PC-HELP.CZ

Prtosim o kontrolu logu - hrozne se zpomalil i již tak pomaly notebook:
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Hack\Plocha\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://searchinterneat-a.akamaihd.net/h ... czU1RNI1E=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://searchinterneat-a.akamaihd.net/h ... czU1RNI1E=
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Ask Shopping Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - "C:\Program Files\AskPartnerNetwork\Toolbar\ORJ\Passport.dll" (file missing)
O2 - BHO: Dragon Branch - {d640ce67-58e4-43c2-9adc-6bb959d7c606} - C:\Program Files\Dragon Branch\Extensions\d640ce67-58e4-43c2-9adc-6bb959d7c606.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll
O2 - BHO: HP Credential Manager for ProtectTools - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\HPQ\IAM\Bin\ItIeAddIN.dll
O3 - Toolbar: Ask Shopping Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - "C:\Program Files\AskPartnerNetwork\Toolbar\ORJ\Passport.dll" (file missing)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [PTHOSTTR] C:\Program Files\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe C:\PROGRA~1\HPQ\IAM\Bin\AsTsVcc.dll,RegisterModule
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [ApnTBMon] "C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.8.0_31\bin\jusched.exe
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [CDAServer] C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: RT-Updater-SVO.lnk = C:\Auto-diagnostika\VCDS.exe
O4 - Startup: RT-Updater.lnk = C:\Auto-diagnostika\vagcom.exe
O4 - Global Startup: ADnews.lnk = C:\Auto-diagnostika\ADnews.exe
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\lavasofttcpservice.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\lavasofttcpservice.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\lavasofttcpservice.dll
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net ... plugin.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 9857473312
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O20 - Winlogon Notify: OneCard - C:\Program Files\HPQ\IAM\Bin\AsWlnPkg.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Ask Update Service (APNMCP) - APN LLC. - C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: IE Search Set (SearchProtectionService) - Unknown owner - C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe
O23 - Service: Service Mgr DragonBranch - Unknown owner - C:\Documents and Settings\All Users\Data aplikací\b56dff5a-df23-4e43-acde-a4f08b8dcffb\plugincontainer.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SECONS uOBD Service (uobdserv) - Unknown owner - C:\WINDOWS\system32\uobdserv.exe
O23 - Service: Update Mgr DragonBranch - Unknown owner - C:\Program Files\Common Files\b56dff5a-df23-4e43-acde-a4f08b8dcffb\updater.exe

--
End of file - 10352 bytes

Chybí začátek logu..

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.
- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.


Stáhni si TFC
http://www.geekstogo.com/forum/files/fi ... -oldtimer/
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Stáhni AdwCleaner (by Xplode)
http://www.bleepingcomputer.com/download/adwcleaner/

Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu klikni na „Logfile“ ,objeví log ( jinak je uložen systémovem disku jako AdwCleaner[C?].txt), jeho obsah sem celý vlož.

Stáhni si Malwarebytes' Anti-Malware
- Při instalaci odeber zatržítko u „Povolit bezplatnou zkušební verzi Malwarebytes' Anti-Malware Premium“
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a klikni na Skenovat nyní a
- po proběhnutí programu se ti objeví hláška vpravo dole tak klikni na Uložit výsledky a vyber zkopírovat do schránky a vlož sem celý log.
-jinak se log nachází zde: C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Logs

- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).

Pokud budou problémy , spusť v nouz. režimu.

Posílam cely log, omlouvám se za chybu:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:48:25, on 30.6.2016
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)


Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe
C:\Documents and Settings\All Users\Data aplikací\b56dff5a-df23-4e43-acde-a4f08b8dcffb\plugincontainer.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\uobdserv.exe
C:\Program Files\Common Files\b56dff5a-df23-4e43-acde-a4f08b8dcffb\updater.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\HPQ\IAM\bin\asghost.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe
C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Auto-diagnostika\ADnews.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Hack\Plocha\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://searchinterneat-a.akamaihd.net/h ... czU1RNI1E=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://searchinterneat-a.akamaihd.net/h ... czU1RNI1E=
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Ask Shopping Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - "C:\Program Files\AskPartnerNetwork\Toolbar\ORJ\Passport.dll" (file missing)
O2 - BHO: Dragon Branch - {d640ce67-58e4-43c2-9adc-6bb959d7c606} - C:\Program Files\Dragon Branch\Extensions\d640ce67-58e4-43c2-9adc-6bb959d7c606.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll
O2 - BHO: HP Credential Manager for ProtectTools - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\HPQ\IAM\Bin\ItIeAddIN.dll
O3 - Toolbar: Ask Shopping Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - "C:\Program Files\AskPartnerNetwork\Toolbar\ORJ\Passport.dll" (file missing)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [PTHOSTTR] C:\Program Files\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe C:\PROGRA~1\HPQ\IAM\Bin\AsTsVcc.dll,RegisterModule
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [ApnTBMon] "C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.8.0_31\bin\jusched.exe
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [CDAServer] C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: RT-Updater-SVO.lnk = C:\Auto-diagnostika\VCDS.exe
O4 - Startup: RT-Updater.lnk = C:\Auto-diagnostika\vagcom.exe
O4 - Global Startup: ADnews.lnk = C:\Auto-diagnostika\ADnews.exe
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\lavasofttcpservice.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\lavasofttcpservice.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\lavasofttcpservice.dll
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net ... plugin.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 9857473312
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O20 - Winlogon Notify: OneCard - C:\Program Files\HPQ\IAM\Bin\AsWlnPkg.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Ask Update Service (APNMCP) - APN LLC. - C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: IE Search Set (SearchProtectionService) - Unknown owner - C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe
O23 - Service: Service Mgr DragonBranch - Unknown owner - C:\Documents and Settings\All Users\Data aplikací\b56dff5a-df23-4e43-acde-a4f08b8dcffb\plugincontainer.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SECONS uOBD Service (uobdserv) - Unknown owner - C:\WINDOWS\system32\uobdserv.exe
O23 - Service: Update Mgr DragonBranch - Unknown owner - C:\Program Files\Common Files\b56dff5a-df23-4e43-acde-a4f08b8dcffb\updater.exe

--
End of file - 10352 bytes

Zde je log z ADW Cleaner:

# AdwCleaner v5.201 - Log vytvořen 01/07/2016 v 10:42:32
# Aktualizováno 30/06/2016 by ToolsLib
# Databáze : 2016-06-30.2 [Místní]
# Operační system : Microsoft Windows XP Service Pack 3 (X86)
# Uživatelské jméno : Hack - HACK-NOTEBOOK
# Spuštěno z : C:\Documents and Settings\Hack\Plocha\AdwCleaner(1).exe
# Nastavení : Sken
# Podpora : https://toolslib.net/forum

***** [ Služby ] *****

Služba Nalezeno : APNMCP
Služba Nalezeno : SearchProtectionService
Služba Nalezeno : Service Mgr DragonBranch
Služba Nalezeno : Update Mgr DragonBranch

***** [ Složky ] *****

Složka Nalezeno : C:\Documents and Settings\All Users\Data aplikací\apn
Složka Nalezeno : C:\Documents and Settings\All Users\Data aplikací\Ask
Složka Nalezeno : C:\Documents and Settings\All Users\Data aplikací\AskPartnerNetwork
Složka Nalezeno : C:\Documents and Settings\All Users\Data aplikací\b56dff5a-df23-4e43-acde-a4f08b8dcffb
Složka Nalezeno : C:\Documents and Settings\All Users\Data aplikací\lavasoft\web companion
Složka Nalezeno : C:\Documents and Settings\All Users\Data aplikací\b56dff5a-df23-4e43-acde-a4f08b8dcffb
Složka Nalezeno : C:\Documents and Settings\All Users\Data aplikací\b56dff5a-df23-4e43-acde-a4f08b8dcffb
Složka Nalezeno : C:\Program Files\AskPartnerNetwork
Složka Nalezeno : C:\Program Files\Dragon Branch
Složka Nalezeno : C:\Program Files\lavasoft\web companion
Složka Nalezeno : C:\Program Files\Dragon Branch
Složka Nalezeno : C:\Program Files\Common Files\b56dff5a-df23-4e43-acde-a4f08b8dcffb
Složka Nalezeno : C:\Program Files\Common Files\b56dff5a-df23-4e43-acde-a4f08b8dcffb
Složka Nalezeno : C:\Program Files\Common Files\b56dff5a-df23-4e43-acde-a4f08b8dcffb
Složka Nalezeno : C:\DOCUME~1\Hack\LOCALS~1\Temp\apn

