users\Public\Documents\ShopperPro

***** [ Scheduled Tasks ] *****

Task Found : ShopperProJSUpd

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Found : HKCU\Software\AppDataLow\Software\Search Settings
Key Found : HKCU\Software\Goobzo
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Key Found : HKLM\SOFTWARE\Classes\AppID\{58FDA6AF-67D8-4198-B7CD-94B17532C8D5}
Key Found : HKLM\SOFTWARE\Classes\AppID\ShopperPro.DLL
Key Found : HKLM\SOFTWARE\Classes\Interface\{03C0AC00-86DE-4B55-81BA-2E7CD61C51B1}
Key Found : HKLM\SOFTWARE\Classes\ShopperPro.ShopperProBHO
Key Found : HKLM\SOFTWARE\Classes\ShopperPro.ShopperProBHO.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{8FB1A663-2820-468B-95C4-5060A4C5F413}
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Found : HKLM\SOFTWARE\ShopperPro

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17420

-\\ Google Chrome v36.0.1985.143

[C:\Users\Bohouš\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://search.certified-toolbar.com?si= ... tid=592&q={searchTerms}
[C:\Users\Bohouš\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://search.certified-toolbar.com?si= ... tid=592&q={searchTerms}

-\\ Comodo Dragon v

*************************

AdwCleaner[R0].txt - [17917 octets] - [17/08/2014 11:13:48]
AdwCleaner[R1].txt - [6181 octets] - [17/08/2014 18:18:00]
AdwCleaner[R2].txt - [2985 octets] - [16/01/2015 11:42:30]
AdwCleaner[S0].txt - [6459 octets] - [17/08/2014 18:19:31]

########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [3105 octets] ##########

Příspěvekod **jaro3** » 16 led 2015 18:41

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
klikni na „Prohledat-Scan“, po prohledání klikni na „ Vymazat-Clean“

Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.

Stáhni si Junkware Removal Tool by Thisisu

na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

Stáhni si RogueKiller by Adlice Software
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

Max583 · Příspěvekod **Max583** » 17 led 2015 10:25

# AdwCleaner v4.107 - Report created 17/01/2015 at 09:55:20
# Updated 07/01/2015 by Xplode
# Database : 2015-01-13.2 [Live]
# Operating System : Windows 7 Ultimate Service Pack 1 (32 bits)
# Username : Bohouš - BOHOUŠ-PC
# Running from : C:\Users\Bohouš\Desktop\AdwCleaner (3).exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\22ab63285fa54721
Folder Deleted : C:\Program Files\ShopperPro
Folder Deleted : C:\Program Files\YouTube Accelerator
Folder Deleted : C:\Users\Bohouš\AppData\Local\Slick Savings
Folder Deleted : C:\Users\Bohouš\AppData\Local\CrashRpt
Folder Deleted : C:\Users\Bohouš\AppData\LocalLow\Internet Speed Checker
Folder Deleted : C:\Users\Public\Documents\Goobzo
Folder Deleted : C:\Users\Public\Documents\ShopperPro
Folder Deleted : C:\Users\Bohouš\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\kigpmgkoelepakabiliblldhdpnidcod
Folder Deleted : C:\Users\Bohouš\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bbglkiiiofelplniblholffbhhjmdhhi
File Deleted : C:\Users\Bohouš\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage-journal

***** [ Scheduled Tasks ] *****

Task Deleted : ShopperProJSUpd

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\ShopperPro.DLL
Key Deleted : HKLM\SOFTWARE\Classes\ShopperPro.ShopperProBHO
Key Deleted : HKLM\SOFTWARE\Classes\ShopperPro.ShopperProBHO.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{58FDA6AF-67D8-4198-B7CD-94B17532C8D5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03C0AC00-86DE-4B55-81BA-2E7CD61C51B1}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{8FB1A663-2820-468B-95C4-5060A4C5F413}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : HKCU\Software\Goobzo

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17420

-\\ Google Chrome v36.0.1985.143

[C:\Users\Bohouš\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.certified-toolbar.com?si= ... tid=592&q={searchTerms}
[C:\Users\Bohouš\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.certified-toolbar.com?si= ... tid=592&q={searchTerms}

