Moc Vás prosím o kontrolu logu. Pomalý jak slon Děkuji

steward06 · Příspěvekod **steward06** » 12 kvě 2015 16:10

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:37:04, on 12.5.2015
Platform: Unknown Windows (WinNT 6.01.3505 SP1)
MSIE: Internet Explorer v11.0 (11.00.9600.17728)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\igfxpers.exe
C:\Windows\System32\hkcmd.exe
C:\Program Files\DFX\DFX.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Logitech\Profiler\LWEMon.exe
C:\Program Files\DFX\Universal\Apps\DfxSharedApp32.exe
C:\Users\Doma\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Doma\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hp&t ... K4949K4949
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.oursurfing.com/web/?type=dsp ... 49K4949&q={searchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.oursurfing.com/web/?type=dsp ... 49K4949&q={searchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com/?type=hp&t ... K4949K4949
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hp&t ... K4949K4949
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com/web/?type= ... 49K4949&q={searchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com/web/?type= ... 49K4949&q={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com/?type=hp&t ... K4949K4949
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [DFX] C:\Program Files\DFX\DFX.exe -startup
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [1C644EF510D66F77E25C24D0EF8A1243BE101440._service_run] "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=service
O4 - HKCU\..\Run: [Start WingMan Profiler] "C:\Program Files\Logitech\Profiler\lwemon.exe" /noui
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Doma\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Doma\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O13 - Gopher Prefix:
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

--
End of file - 6632 bytes

Reklama

Příspěvekod **jerabina** » 12 kvě 2015 16:11

Tak jo, začneme klasikou a dále uvidíme :-)

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.

===================================================

Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

===================================================

Stáhni AdwCleaner (by Xplode)

Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

===================================================

Stáhni si Malwarebytes' Anti-Malware
- Při instalaci odeber zatržítko u „Povolit bezplatnou zkušební verzi Malwarebytes' Anti-Malware Premium“
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a klikni na Skenovat nyní a
- po proběhnutí programu se ti objeví hláška vpravo dole tak klikni na Kopírovat do schránky a a vlož sem celý log.

- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).

Pokud budou problémy , spusť v nouz. režimu.

steward06 · Příspěvekod **steward06** » 12 kvě 2015 16:52

# AdwCleaner v4.203 - Logfile created 12/05/2015 at 16:45:55
# Updated 30/04/2015 by Xplode
# Database : 2015-05-12.2 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x86)
# Username : Doma - DOMA-PC
# Running from : C:\Users\Doma\Desktop\adwcleaner_4.203.exe
# Option : Scan

***** [ Services ] *****

***** [ Files / Folders ] *****

File Found : C:\Users\Doma\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.oursurfing.com_0.localstorage
File Found : C:\Users\Doma\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.oursurfing.com_0.localstorage-journal
Folder Found : C:\Program Files\IncludeEdit
Folder Found : C:\Program Files\PriiceMinuus
Folder Found : C:\Program Files\PrriceMiinUs
Folder Found : C:\Program Files\ShopperPro
Folder Found : C:\Program Files\XTab
Folder Found : C:\Program Files\YTDownloader
Folder Found : C:\ProgramData\9379662353258258540
Folder Found : C:\ProgramData\blgedkhpbgoligglmphnngfjmnmokphg
Folder Found : C:\ProgramData\blgedkhpbgoligglmphnngfjmnmokphg
Folder Found : C:\ProgramData\IHProtectUpDate
Folder Found : C:\ProgramData\imeoijidjaogmogdphfcbafaflikhjlo
Folder Found : C:\ProgramData\imeoijidjaogmogdphfcbafaflikhjlo
Folder Found : C:\ProgramData\ShopperPro
Folder Found : C:\ProgramData\WindowsMangerProtect
Folder Found : C:\Users\Doma\AppData\Local\BrowserHelper
Folder Found : C:\Users\Doma\AppData\Roaming\EZDownloader
Folder Found : C:\Users\Doma\AppData\Roaming\oursurfing