***** [ Soubory ] *****

Soubor Nalezeno : C:\WINDOWS\system32\lavasofttcpservice.dll

***** [ DLL ] *****


***** [ WMI ] *****


***** [ Zástupci ] *****


***** [ Naplánované úlohy ] *****


***** [ Registry ] *****

Klíč Nalezeno : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Klíč Nalezeno : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Klíč Nalezeno : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Klíč Nalezeno : HKLM\SOFTWARE\Classes\protector_dll.Protector
Klíč Nalezeno : HKLM\SOFTWARE\Classes\protector_dll.Protector.1
Klíč Nalezeno : HKLM\SOFTWARE\Classes\protector_dll.ProtectorBho
Klíč Nalezeno : HKLM\SOFTWARE\Classes\protector_dll.ProtectorBho.1
Klíč Nalezeno : HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib
Klíč Nalezeno : HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib.1
Klíč Nalezeno : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\AppID\{61322f36-d035-4cad-9bd8-0b3bcfe6d6da}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\AppID\{cec8abab-6ff4-4d85-a2ec-455219170b33}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{44CBC005-6243-4502-8A02-3A096A282664}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{80703783-E415-4EE3-AB60-D36981C5A6F1}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{D8278076-BC68-4484-9233-6E7F1628B56C}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{F297534D-7B06-459D-BC19-2DD8EF69297B}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{B853E835-9F24-4F4B-B55C-E554D15CCCD2}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{D640CE67-58E4-43C2-9ADC-6BB959D7C606}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{d640ce67-58e4-43c2-9adc-6bb959d7c606}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\Interface\{80703783-E415-4EE3-AB60-D36981C5A6F1}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\Interface\{884189CF-7C10-41E8-A014-F7B2BE40AADB}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\Interface\{BD125908-5F10-409F-9C01-F2207CA18887}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\Interface\{6575033D-9E87-4BD2-B7E9-75487367CBC4}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{EEA63863-87BC-4DCA-A5B5-EB97E3B04806}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{78F6156C-0E9D-4756-8AB7-4B7C3DC05E75}
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D640CE67-58E4-43C2-9ADC-6BB959D7C606}
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d640ce67-58e4-43c2-9adc-6bb959d7c606}
Klíč Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Klíč Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D640CE67-58E4-43C2-9ADC-6BB959D7C606}
Klíč Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{d640ce67-58e4-43c2-9adc-6bb959d7c606}
Klíč Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Klíč Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D640CE67-58E4-43C2-9ADC-6BB959D7C606}
Klíč Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{d640ce67-58e4-43c2-9adc-6bb959d7c606}
Hodnota Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Hodnota Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Klíč Nalezeno : HKCU\Software\AskPartnerNetwork
Klíč Nalezeno : HKCU\Software\VIS
Klíč Nalezeno : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\Extensions
Klíč Nalezeno : HKLM\SOFTWARE\AskPartnerNetwork
Klíč Nalezeno : HKLM\SOFTWARE\DragonBranch
Klíč Nalezeno : HKLM\SOFTWARE\Uniblue
Klíč Nalezeno : HKLM\SOFTWARE\Lavasoft\Web Companion
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Dragon Branch
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Dragon Branch
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Dragon Branch
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Klíč Nalezeno : HKU\.DEFAULT\Software\AskPartnerNetwork
Klíč Nalezeno : HKU\S-1-5-21-1085031214-1450960922-839522115-1004\Software\AskPartnerNetwork
Klíč Nalezeno : HKU\S-1-5-21-1085031214-1450960922-839522115-1004\Software\VIS
Klíč Nalezeno : HKU\S-1-5-18\Software\AskPartnerNetwork
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8036C72171EF4ba46856BF57969F6A36
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\89BB7852687BDC34B9A81E01C7FF9173
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CBC85D72B148084ABE8C2F072F781F4
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CC5A38A64D6098468BC8395BA0EFF03
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8DF9A1AC557F56c49B56F6B83E293C15
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A97C590397DCC454AA8923563BAB10E4
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B08932C78B697C244BE7BA3E6FF09B62
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CFA51B44D54927c4E9B7BC1D3FD1E49F
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D14A7F65792054F418578C78367D13F7
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DFE9F0BD163D827438CB6AD6B100EC48
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F739A19A8327dc64C9A8B641A9E89646
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\158D6D9E3FE81fa428925F22ACB3A965
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\15E6C514FEFC09f45BAFAAE1D7546ED4
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1DB42320A8525634AA089F0BEC86473B
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\22468B0D6050b2e46B9C4B67A8F59577
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2251BF05A2F606d43BB064BD63CBD87E
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3255D95681398614190EDF0A4F3F77DB
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3CDF313E9B28c944FBC7579CF4949414
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\71E54748EDD3dc1468548785DC856EDA
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\754590DD06DE8d249B526503432F99D4
Klíč Nalezeno : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
Data Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://searchinterneat-a.akamaihd.net/h ... czU1RNI1E=
Data Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://searchinterneat-a.akamaihd.net/h ... czU1RNI1E=
Data Nalezeno : HKU\S-1-5-21-1085031214-1450960922-839522115-1004\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://searchinterneat-a.akamaihd.net/h ... czU1RNI1E=
Hodnota Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DoNotAskAgain]
Klíč Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{75BA9355-486C-4FDA-8AB6-2FAB45A4B444}
Data Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] - {75BA9355-486C-4FDA-8AB6-2FAB45A4B444}
Hodnota Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DoNotAskAgain]
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{75BA9355-486C-4FDA-8AB6-2FAB45A4B444}
Data Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope] - {75BA9355-486C-4FDA-8AB6-2FAB45A4B444}
Hodnota Nalezeno : HKU\S-1-5-21-1085031214-1450960922-839522115-1004\Software\Microsoft\Internet Explorer\SearchScopes [DoNotAskAgain]
Klíč Nalezeno : HKU\S-1-5-21-1085031214-1450960922-839522115-1004\Software\Microsoft\Internet Explorer\SearchScopes\{75BA9355-486C-4FDA-8AB6-2FAB45A4B444}
Data Nalezeno : HKU\S-1-5-21-1085031214-1450960922-839522115-1004\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] - {75BA9355-486C-4FDA-8AB6-2FAB45A4B444}
Klíč Nalezeno : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\akamaihd.net
Klíč Nalezeno : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\tlscdn.com
Hodnota Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTBMon]