-\\ Comodo Dragon v

[C:\Users\Bohouš\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.certified-toolbar.com?si= ... tid=592&q={searchTerms}
[C:\Users\Bohouš\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.certified-toolbar.com?si= ... tid=592&q={searchTerms}

*************************

AdwCleaner[R0].txt - [17917 octets] - [17/08/2014 11:13:48]
AdwCleaner[R1].txt - [6181 octets] - [17/08/2014 18:18:00]
AdwCleaner[R2].txt - [3185 octets] - [16/01/2015 11:42:30]
AdwCleaner[R3].txt - [3031 octets] - [17/01/2015 09:46:04]
AdwCleaner[S0].txt - [6459 octets] - [17/08/2014 18:19:31]
AdwCleaner[S1].txt - [3362 octets] - [17/01/2015 09:55:20]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [3422 octets] ##########

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.1 (12.28.2014:1)
OS: Windows 7 Ultimate x86
Ran by Bohouç on so 17.01.2015 at 10:01:37,68
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

~~~ Files

Successfully deleted: [File] C:\Windows\System32\Tasks\Driver Booster SkipUAC (Bohouç)
Successfully deleted: [File] "C:\Windows\wininit.ini"

~~~ Folders

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on so 17.01.2015 at 10:06:33,89
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
RogueKiller V10.1.2.0 [Jan 7 2015] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno : Normální režim
Uživatel : Bohouš [Práva správce]
Mód : Prohledat -- Datum : 01/17/2015 10:18:54

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 14 ¤¤¤
[Suspicious.Path] HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Windows\CurrentVersion\Run | HotkeyP : C:\Users\Bohouš\AppData\Local\temp\Rar$EXa0.014\HotkeyP.exe 0 -> Nalezeno
[PUM.HomePage] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir.dl ... ar=msnhome -> Nalezeno
[PUM.HomePage] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir.dl ... ar=msnhome -> Nalezeno
[PUM.SearchPage] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dl ... r=iesearch -> Nalezeno
[PUM.SearchPage] HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dl ... r=iesearch -> Nalezeno
[PUM.SearchPage] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dl ... r=iesearch -> Nalezeno
[PUM.Dns] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 77.237.128.2 77.237.128.1 192.168.1.1 [CZECH REPUBLIC (CZ)][CZECH REPUBLIC (CZ)] -> Nalezeno
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 77.237.128.2 77.237.128.1 192.168.1.1 [CZECH REPUBLIC (CZ)][CZECH REPUBLIC (CZ)] -> Nalezeno
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters | DhcpNameServer : 77.237.128.2 77.237.128.1 192.168.1.1 [CZECH REPUBLIC (CZ)][CZECH REPUBLIC (CZ)] -> Nalezeno
[PUM.Dns] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{3DCF8740-518D-40BD-940E-62F2FED3196D} | DhcpNameServer : 77.237.128.2 77.237.128.1 192.168.1.1 [CZECH REPUBLIC (CZ)][CZECH REPUBLIC (CZ)] -> Nalezeno
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{3DCF8740-518D-40BD-940E-62F2FED3196D} | DhcpNameServer : 77.237.128.2 77.237.128.1 192.168.1.1 [CZECH REPUBLIC (CZ)][CZECH REPUBLIC (CZ)] -> Nalezeno
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{3DCF8740-518D-40BD-940E-62F2FED3196D} | DhcpNameServer : 77.237.128.2 77.237.128.1 192.168.1.1 [CZECH REPUBLIC (CZ)][CZECH REPUBLIC (CZ)] -> Nalezeno
[PUM.DesktopIcons] HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1 -> Nalezeno
[PUM.DesktopIcons] HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1 -> Nalezeno

¤¤¤ Úlohy : 1 ¤¤¤
[Suspicious.Path] \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -- C:\Program Files\Microsoft Security Client\MpCmdRun.exe (Scan -ScheduleJob -RestrictPrivileges) -> Nalezeno

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 1 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost

¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: ST340014A ATA Device +++++
--- User ---
[MBR] c739e60b57ac8abc11d8279d7a5ac0a7
[BSP] ab99cc4c3e011a3a9cca4b69a968049e : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 38063 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: WDC WD5000AVDS-63U7B1 ATA Device +++++
--- User ---
[MBR] b4dd07df154ef37bcc0d73bbec167488
[BSP] 6a52188395639a4256825024f288b9ff : HP MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 63 | Size: 476937 MB
User = LL1 ... OK
User = LL2 ... OK

============================================
RKreport_DEL_08182014_072016.log - RKreport_SCN_08172014_194452.log - RKreport_SCN_08182014_071854.log

Příspěvekod **Orcus** » 17 led 2015 12:15

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB nebo externí disky z počítače před spuštěním tohoto programu.
Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "
- V záložkách (Registry , Tasks , Web Browser apod.) vše zatrhni (dej zatržítka).
- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje " Mazání dokončeno "
- Klikni na "Zpráva" a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

====================================================

Stáhni
Zoek.exe

a ulož si ho na plochu.
Zavři všechny ostatní programy, okna i prohlížeče.
Spusť Zoek.exe ( u win vista , win7, 8 klikni na něj pravým a vyber : „Spustit jako správce“
- pozor, náběh programu může trvat déle.

Do okna programu vlož skript níže:

Kód: Vybrat vše

autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts;

Klikni na Run Script
Program provede sken, opravu, sken i oprava může trvat i více minut, je třeba posečkat do konce. Do okna neklikej!
rogram nabídne restart , potvrď .

Po restartu se může nějaký čas ukázat pouze černá plocha , to je normální. Je třeba počkat až se vytvoří log. Ten si můžeš uložit třeba do dokumentů, jinak se sám ukládá do:
C:\zoek-results.log
Zkopíruj sem celý obsah toho logu.

Max583 · Příspěvekod **Max583** » 17 led 2015 13:42

RogueKiller V10.1.2.0 [Jan 7 2015] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno : Normální režim
Uživatel : Bohouš [Práva správce]
Mód : Smazat -- Datum : 01/17/2015 12:50:26

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 13 ¤¤¤
[PUM.HomePage] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir.dl ... ar=msnhome -> Nevybráno
[PUM.HomePage] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir.dl ... ar=msnhome -> Nevybráno
[PUM.SearchPage] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dl ... r=iesearch -> Nevybráno
[PUM.SearchPage] HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dl ... r=iesearch -> Nevybráno
[PUM.SearchPage] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dl ... r=iesearch -> Nevybráno
[PUM.Dns] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 77.237.128.2 77.237.128.1 192.168.1.1 [CZECH REPUBLIC (CZ)][CZECH REPUBLIC (CZ)] -> Nevybráno
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 77.237.128.2 77.237.128.1 192.168.1.1 [CZECH REPUBLIC (CZ)][CZECH REPUBLIC (CZ)] -> Nevybráno
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters | DhcpNameServer : 77.237.128.2 77.237.128.1 192.168.1.1 [CZECH REPUBLIC (CZ)][CZECH REPUBLIC (CZ)] -> Nevybráno
[PUM.Dns] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{3DCF8740-518D-40BD-940E-62F2FED3196D} | DhcpNameServer : 77.237.128.2 77.237.128.1 192.168.1.1 [CZECH REPUBLIC (CZ)][CZECH REPUBLIC (CZ)] -> Nevybráno
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{3DCF8740-518D-40BD-940E-62F2FED3196D} | DhcpNameServer : 77.237.128.2 77.237.128.1 192.168.1.1 [CZECH REPUBLIC (CZ)][CZECH REPUBLIC (CZ)] -> Nevybráno
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{3DCF8740-518D-40BD-940E-62F2FED3196D} | DhcpNameServer : 77.237.128.2 77.237.128.1 192.168.1.1 [CZECH REPUBLIC (CZ)][CZECH REPUBLIC (CZ)] -> Nevybráno
[PUM.DesktopIcons] HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1 -> Nevybráno
[PUM.DesktopIcons] HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1 -> Nevybráno