***** [ Scheduled tasks ] *****

***** [ Shortcuts ] *****

Shortcut Infected : C:\Users\Public\Desktop\Google Chrome.lnk
Shortcut Infected : C:\Users\Doma\Desktop\Spouštěč aplikací Chrome.lnk
Shortcut Infected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Shortcut Infected : C:\Users\Doma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Shortcut Infected : C:\Users\Doma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Spouštěč aplikací Chrome.lnk
Shortcut Infected : C:\Users\Doma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\BitGo.lnk
Shortcut Infected : C:\Users\Doma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Shortcut Infected : C:\Users\Doma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Shortcut Infected : C:\Users\Doma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Shortcut Infected : C:\Users\Doma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk

***** [ Registry ] *****

Data Found : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command [(Default)] - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.oursurfing.com/?type=sc&ts=1 ... K4949K4949
Key Found : HKCU\Software\AppDataLow\Software\Crossrider
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance
Key Found : HKCU\Software\simplytech
Key Found : HKCU\Software\TNT2
Key Found : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
Key Found : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Found : HKLM\SOFTWARE\276a0bf5-aa41-9c78-9f92-e31ef96c1f3a
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{40951615-F2E2-4855-9BB0-68F80D247514}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{ADA38E4E-F20A-4399-BE91-E260AC341C69}
Key Found : HKLM\SOFTWARE\IHProtect
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance
Key Found : HKLM\SOFTWARE\mystartsearchSoftware
Key Found : HKLM\SOFTWARE\oursurfingSoftware
Key Found : HKLM\SOFTWARE\Speedchecker Limited
Key Found : HKLM\SOFTWARE\SupDp
Key Found : HKLM\SOFTWARE\supWindowsMangerProtect
Key Found : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17728

Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page] - hxxp://www.oursurfing.com/web/?type=dsp ... 49K4949&q={searchTerms}
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.mystartsearch.com/?type=hp&t ... K4949K4949
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.mystartsearch.com/?type=hp&t ... K4949K4949
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://www.oursurfing.com/web/?type=dsp ... 49K4949&q={searchTerms}
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://www.mystartsearch.com/web/?type= ... 49K4949&q={searchTerms}
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.mystartsearch.com/?type=hp&t ... K4949K4949
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.mystartsearch.com/?type=hp&t ... K4949K4949
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://www.mystartsearch.com/web/?type= ... 49K4949&q={searchTerms}

-\\ Google Chrome v42.0.2311.135

[C:\Users\Doma\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://www.mystartsearch.com/web/?type= ... 49K4949&q={searchTerms}
[C:\Users\Doma\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://www.oursurfing.com/web/?type=ds& ... 49K4949&q={searchTerms}
[C:\Users\Doma\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Found [Extension] : bopakagnckmlgajfccecajhnimjiiedh
[C:\Users\Doma\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Found [Extension] : blgedkhpbgoligglmphnngfjmnmokphg
[C:\Users\Doma\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Found [Extension] : imeoijidjaogmogdphfcbafaflikhjlo

-\\ Opera v0.0.0.0

*************************

AdwCleaner[R0].txt - [8414 bytes] - [12/05/2015 16:45:55]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [8473 bytes] ##########

steward06 · Příspěvekod **steward06** » 12 kvě 2015 17:31

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 12.5.2015
Čas skenování: 16:53:19
Protokol:
Správce: Ano

Verze: 2.01.6.1022
Databáze malwaru: v2015.03.09.05
Databáze rootkitů: v2015.04.21.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x86
Souborový systém: NTFS
Uživatel: Doma