***** [ Prohlížeče ] *****


*************************

C:\AdwCleaner\AdwCleaner[S1].txt - [13884 bytů] - [01/07/2016 10:42:32]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [13958 bytů] ##########

Problem je z instalaci Malwarebytes . Při instalaci vyskakuji interni chyby a nemohu tento program nainstalovat.

Jelikož chyběla hlavička HJT logu, nevěděli jsme, že máš Windows XP. Na nich MBAM blbne, takže vynech tento krok.

- Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
- Klikni na „ Smazat“
- Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [C?].txt) , jeho obsah sem celý vlož.

====================================================

Stáhni si Junkware Removal Tool by Thisisu
http://www.bleepingcomputer.com/downloa ... oval-tool/
na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

====================================================

Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- Počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

Tady je ADW :
# AdwCleaner v5.201 - Log vytvořen 02/07/2016 v 09:11:13
# Aktualizováno 30/06/2016 by ToolsLib
# Databáze : 2016-07-01.1 [Server]
# Operační system : Microsoft Windows XP Service Pack 3 (X86)
# Uživatelské jméno : Hack - HACK-NOTEBOOK
# Spuštěno z : C:\Documents and Settings\Hack\Plocha\AdwCleaner(1).exe
# Nastavení : Čištění
# Podpora : https://toolslib.net/forum

***** [ Služby ] *****

[-] Služba Smazáno : APNMCP
[-] Služba Smazáno : SearchProtectionService
[-] Služba Smazáno : Service Mgr DragonBranch
[-] Služba Smazáno : Update Mgr DragonBranch