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 1 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost

¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: ST340014A ATA Device +++++
--- User ---
[MBR] c739e60b57ac8abc11d8279d7a5ac0a7
[BSP] ab99cc4c3e011a3a9cca4b69a968049e : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 38063 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: WDC WD5000AVDS-63U7B1 ATA Device +++++
--- User ---
[MBR] b4dd07df154ef37bcc0d73bbec167488
[BSP] 6a52188395639a4256825024f288b9ff : HP MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 63 | Size: 476937 MB
User = LL1 ... OK
User = LL2 ... OK

============================================
RKreport_DEL_01172015_115402.log - RKreport_DEL_08182014_072016.log - RKreport_SCN_01172015_101854.log - RKreport_SCN_08172014_194452.log
RKreport_SCN_08182014_071854.log - RKreport_SCN_01172015_124136.log - RKreport_SCN_01172015_124551.log - RKreport_SCN_01172015_124928.log

Zoek.exe v5.0.0.0 Updated 15-01-2015
Tool run by Bohouç on so 17.01.2015 at 12:53:05,50.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\BOHOU~1\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

17.1.2015 12:54:59 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\Program Files\Common Files\MicroWorld deleted successfully
C:\PROGRA~2\GlarySoft deleted successfully
C:\PROGRA~2\ProductData deleted successfully
C:\PROGRA~2\WordPerfect Office X7 deleted successfully
C:\PROGRA~2\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Internet Explorer\SearchScopes\{F07F3292-21FD-48BE-BDE4-351F29E38721} deleted successfully
HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{122C00F2-1E03-409F-9F71-24C49313A8E8} deleted successfully
HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{12D799C4-2380-4755-B90-47F68DD129} deleted successfully
HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1405E68C-112D-4680-BDBD-55E0C0896F4B} deleted successfully
HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{14EF8CD9-290C-41BA-9948-A93DB7CF383} deleted successfully
HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1607C7B-263A-434F-BE66-59E863AF12} deleted successfully
HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{187576B3-5AD-466D-8F9D-BBFAA7AE771E} deleted successfully
HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{19A8CCC5-31EF-4E92-9BD5-AA6FD9CEE9B3} deleted successfully
HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{19BD8C97-25CB-4CB6-A81D-DE67E341D13} deleted successfully
HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1B42756D-60C2-40DC-91B4-4CAED5853FDA} deleted successfully
HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{25A370BA-75E6-4064-8D32-5A4382DFB7E3} deleted successfully
HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{279E0351-6CF1-4479-AB3B-8CAA9E4C6E} deleted successfully
HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{29F3C381-12E6-4D60-B58A-B3091413CD} deleted successfully
HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2A1D8BDA-C3D5-401C-9BF7-D443E38280E8} deleted successfully
HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2D08B14-D6BA-4C06-AEAD-99C18F3740C0} deleted successfully
HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{33F9A51C-D763-42BF-A056-C92AE87D2ED5} deleted successfully
HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{345c1300-0d4c-468c-b0e7-c69ecdbfbeaf} deleted successfully
HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{356d286c-c424-418d-963b-3ea7823e6fa5} deleted successfully
HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{399BFDF-2CB7-4348-A977-5E515D4379F3} deleted successfully
HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{39A36781-1425-4F73-B71-2FC1EB83ED27} deleted successfully
HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{39D1E3E4-6165-4F3F-8690-75FC59D46F86} deleted successfully
HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3C030538-67B0-4315-8F8B-33F5AEC67FBF} deleted successfully
HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3D11E7CF-4632-4416-8F20-B6C27A14DB7} deleted successfully
HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{40256B38-2D16-4F3F-BB8D-3111365D373B} deleted successfully
HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{40ba82a4-67e8-4eae-b1e7-92859bd601f5} deleted successfully
HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4331DFD3-5450-4BA9-82D0-9EE5EE773EDA} deleted successfully
HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{43B65454-991F-4415-ADCF-161936696B4E} deleted successfully
HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{457776CC-EF50-455B-8679-4BE1D7A9B62} deleted successfully
HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4B8E7A6E-1D7C-4BFD-B6D-D33F5BCCBA8D} deleted successfully
HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4CF26849-8EE3-47EB-ADFD-21DD6C193E75} deleted successfully
HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4E1BEC61-440C-4284-802D-CB3EC4BE3A82} deleted successfully
HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4E30945A-1B83-43C8-92C5-AD65513B573} deleted successfully
HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4E51C154-702A-4F4C-85C8-E45A77C657D} deleted successfully
HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4F748C82-1B8A-4229-84CB-A702DCCF0C5} deleted successfully
HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{54AE565A-AD4A-423B-8278-375ED19CFAC1} deleted successfully
HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5694103F-B07D-4DD4-902B-A7577D10F567} deleted successfully
HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{578FD28A-8990-48D3-8463-67E679607680} deleted successfully
HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5790923F-A804-4BFC-94FE-45EECF48F9C8} deleted successfully
HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5C971495-3CD9-49E5-985B-FD83DB54E54F} deleted successfully
HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E30F23C-D70A-43EB-9C7E-E74E799FD34} deleted successfully
HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{601f5a61-bab5-4905-a7da-bb3c6e87f674} deleted successfully
HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{60998385-C8C-4B84-9231-3C1A4C30589D} deleted successfully
HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{62CB23D-1D8D-4192-B0AA-B3369F764B63} deleted successfully
HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{66C15F1E-C242-4796-8FE8-FD7A1AE4AEC2} deleted successfully
HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6FA7E3DE-847D-4504-B251-4862F77C2ADF} deleted successfully
HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{76050F17-42F6-4795-BF86-9CE9B31A736} deleted successfully
HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{76C2FAEC-E08-4A1B-B557-536C1254546B} deleted successfully
HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7840852E-B007-4202-8BEC-A61A1930FA23} deleted successfully
HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{789B2019-72B9-4FE5-BCAB-82BABE6EF3EB} deleted successfully
HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7b55f473-c80b-4151-90da-82f6f4cef6bb} deleted successfully
HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7B87294A-528C-4FC0-A5B8-DF2A44E3D48C} deleted successfully
HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7BFCFDB-55FE-426D-9D20-8CDD3ACE114C} deleted successfully
HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{845B43CE-246F-4F59-B8F3-DB38F672F014} deleted successfully
HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8A7DA81-CBF2-4639-B4D4-E1E4A823A89A} deleted successfully
HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8B58D265-3E89-4B34-ACAD-2482512020E2} deleted successfully
HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8C45EE40-D88E-40C9-94B7-E3C9CDBCCDA0} deleted successfully
HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8C6BD4B6-D56C-41D7-A23B-9947DA2F60F7} deleted successfully
HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8E2D3009-3CEF-45CE-B772-B6EECF56F3A6} deleted successfully
HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{908A537A-4CA3-45EC-92CF-245280CB84C3} deleted successfully
HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9252186E-6EF9-4D7F-8E16-27B4F3648C2} deleted successfully
HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{98FCF116-F45D-4C2A-BF33-14DF2A3C3A65} deleted successfully
HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9914E43A-D853-441F-A6BB-3732BABF1160} deleted successfully
HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9AF90C38-F210-445E-AE6B-A7C582BD3046} deleted successfully
HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9B204B07-91B4-44D9-95A3-AA05049F294} deleted successfully
HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9B502847-910-4390-B083-98633A5F780} deleted successfully
HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A458D622-F21D-4732-8DD7-82C6892EB566} deleted successfully
HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A52E143E-4945-4A09-B3D3-F4B6E9255AB} deleted successfully
HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B1FDEF97-8B8F-4543-A6E3-1F869574D25C} deleted successfully
HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2CD2718-78A9-4F6B-81C-286566A32B9} deleted successfully
HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B7CAEC14-B4F0-4439-8B64-70AFA83A7AD1} deleted successfully
HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B9E5E7EB-D1EF-43B1-BE10-2DA4774197C} deleted successfully
HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BE7460DA-C718-4133-B26D-7BDD1D36483} deleted successfully
HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C1456833-A8A2-4E31-8C2C-27D85E4835D1} deleted successfully
HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CA3E0A33-A2BC-4FE5-9470-CDE4E5C8549F} deleted successfully
HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CB85916F-3305-4F2A-A659-3EA736B21957} deleted successfully
HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CBB301F9-625B-4FE2-82B5-AA15D5B9102D} deleted successfully
HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CD5762DA-98BE-4078-9124-13D82911EC16} deleted successfully
HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D0C9C3A1-CBC8-4773-BC2E-C1F5BEF75C73} deleted successfully
HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D2B5F40-F745-466A-AAB6-904D8B4B8A3} deleted successfully
HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D2D590FD-365D-4A18-B654-96E458BD9EA8} deleted successfully
HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D3381174-4DFA-4E4A-9AA9-EF8F286083FD} deleted successfully
HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D716EFDC-13DB-43F4-ADF6-15957AED29C} deleted successfully
HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D8C15A78-176D-4C4B-8F46-65C9629FEE1} deleted successfully
HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DA4B7708-219D-4247-8B23-862387D3A2CF} deleted successfully
HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DBAE5100-F1C2-4054-80C6-EFC473773CB} deleted successfully
HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDC90B0E-1A42-43D2-9B97-7C6A3422BB11} deleted successfully
HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e2f6c254-e6d2-435e-a947-6794a89e3b1c} deleted successfully
HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E8556B88-F1C9-4C7B-B899-A9F0E96A4DB2} deleted successfully
HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EA1AB604-B02D-4149-9AD2-9F57F43EE639} deleted successfully
HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EC917CC3-EDB1-4A87-8793-653819BA5869} deleted successfully
HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EDBB5B2-7E-455F-AA13-E491AEA93020} deleted successfully
HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F1CAD194-624C-4EA6-B33B-99D44594C120} deleted successfully
HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f4eaeb02-fa22-43b0-bca6-4bc2d4b50303} deleted successfully
HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FA110876-72D6-4E19-B031-6939678B8FE1} deleted successfully
HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FCDE981-D13C-42E5-A3EB-F4641FE02BE6} deleted successfully
HKEY_USERS\S-1-5-21-2306539700-457595284-510098243-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FDFB5CFC-5C1-484A-8125-52F8862D3F3B} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{345c1300-0d4c-468c-b0e7-c69ecdbfbeaf} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{356d286c-c424-418d-963b-3ea7823e6fa5} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{40ba82a4-67e8-4eae-b1e7-92859bd601f5} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{601f5a61-bab5-4905-a7da-bb3c6e87f674} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7b55f473-c80b-4151-90da-82f6f4cef6bb} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e2f6c254-e6d2-435e-a947-6794a89e3b1c} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f4eaeb02-fa22-43b0-bca6-4bc2d4b50303} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== Deleting Files \ Folders ======================