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 424646
Uplynulý čas: 37 min, 19 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 22
PUP.Optional.Multiplug, HKU\S-1-5-21-2297444518-351592084-1249262491-1000_Classes\TYPELIB\{157B1AA6-3E5C-404A-9118-C1D91F537040}, , [f881f152206afe38def39387996a48b8],
PUP.Optional.Multiplug, HKU\S-1-5-21-2297444518-351592084-1249262491-1000_Classes\INTERFACE\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}, , [f881f152206afe38def39387996a48b8],
PUP.Optional.IHProtect.A, HKLM\SOFTWARE\IHProtect, , [b0c94df6711945f1e9f49d13f112e719],
PUP.Optional.MyStartSearch.A, HKLM\SOFTWARE\mystartsearchSoftware, , [2257ef5409810c2a535d38803bc815eb],
PUP.Optional.SpeedChecker.A, HKLM\SOFTWARE\Speedchecker Limited, , [1267142f7e0c340253592d8711f218e8],
PUP.Optional.WPM.A, HKLM\SOFTWARE\supWindowsMangerProtect, , [6910bd86652554e28352ff2bd332619f],
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, , [aacf3f04fa9064d2e4bb2aece61fca36],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\IMBoosterARP, , [5227bb886a2043f30d7dfaaf0cf77c84],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\IminentToolbar, , [6712aa994941d85e6128d0d9b54e9070],
PUP.Optional.Vosteran, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Vosteran.com, , [a9d0083b3654a78f5fc807b2897ae719],
PUP.Optional.Wajam.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\WajIntEnhance, , [92e744ff0a8065d14344981158ab08f8],
PUP.Optional.MultiPlug, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{4820778D-AB0D-6D18-C316-52A6A0E1D507}, , [aacf063dd2b849ed496ce8dcf40fd42c],
PUP.Optional.WindowsMangerProtect.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\WindowsMangerProtect, , [a3d6b78cf397340208cf9229ee1544bc],
PUP.Optional.TNT.A, HKU\S-1-5-21-2297444518-351592084-1249262491-1000\SOFTWARE\TNT2, , [0b6e360da9e138fe5618d2d9a36019e7],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2297444518-351592084-1249262491-1000\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, , [ed8c2a19e7a392a4191f3ee1c5403cc4],
PUP.Optional.Qone8, HKU\S-1-5-21-2297444518-351592084-1249262491-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, , [c1b8f0530a80a096237b17ff55b023dd],
PUP.Optional.Iminent.A, HKU\S-1-5-21-2297444518-351592084-1249262491-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\IMBoosterARP, , [78015de65b2f70c6a0d11b8a15ee7b85],
PUP.Optional.Iminent.A, HKU\S-1-5-21-2297444518-351592084-1249262491-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\IminentToolbar, , [74053310deaca98d7ef44b5a29da47b9],
PUP.Optional.Linkey.A, HKU\S-1-5-21-2297444518-351592084-1249262491-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Linkey, , [b2c742017317c175383b099cd330e020],
PUP.Optional.Vosteran.A, HKU\S-1-5-21-2297444518-351592084-1249262491-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Vosteran.com, , [9cdd0f3413777db993e14362b44f926e],
PUP.Optional.Wajam.A, HKU\S-1-5-21-2297444518-351592084-1249262491-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\WajIntEnhance, , [c5b421225e2c1d19dc99d6cfa75c946c],
PUP.Optional.Wajam.A, HKU\S-1-5-21-2297444518-351592084-1249262491-1000\SOFTWARE\SIMPLYTECH\HomeTabWajIEnhance, , [20599ea5b0dac17565232b7ebb488c74],