***** [ Složky ] *****

[-] Složka Smazáno : C:\Documents and Settings\All Users\Data aplikací\apn
[-] Složka Smazáno : C:\Documents and Settings\All Users\Data aplikací\Ask
[-] Složka Smazáno : C:\Documents and Settings\All Users\Data aplikací\AskPartnerNetwork
[-] Složka Smazáno : C:\Documents and Settings\All Users\Data aplikací\b56dff5a-df23-4e43-acde-a4f08b8dcffb
[-] Složka Smazáno : C:\Documents and Settings\All Users\Data aplikací\lavasoft\web companion
[#] Složka Smazáno : C:\Documents and Settings\All Users\Data aplikací\b56dff5a-df23-4e43-acde-a4f08b8dcffb
[#] Složka Smazáno : C:\Documents and Settings\All Users\Data aplikací\b56dff5a-df23-4e43-acde-a4f08b8dcffb
[+] Složka Smazáno : C:\Program Files\AskPartnerNetwork
[-] Složka Smazáno : C:\Program Files\Dragon Branch
[-] Složka Smazáno : C:\Program Files\lavasoft\web companion
[#] Složka Smazáno : C:\Program Files\Dragon Branch
[-] Složka Smazáno : C:\Program Files\Common Files\b56dff5a-df23-4e43-acde-a4f08b8dcffb
[#] Složka Smazáno : C:\Program Files\Common Files\b56dff5a-df23-4e43-acde-a4f08b8dcffb
[#] Složka Smazáno : C:\Program Files\Common Files\b56dff5a-df23-4e43-acde-a4f08b8dcffb
[-] Složka Smazáno : C:\DOCUME~1\Hack\LOCALS~1\Temp\apn

***** [ Soubory ] *****

[-] Soubor Smazáno : C:\WINDOWS\system32\lavasofttcpservice.dll

***** [ DLLs ] *****


***** [ WMI ] *****


***** [ Zástupci ] *****


***** [ Naplánované úlohy ] *****


***** [ Registry ] *****

[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\protector_dll.Protector
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\protector_dll.Protector.1
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\protector_dll.ProtectorBho
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\protector_dll.ProtectorBho.1
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib.1
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{61322f36-d035-4cad-9bd8-0b3bcfe6d6da}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{cec8abab-6ff4-4d85-a2ec-455219170b33}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{44CBC005-6243-4502-8A02-3A096A282664}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{80703783-E415-4EE3-AB60-D36981C5A6F1}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{D8278076-BC68-4484-9233-6E7F1628B56C}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{F297534D-7B06-459D-BC19-2DD8EF69297B}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{B853E835-9F24-4F4B-B55C-E554D15CCCD2}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{D640CE67-58E4-43C2-9ADC-6BB959D7C606}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{80703783-E415-4EE3-AB60-D36981C5A6F1}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{884189CF-7C10-41E8-A014-F7B2BE40AADB}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{BD125908-5F10-409F-9C01-F2207CA18887}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{6575033D-9E87-4BD2-B7E9-75487367CBC4}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{EEA63863-87BC-4DCA-A5B5-EB97E3B04806}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{78F6156C-0E9D-4756-8AB7-4B7C3DC05E75}
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D640CE67-58E4-43C2-9ADC-6BB959D7C606}
[-] Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
[-] Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D640CE67-58E4-43C2-9ADC-6BB959D7C606}
[-] Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
[-] Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D640CE67-58E4-43C2-9ADC-6BB959D7C606}
[-] Hodnota Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
[-] Hodnota Smazáno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
[-] Klíč Smazáno : HKCU\Software\AskPartnerNetwork
[-] Klíč Smazáno : HKCU\Software\VIS
[-] Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\Extensions
[-] Klíč Smazáno : HKLM\SOFTWARE\AskPartnerNetwork
[-] Klíč Smazáno : HKLM\SOFTWARE\DragonBranch
[-] Klíč Smazáno : HKLM\SOFTWARE\Uniblue
[-] Klíč Smazáno : HKLM\SOFTWARE\Lavasoft\Web Companion
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Dragon Branch
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
[-] Klíč Smazáno : HKU\.DEFAULT\Software\AskPartnerNetwork
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8036C72171EF4ba46856BF57969F6A36
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\89BB7852687BDC34B9A81E01C7FF9173
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CBC85D72B148084ABE8C2F072F781F4
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CC5A38A64D6098468BC8395BA0EFF03
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8DF9A1AC557F56c49B56F6B83E293C15
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A97C590397DCC454AA8923563BAB10E4
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B08932C78B697C244BE7BA3E6FF09B62
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CFA51B44D54927c4E9B7BC1D3FD1E49F
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D14A7F65792054F418578C78367D13F7
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DFE9F0BD163D827438CB6AD6B100EC48
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F739A19A8327dc64C9A8B641A9E89646
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\158D6D9E3FE81fa428925F22ACB3A965
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\15E6C514FEFC09f45BAFAAE1D7546ED4
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1DB42320A8525634AA089F0BEC86473B
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\22468B0D6050b2e46B9C4B67A8F59577
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2251BF05A2F606d43BB064BD63CBD87E
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3255D95681398614190EDF0A4F3F77DB
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3CDF313E9B28c944FBC7579CF4949414
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\71E54748EDD3dc1468548785DC856EDA
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\754590DD06DE8d249B526503432F99D4
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
[-] Data Obnoveno : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Obnoveno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Obnoveno : HKU\S-1-5-21-1085031214-1450960922-839522115-1004\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Hodnota Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DoNotAskAgain]
[-] Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{75BA9355-486C-4FDA-8AB6-2FAB45A4B444}
[-] Data Obnoveno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Hodnota Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DoNotAskAgain]
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{75BA9355-486C-4FDA-8AB6-2FAB45A4B444}
[-] Data Obnoveno : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[#] Hodnota Smazáno : HKU\S-1-5-21-1085031214-1450960922-839522115-1004\Software\Microsoft\Internet Explorer\SearchScopes [DoNotAskAgain]
[-] Data Obnoveno : HKU\S-1-5-21-1085031214-1450960922-839522115-1004\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\akamaihd.net
[-] Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\tlscdn.com
[-] Hodnota Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTBMon]