C:\PROGRA~2\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} not found
C:\Users\BOHOU~1\AppData\LocalLow\{247DF953-C7A2-FA63-72F2-8DD565192B32} deleted
C:\Users\BOHOU~1\AppData\Local\1cdc1152-ac0b-425e-68bc-ea01bd8176d8 deleted
C:\Users\BOHOU~1\.android deleted
C:\Users\BOHOU~1\AppData\Local\cache deleted
C:\Users\BOHOU~1\AppData\Local\Installer deleted
C:\Users\BOHOU~1\AppData\LocalLow\ADSRemoval deleted
C:\Windows\system32\config\systemprofile\Searches deleted
C:\Windows\system32\GroupPolicy\Machine deleted
C:\Windows\system32\GroupPolicy\User deleted
C:\Windows\system32\GroupPolicy\gpt.ini deleted
C:\Windows\System32\AniGIF.ocx deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"url_advisor@kaspersky.com"="C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com" [11.10.2014 09:46]

==== Fake Chromium Profiles Check ======================

Fake profile C:\Users\Administrator\AppData\Local\Google\Chrome deleted
Fake profile C:\Users\Administrator\AppData\Local\Google\Chrome SxS deleted
Fake profile C:\Users\Administrator\AppData\Local\Comodo\Dragon deleted
Fake profile C:\Users\Guest\AppData\Local\Google\Chrome deleted
Fake profile C:\Users\Guest\AppData\Local\Google\Chrome SxS deleted
Fake profile C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome deleted
Fake profile C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS deleted
Fake profile C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon deleted
Fake profile C:\Users\BOHOU~1\AppData\Local\Google\Chrome SxS deleted
Fake profile C:\Users\BOHOU~1\AppData\Local\Comodo\Dragon deleted

==== Chromium Look ======================

Google Chrome Version: 36.0.1985.143 (Possible outdated, latest Stable version: 39.0.2171.99)

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
dbhjdbfgekjfcfkkfjjmlmojhbllhbho - https://chrome.google.com/webstore/deta ... ojhbllhbho[]

==== Chromium Startpages ======================

C:\Users\BOHOU~1\AppData\Local\Google\Chrome\User Data\Default\Preferences
"homepage": "http://www.seznam.cz/",
"startup_urls": [ "http://www.seznam.cz/" ],

==== Chromium Fix ======================

C:\Users\BOHOU~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage deleted successfully
C:\Users\BOHOU~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{01EDEB70-75E3-4F9B-B244-84B3EE2B30B9} Firmy.cz Url="http://www.firmy.cz/?q={searchTerms}&sourceid=QuickSearch_16194"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{18A7D71A-E0E6-4534-A56A-396C6FF119A8} Zbo§ˇ.cz Url="http://www.zbozi.cz/?q={searchTerms}&r=campmoz&sourceid=QuickSearch_16194"
{454C63EA-A82E-41E3-B92F-3E55DFABE7F5} Seznam TV Program Url="http://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_16194"
{60D63F33-9D07-49D6-8852-C5C2AF2263E6} Mapy.cz Url="http://www.mapy.cz/?query={searchTerms}&sourceid=QuickSearch_16194"
{C18B3072-F6BA-41F2-80AA-6A5C391C5D2C} Novinky.cz Url="http://www.novinky.cz/hledej?w={searchTerms}&sourceid=QuickSearch_16194"
{CA2B0348-FD62-4A7A-ABA4-9D431FD52FA1} Encyklopedie Seznam Url="http://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_16194"
{D84AC287-649A-4D89-9B72-A67DDE0C6A38} Slovnˇk EN/CZ Url="http://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_16194"
{FA21F1BA-DF27-4EF8-B985-E5C9CF96C792} Slovnˇk CZ/EN Url="http://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_16194"

==== Reset Google Chrome ======================

C:\Users\BOHOU~1\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\BOHOU~1\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Empty IE Cache ======================

C:\Users\BOHOU~1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\BOHOU~1\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=151 folders=27 4943945 bytes)

==== Empty Temp Folders ======================

C:\Users\Administrator\AppData\Local\temp emptied successfully
C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Default User\AppData\Local\temp emptied successfully
C:\Users\Guest\AppData\Local\temp emptied successfully
C:\Users\HomeGroupUser$\AppData\Local\temp emptied successfully
C:\Users\Public\AppData\Local\temp emptied successfully
C:\Users\BOHOU~1\AppData\Local\temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\BOHOU~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on so 17.01.2015 at 13:35:21,71 ======================

Příspěvekod **Orcus** » 18 led 2015 09:22

V RK jsi některé položky nevybral. Prosím ještě jednou podle návodu. :-)

Max583 · Příspěvekod **Max583** » 18 led 2015 10:55

Udělal jsem to přesně tak jak jsi chtěl - víc tam toho opravdu není. Jo a nemohl jsem se potom připojit k netu. Musel jsem zrestartovat router a pak to šlo.
RogueKiller V10.1.2.0 [Jan 7 2015] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno : Normální režim
Uživatel : Bohouš [Práva správce]
Mód : Smazat -- Datum : 01/18/2015 10:47:07

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 0 ¤¤¤

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 1 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost

¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: ST340014A ATA Device +++++
--- User ---
[MBR] c739e60b57ac8abc11d8279d7a5ac0a7
[BSP] ab99cc4c3e011a3a9cca4b69a968049e : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 38063 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: WDC WD5000AVDS-63U7B1 ATA Device +++++
--- User ---
[MBR] b4dd07df154ef37bcc0d73bbec167488
[BSP] 6a52188395639a4256825024f288b9ff : HP MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 63 | Size: 476937 MB
User = LL1 ... OK
User = LL2 ... OK

============================================
RKreport_DEL_01172015_115402.log - RKreport_DEL_01172015_125026.log - RKreport_DEL_08182014_072016.log - RKreport_SCN_01172015_101854.log
RKreport_SCN_01172015_124136.log - RKreport_SCN_01172015_124551.log - RKreport_SCN_01172015_124928.log - RKreport_SCN_08172014_194452.log
RKreport_SCN_08182014_071854.log - RKreport_SCN_01182015_103520.log - RKreport_DEL_01182015_103548.log - RKreport_DEL_01182015_103601.log
RKreport_SCN_01182015_104127.log - RKreport_DEL_01182015_104147.log - RKreport_DEL_01182015_104205.log - RKreport_DEL_01182015_104222.log
RKreport_SCN_01182015_104625.log - RKreport_DEL_01182015_104659.log

Příspěvekod **memphisto** » 18 led 2015 17:49

Jak je na tom PC? Dodej ještě nový log z HJT

Max583 · Příspěvekod **Max583** » 19 led 2015 09:09

PC je už podstatně v lepší kondici jen mě stále zlobí ten internet ta rychlost - ale to tady asi nevyřešíme.
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:06:40, on 19.1.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17420)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
C:\Windows\SOUNDMAN.EXE
C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
D:\Programy\RocketDock\RocketDock.exe
D:\Programy\Rainlendar2\Rainlendar2.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avpui.exe
D:\Plánovače\čištění\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll
O2 - BHO: ContentBlockerBrowserHelperObject - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: VirtualKeyboardBrowserHelperObject - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\UrlAdvisor\klwtbbho.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [CDAServer] C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
O4 - HKCU\..\Run: [RocketDock] "D:\Programy\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [Rainlendar2] D:\Programy\Rainlendar2\Rainlendar2.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Open with WordPerfect - c:\Program Files\Corel\WordPerfect Office X7\Programs\WPLauncher.hta
O9 - Extra button: Virtuální klávesnice - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
O9 - Extra button: Kontrola adres URL - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\UrlAdvisor\klwtbbho.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} (20-20 3D Viewer for IKEA) - http://kitchenplanner.ikea.com/CZ/Core/ ... _Win32.cab
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Služba Kaspersky Anti-Virus 15.0.0 (AVP15.0.0) - Kaspersky Lab ZAO - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files\Sony\Sony PC Companion\PCCService.exe

--
End of file - 5072 bytes

Příspěvekod **jaro3** » 19 led 2015 09:59

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB (kromě myši s klávesnice) nebo externí disky z počítače před spuštěním tohoto programu.
Spusť znovu RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Pak klikni na "Prohledat " ,po jeho skončení:

- V záložkách (Registry , Tasks , Web Browser apod.) vše zatrhni (dej zatržítka)
(musíš dát myší zatržítko do toho čtverečku vlevo od registru ap.)

- Klikni na "Smazat"
- Počkej, dokud Status box nezobrazí " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Prosím o kontrolu LOGU Vyřešeno

Prosím o kontrolu LOGU

Re: Prosím o kontrolu LOGU

Re: Prosím o kontrolu LOGU

Re: Prosím o kontrolu LOGU

Re: Prosím o kontrolu LOGU

Re: Prosím o kontrolu LOGU

Re: Prosím o kontrolu LOGU

Re: Prosím o kontrolu LOGU

Re: Prosím o kontrolu LOGU

Re: Prosím o kontrolu LOGU

Re: Prosím o kontrolu LOGU

Re: Prosím o kontrolu LOGU

Kdo je online