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 7
PUP.Optional.MyStartSearch.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, http://www.mystartsearch.com/web/?type= ... 49K4949&q={searchTerms}, Dobré: (www.google.com), Špatné: (http://www.mystartsearch.com/web/?type= ... 49K4949&q={searchTerms}),,[8eebc67d1e6c0c2aea265a7ba1646e92]
PUP.Optional.MyStartSearch.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, http://www.mystartsearch.com/?type=hp&t ... K4949K4949, Dobré: (www.google.com), Špatné: (http://www.mystartsearch.com/?type=hp&t ... K4949K4949),,[522798ab62287cbad93720b54cb923dd]
PUP.Optional.MyStartSearch.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://www.mystartsearch.com/?type=hp&t ... K4949K4949, Dobré: (www.google.com), Špatné: (http://www.mystartsearch.com/?type=hp&t ... K4949K4949),,[ef8ac67dbcce87af0f019f3694714bb5]
PUP.Optional.MyStartSearch.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, http://www.mystartsearch.com/web/?type= ... 49K4949&q={searchTerms}, Dobré: (www.google.com), Špatné: (http://www.mystartsearch.com/web/?type= ... 49K4949&q={searchTerms}),,[2c4dbf849cee3ff7c05008cdff06da26]
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Dobré: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Špatné: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),,[2c4d85beb1d9a98d603a964b64a149b7]
PUP.Optional.MyStartSearch.A, HKU\S-1-5-21-2297444518-351592084-1249262491-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://www.mystartsearch.com/?type=hp&t ... K4949K4949, Dobré: (www.google.com), Špatné: (http://www.mystartsearch.com/?type=hp&t ... K4949K4949),,[c9b045fe4d3d2b0b070a6a6baa5b8b75]
PUP.Optional.MyStartSearch.A, HKU\S-1-5-21-2297444518-351592084-1249262491-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, http://www.mystartsearch.com/?type=hp&t ... K4949K4949, Dobré: (www.google.com), Špatné: (http://www.mystartsearch.com/?type=hp&t ... K4949K4949),,[6415a89b5f2b05314cc5f5e01ee70bf5]

Složky: 11
PUP.Optional.XTab.A, C:\Program Files\XTab, , [f5843112395196a0af2f961a8e75718f],
PUP.Optional.XTab.A, C:\Program Files\XTab\skin, , [f5843112395196a0af2f961a8e75718f],
PUP.Optional.XTab.A, C:\Program Files\XTab\skin\image, , [f5843112395196a0af2f961a8e75718f],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect, , [abce64df3c4e65d1118e1e62db289c64],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update, , [abce64df3c4e65d1118e1e62db289c64],
PUP.Optional.Cinema.A, C:\Program Files\CinemaP-1.9cV16.03, , [f8818eb51872360009d3f09ba063d12f],
PUP.Optional.ShopperPro, C:\ProgramData\ShopperPro, , [8aef40032c5eaa8c4bccfc9004ff8080],
PUP.Optional.EzDownloader.A, C:\Users\Doma\AppData\Roaming\EZDownloader, , [7efb6ed59ded96a0efffc1db0ff4f30d],
PUP.Optional.EzDownloader.A, C:\Users\Doma\AppData\Roaming\EZDownloader\Errors, , [7efb6ed59ded96a0efffc1db0ff4f30d],
PUP.Optional.IHProtectUpDate.A, C:\ProgramData\IHProtectUpDate, , [f188093aa7e34ee85dd9c8d550b31be5],
PUP.Optional.IHProtectUpDate.A, C:\ProgramData\IHProtectUpDate\update, , [f188093aa7e34ee85dd9c8d550b31be5],