***** [ Prohlížeče ] *****


*************************

:: "Tracing" klíče smazány
:: Nastavení Winsock vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [12849 bytů] - [02/07/2016 09:11:14]
C:\AdwCleaner\AdwCleaner[S1].txt - [14038 bytů] - [01/07/2016 10:42:32]
C:\AdwCleaner\AdwCleaner[S2].txt - [14110 bytů] - [02/07/2016 09:07:06]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [13071 bytů] ##########

Potom JRT:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.6 (04.25.2016)
Operating System: Microsoft Windows XP x86
Ran by Hack (Administrator) on so 02.07.2016 at 9:34:56,23
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 10

Successfully deleted: C:\Documents and Settings\Hack\Data aplikacˇ\lavasoft\web companion (Folder)
Successfully deleted: C:\Documents and Settings\Hack\Data aplikacˇ\opencandy (Folder)
Successfully deleted: C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\326W98M3 (Temporary Internet Files Folder)
Successfully deleted: C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\AVA9EVUA (Temporary Internet Files Folder)
Successfully deleted: C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\DUJ0R4Z6 (Temporary Internet Files Folder)
Successfully deleted: C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\RI5CDSIB (Temporary Internet Files Folder)
Successfully deleted: C:\WINDOWS\System32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\326W98M3 (Temporary Internet Files Folder)
Successfully deleted: C:\WINDOWS\System32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\AVA9EVUA (Temporary Internet Files Folder)
Successfully deleted: C:\WINDOWS\System32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\DUJ0R4Z6 (Temporary Internet Files Folder)
Successfully deleted: C:\WINDOWS\System32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\RI5CDSIB (Temporary Internet Files Folder)



Registry: 1

Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\Search\\SearchAssistant (Registry Value)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on so 02.07.2016 at 9:40:07,50
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

A nakonec rouge :

RogueKiller V12.3.6.0 [Jun 27 2016] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/software/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno : Normální režim
Uživatel : Hack [Práva správce]
Started from : C:\Documents and Settings\Hack\Plocha\RogueKiller.exe
Mód : Prohledat -- Datum : 07/02/2016 10:23:29

¤¤¤ Procesy : 1 ¤¤¤
[Proc.Injected] SynTPEnh.exe(2124) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[x] -> Nalezeno

¤¤¤ Registry : 12 ¤¤¤
[PUP] HKEY_LOCAL_MACHINE\Software\Driver-Soft -> Nalezeno
[PUP] HKEY_LOCAL_MACHINE\System\ControlSet003\Services\APNMCP ("C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe") -> Nalezeno
[PUP] HKEY_LOCAL_MACHINE\System\ControlSet003\Services\Service Mgr DragonBranch ("C:\Documents and Settings\All Users\Data aplikací\b56dff5a-df23-4e43-acde-a4f08b8dcffb\plugincontainer.exe") -> Nalezeno
[PUM.Dns] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.1 ([]) -> Nalezeno
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.1 ([]) -> Nalezeno
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet003\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.1 ([]) -> Nalezeno
[PUM.Dns] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{BAECEB08-6FE4-4390-8957-59E7D543DF5B} | DhcpNameServer : 10.0.0.1 ([]) -> Nalezeno
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{BAECEB08-6FE4-4390-8957-59E7D543DF5B} | DhcpNameServer : 10.0.0.1 ([]) -> Nalezeno
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet003\Services\Tcpip\Parameters\Interfaces\{BAECEB08-6FE4-4390-8957-59E7D543DF5B} | DhcpNameServer : 10.0.0.1 ([]) -> Nalezeno
[PUM.SecurityCenter] HKEY_LOCAL_MACHINE\Software\Microsoft\Security Center | AntiVirusDisableNotify : 1 -> Nalezeno
[PUM.SecurityCenter] HKEY_LOCAL_MACHINE\Software\Microsoft\Security Center | FirewallDisableNotify : 1 -> Nalezeno
[PUM.SecurityCenter] HKEY_LOCAL_MACHINE\Software\Microsoft\Security Center | UpdatesDisableNotify : 1 -> Nalezeno

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 0 ¤¤¤

¤¤¤ Antirootkit : 1 (Driver: Nahrán) ¤¤¤
[IRP:Inl(Hook.IRP)] \Driver\atapi - IRP_MJ_INTERNAL_DEVICE_CONTROL[15] : Unknown @ 0xffffffff83560100 (jmp 0xffffffe2|jmp 0xfffffff0|jmp 0xfffffff0|jmp 0xfffffff0|jmp 0xfffffff0)

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: ST960812A +++++
--- User ---
[MBR] 2cd6921e0bf3139809cf17be485ef310
[BSP] b4549eaabeb9cf9718a3b8fa324aa54f : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 63 | Size: 57224 MB [Windows XP Bootstrap | Windows XP Bootloader]
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: Corsair Voyager USB Device +++++
--- User ---
[MBR] 84aa98f06e028de06fc6710c3451ffdb
[BSP] a83a24340e59ea8cbbf2d8eaa19e98b0 : Windows XP MBR Code
Partition table:
0 - [XXXXXX] FAT32-LBA (0xc) [VISIBLE] Offset (sectors): 2048 | Size: 7701 MB
User = LL1 ... OK
Error reading LL2 MBR! ([32] Po?adavek není podporován. )

Ještě jsem zjistil,že jak dam do noteboku flaschku,tak se mi hned na ni infikujou exe soubory treba JRT virem W32.sality!dr.

Jde ho take nejak odstranit?

Stáhni si UsbFix na plochu.
Zavři všechny ostatní okna a prohlížeče.
Připoj do počítače všechny externí USB zařízení (externí disky, flash disky ..) které používáš.
Klikni pravým na stáhnutý UsbFix a spusť ho jako správce.
Klikni na Clean a počkej, dokud sken neskončí.
Následně by se ti na ploše měl vytvořit log a pokud tam nebude, tak bude ve složce C:\UsbFix\Log\, ten sem vlož.
Otevři znovu UsbFix a klikni na Uninstall.

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB (kromě myši s klávesnice) nebo externí disky z počítače před spuštěním tohoto programu.
Spusť znovu RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Pak klikni na "Prohledat " ,po jeho skončení:
- V záložkách (Registry , Tasks , Web Browser apod.) vše zatrhni (dej zatržítka)
(musíš dát myší zatržítko do toho čtverečku vlevo od registru ap.)
- Klikni na "Smazat"
- Počkej, dokud Status box nezobrazí " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

Vypni antivir
Stáhni
Zoek.exe

a uloz si ho na plochu.
Zavři všechny ostatní programy , okna i prohlížeče.
Spusť Zoek.exe ( u win vista , win7, 8 klikni na něj pravým a vyber : „Spustit jako správce“
- pozor , náběh programu může trvat déle.

Do okna programu vlož skript níže:


klikni na Run Script
Program provede sken , opravu, sken i oprava může trvat i více minut ,je třeba posečkat do konce. Do okna neklikej!
Program nabídne restart , potvrď .

Po restartu se může nějaký čas ukázat pouze černá plocha , to je normální. Je třeba počkat až se vytvoří log. Ten si můžeš uložit třeba do dokumentů , jinak se sám ukládá do:
C:\zoek-results.log
Zkopíruj sem celý obsah toho logu.

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.