Soubory: 24
PUP.Optional.XTab.A, C:\Program Files\XTab\uninstall.exe, , [f5843112395196a0af2f961a8e75718f],
PUP.Optional.XTab.A, C:\Program Files\XTab\conf, , [f5843112395196a0af2f961a8e75718f],
PUP.Optional.XTab.A, C:\Program Files\XTab\ffsearch_toolbar!1.0.0.1031.xpi, , [f5843112395196a0af2f961a8e75718f],
PUP.Optional.XTab.A, C:\Program Files\XTab\msvcp110.dll, , [f5843112395196a0af2f961a8e75718f],
PUP.Optional.XTab.A, C:\Program Files\XTab\msvcr110.dll, , [f5843112395196a0af2f961a8e75718f],
PUP.Optional.XTab.A, C:\Program Files\XTab\searchProvider.xml, , [f5843112395196a0af2f961a8e75718f],
PUP.Optional.XTab.A, C:\Program Files\XTab\skin\about.png, , [f5843112395196a0af2f961a8e75718f],
PUP.Optional.XTab.A, C:\Program Files\XTab\skin\about_bk.png, , [f5843112395196a0af2f961a8e75718f],
PUP.Optional.XTab.A, C:\Program Files\XTab\skin\btn.png, , [f5843112395196a0af2f961a8e75718f],
PUP.Optional.XTab.A, C:\Program Files\XTab\skin\btn_apply.png, , [f5843112395196a0af2f961a8e75718f],
PUP.Optional.XTab.A, C:\Program Files\XTab\skin\close.png, , [f5843112395196a0af2f961a8e75718f],
PUP.Optional.XTab.A, C:\Program Files\XTab\skin\conf.xml, , [f5843112395196a0af2f961a8e75718f],
PUP.Optional.XTab.A, C:\Program Files\XTab\skin\conf_back.png, , [f5843112395196a0af2f961a8e75718f],
PUP.Optional.XTab.A, C:\Program Files\XTab\skin\input_bk.png, , [f5843112395196a0af2f961a8e75718f],
PUP.Optional.XTab.A, C:\Program Files\XTab\skin\logo.png, , [f5843112395196a0af2f961a8e75718f],
PUP.Optional.XTab.A, C:\Program Files\XTab\skin\main.xml, , [f5843112395196a0af2f961a8e75718f],
PUP.Optional.XTab.A, C:\Program Files\XTab\skin\radio_1.png, , [f5843112395196a0af2f961a8e75718f],
PUP.Optional.XTab.A, C:\Program Files\XTab\skin\radio_2.png, , [f5843112395196a0af2f961a8e75718f],
PUP.Optional.XTab.A, C:\Program Files\XTab\skin\rigth_arrow.png, , [f5843112395196a0af2f961a8e75718f],
PUP.Optional.XTab.A, C:\Program Files\XTab\skin\settings.png, , [f5843112395196a0af2f961a8e75718f],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update\conf, , [abce64df3c4e65d1118e1e62db289c64],
PUP.Optional.ShopperPro, C:\ProgramData\ShopperPro\config.json, , [8aef40032c5eaa8c4bccfc9004ff8080],
PUP.Optional.ShopperPro, C:\ProgramData\ShopperPro\database1_0_0.ej, , [8aef40032c5eaa8c4bccfc9004ff8080],
PUP.Optional.IHProtectUpDate.A, C:\ProgramData\IHProtectUpDate\update\conf, , [f188093aa7e34ee85dd9c8d550b31be5],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)

(end)

Příspěvekod **jerabina** » 12 kvě 2015 17:32

Je tam toho dost

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
klikni na „Prohledat-Scan“, po prohledání klikni na „ Vymazat-Clean“

Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.

Spusť znovu MbAM a dej Skenovat nyní
- po proběhnutí programu se ti objeví hláška tak klikni na „Vše do karantény(smazat vybrané)“ a na „Exportovat záznam“ a vyber „textový soubor“ , soubor nějak pojmenuj a někam ho ulož. Zkopíruj se celý obsah toho logu.

Stáhni si Junkware Removal Tool by Thisisu

na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

steward06 · Příspěvekod **steward06** » 12 kvě 2015 17:39

RogueKiller je na strance http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe bohužel nedostupná. Zrejmě již adresa neexistuje... :-(

steward06 · Příspěvekod **steward06** » 12 kvě 2015 17:46

# AdwCleaner v4.203 - Logfile created 12/05/2015 at 17:40:47
# Updated 30/04/2015 by Xplode
# Database : 2015-05-12.2 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x86)
# Username : Doma - DOMA-PC
# Running from : C:\Users\Doma\Desktop\adwcleaner_4.203.exe
# Option : Cleaning

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\ShopperPro
Folder Deleted : C:\ProgramData\WindowsMangerProtect
Folder Deleted : C:\ProgramData\IHProtectUpDate
Folder Deleted : C:\ProgramData\9379662353258258540
Folder Deleted : C:\Program Files\ShopperPro
Folder Deleted : C:\Program Files\YTDownloader
Folder Deleted : C:\Program Files\XTab
Folder Deleted : C:\Program Files\IncludeEdit
Folder Deleted : C:\Program Files\PriiceMinuus
Folder Deleted : C:\Program Files\PrriceMiinUs
Folder Deleted : C:\Users\Doma\AppData\Local\BrowserHelper
Folder Deleted : C:\Users\Doma\AppData\Roaming\EZDownloader
Folder Deleted : C:\Users\Doma\AppData\Roaming\oursurfing
Folder Deleted : C:\ProgramData\blgedkhpbgoligglmphnngfjmnmokphg
Folder Deleted : C:\ProgramData\imeoijidjaogmogdphfcbafaflikhjlo
File Deleted : C:\Users\Doma\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.oursurfing.com_0.localstorage
File Deleted : C:\Users\Doma\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.oursurfing.com_0.localstorage-journal

***** [ Scheduled tasks ] *****

***** [ Shortcuts ] *****

Shortcut Disinfected : C:\Users\Public\Desktop\Google Chrome.lnk
Shortcut Disinfected : C:\Users\Doma\Desktop\Spouštěč aplikací Chrome.lnk
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Shortcut Disinfected : C:\Users\Doma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Shortcut Disinfected : C:\Users\Doma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Spouštěč aplikací Chrome.lnk
Shortcut Disinfected : C:\Users\Doma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\BitGo.lnk
Shortcut Disinfected : C:\Users\Doma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Shortcut Disinfected : C:\Users\Doma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Shortcut Disinfected : C:\Users\Doma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Shortcut Disinfected : C:\Users\Doma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk

***** [ Registry ] *****

Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Key Deleted : HKLM\SOFTWARE\276a0bf5-aa41-9c78-9f92-e31ef96c1f3a
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{40951615-F2E2-4855-9BB0-68F80D247514}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{ADA38E4E-F20A-4399-BE91-E260AC341C69}
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKCU\Software\simplytech
Key Deleted : HKCU\Software\TNT2
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\Speedchecker Limited
Key Deleted : HKLM\SOFTWARE\SupDp
Key Deleted : HKLM\SOFTWARE\supWindowsMangerProtect
Key Deleted : HKLM\SOFTWARE\mystartsearchSoftware
Key Deleted : HKLM\SOFTWARE\IHProtect
Key Deleted : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
Key Deleted : HKLM\SOFTWARE\oursurfingSoftware
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Linkey

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17728

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Google Chrome v42.0.2311.135

[C:\Users\Doma\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Extension] : bopakagnckmlgajfccecajhnimjiiedh
[C:\Users\Doma\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Extension] : blgedkhpbgoligglmphnngfjmnmokphg
[C:\Users\Doma\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Extension] : imeoijidjaogmogdphfcbafaflikhjlo

-\\ Opera v0.0.0.0

*************************

AdwCleaner[R0].txt - [8552 bytes] - [12/05/2015 16:45:55]
AdwCleaner[R1].txt - [8066 bytes] - [12/05/2015 17:36:13]
AdwCleaner[S0].txt - [6483 bytes] - [12/05/2015 17:40:47]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6542 bytes] ##########

steward06 · Příspěvekod **steward06** » 12 kvě 2015 17:55

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.7.0 (05.09.2015:1)
OS: Windows 7 Home Premium x86
Ran by Doma on Łt 12.05.2015 at 17:51:06,29
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Tasks

~~~ Registry Values

~~~ Registry Keys

~~~ Files

~~~ Folders

Successfully deleted: [Folder] C:\Program Files\driver-soft
Successfully deleted: [Folder] C:\ProgramData\drivergenius

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Łt 12.05.2015 at 17:54:37,98
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

steward06 · Příspěvekod **steward06** » 12 kvě 2015 18:09

RogueKiller V10.6.3.0 [May 11 2015] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno : Normální režim
Uživatel : Doma [Práva správce]
Started from : C:\Users\Doma\Desktop\RogueKiller.exe
Mód : Prohledat -- Datum : 05/12/2015 18:08:14

¤¤¤ Procesy : 1 ¤¤¤
[Proc.Svchost] svchost.exe(4216) -- C:\Windows\System32\svchost.exe[7] -> Zastaveno [TermProc]

¤¤¤ Registry : 5 ¤¤¤
[Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad | WebCheck : {E6FB5E20-DE35-11CF-9C87-00AA005127ED} -> Nalezeno
[Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast | (default) : {472083B0-C522-11CF-8763-00608CC02F24} -> Nalezeno
[Orphan] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{92780B25-18CC-41C8-B9BE-3C9C571A8263} | CLSID : {E0DD6CAB-2D10-11D2-8F1A-0000F87ABD16} -> Nalezeno
[PUM.DesktopIcons] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nalezeno
[PUM.DesktopIcons] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Nalezeno

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: WDC WD5000BEVT-24A0RT0 ATA Device +++++
--- User ---
[MBR] c6779c703352283bec535cd83e31a033
[BSP] 2e9af2c598e38f41896b5fce548a1281 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 474930 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] EXTEN (0x5) [VISIBLE] Offset (sectors): 972660734 | Size: 2007 MB
User = LL1 ... OK
User = LL2 ... OK

Příspěvekod **jerabina** » 12 kvě 2015 18:33

Tak ještě MBAM prosím :-)

steward06 · Příspěvekod **steward06** » 12 kvě 2015 18:39

Ano, pracuji na tom. Scan trvá bohužel dlouho tak cca 40min

steward06 · Příspěvekod **steward06** » 12 kvě 2015 19:08

RogueKiller V10.6.3.0 [May 11 2015] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno : Normální režim
Uživatel : Doma [Práva správce]
Started from : C:\Users\Doma\Desktop\RogueKiller.exe
Mód : Prohledat -- Datum : 05/12/2015 18:08:14

¤¤¤ Procesy : 1 ¤¤¤
[Proc.Svchost] svchost.exe(4216) -- C:\Windows\System32\svchost.exe[7] -> Zastaveno [TermProc]

¤¤¤ Registry : 5 ¤¤¤
[Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad | WebCheck : {E6FB5E20-DE35-11CF-9C87-00AA005127ED} -> Nalezeno
[Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast | (default) : {472083B0-C522-11CF-8763-00608CC02F24} -> Nalezeno
[Orphan] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{92780B25-18CC-41C8-B9BE-3C9C571A8263} | CLSID : {E0DD6CAB-2D10-11D2-8F1A-0000F87ABD16} -> Nalezeno
[PUM.DesktopIcons] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nalezeno
[PUM.DesktopIcons] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Nalezeno

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: WDC WD5000BEVT-24A0RT0 ATA Device +++++
--- User ---
[MBR] c6779c703352283bec535cd83e31a033
[BSP] 2e9af2c598e38f41896b5fce548a1281 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 474930 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] EXTEN (0x5) [VISIBLE] Offset (sectors): 972660734 | Size: 2007 MB
User = LL1 ... OK
User = LL2 ... OK

Moc Vás prosím o kontrolu logu. Pomalý jak slon Děkuji

Moc Vás prosím o kontrolu logu. Pomalý jak slon Děkuji

Re: Moc Vás prosím o kontrolu logu. Pomalý jak slon Děkuji

Re: Moc Vás prosím o kontrolu logu. Pomalý jak slon Děkuji

Re: Moc Vás prosím o kontrolu logu. Pomalý jak slon Děkuji

Re: Moc Vás prosím o kontrolu logu. Pomalý jak slon Děkuji

Re: Moc Vás prosím o kontrolu logu. Pomalý jak slon Děkuji

Re: Moc Vás prosím o kontrolu logu. Pomalý jak slon Děkuji

Re: Moc Vás prosím o kontrolu logu. Pomalý jak slon Děkuji

Re: Moc Vás prosím o kontrolu logu. Pomalý jak slon Děkuji

Re: Moc Vás prosím o kontrolu logu. Pomalý jak slon Děkuji

Re: Moc Vás prosím o kontrolu logu. Pomalý jak slon Děkuji

Re: Moc Vás prosím o kontrolu logu. Pomalý jak slon Děkuji

Kdo je online