Prosím o kontrolu logu

Kozlna · Příspěvekod **Kozlna** » 14 říj 2014 23:40

Prosím o kontrolu logu
Důvod: po zapnutí počítače zhruba 2,5 minuty ukazuje centrum sítových připojení a sdílení mezi počítačem a sítí vykřičník a mezi sítí a internetem je
křížek. internet explorer 11 ukazuje pouze možnost off-line. miniaplikace počasí závislé na připojení ale naskočí okamžitě chrome načte stránku a eset32 se také v tomto čase bez problémů z aktualizuje, Po uplynutí zhruba 2,5 minuty centrum sítových připojení a sdílení hlásí že je připojen k internetu, internet explorer pracuje normálně. Předem děkuji

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:53:14, on 14.10.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17344)

Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTray.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Users\TIMvelký\Downloads\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?

LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?

LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft

Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java

\jre7\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google

Toolbar\GoogleToolbar_32.dll
O2 - BHO: (no name) - {D5FEC983-01DB-414A-9456-AF95AC9ED7B5} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java

\jre7\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google

Toolbar\GoogleToolbar_32.dll
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\PROGRAM FILES\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE"
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:

\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:

\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:

\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office

\Office12\GrooveSystemServices.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files

(x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file

missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file

missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe

(file missing)
O23 - Service: Garmin Core Update Service - Garmin Ltd or its subsidiaries - C:\Program Files (x86)\Garmin\Core

Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update

\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update

\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater

\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common

Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:

\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel

\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:

\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation -

C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe

(file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA

Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation

\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file

missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows

\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows

\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file

missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows

\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe

(file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe

(file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files

(x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp

Utilities 2011\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows

\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation -

C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows

\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file

missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file

missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat

\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows

\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows

\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program

Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8800 bytes

Díky

Reklama

Příspěvekod **jaro3** » 15 říj 2014 10:12

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.

Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Stáhni AdwCleaner (by Xplode)
http://www.bleepingcomputer.com/download/adwcleaner/

Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

Stáhni si Malwarebytes' Anti-Malware
- Při instalaci odeber zatržítko u „Povolit bezplatnou zkušební verzi Malwarebytes' Anti-Malware Premium“
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a klikni na Skenovat nyní a
- po proběhnutí programu se ti objeví hláška vpravo dole tak klikni na b] Kopírovat do schránky [/b]a a vlož sem celý log.

- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).

Pokud budou problémy , spusť v nouz. režimu.

Kozlna · Příspěvekod **Kozlna** » 15 říj 2014 18:26

Moc děkuji za snahu řešit tuto pro mne záhadu.

# AdwCleaner v4.000 - Report created 15/10/2014 at 17:56:41
# Updated 12/10/2014 by Xplode
# Database : 2014-10-15.7
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : TIMvelký - TIMVELKY-PC
# Running from : C:\Users\TIMvelký\Desktop\adwcleaner_4.000.exe
# Option : Scan

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Found : C:\ProgramData\SoftSafe

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Found : HKCU\Software\usyndication.com
Key Found : HKCU\Software\VIS
Key Found : [x64] HKCU\Software\usyndication.com
Key Found : [x64] HKCU\Software\VIS
Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17344

-\\ Mozilla Firefox v

-\\ Google Chrome v37.0.2062.124

*************************

AdwCleaner[R0].txt - [1105 octets] - [15/10/2014 17:52:39]
AdwCleaner[R1].txt - [1018 octets] - [15/10/2014 17:56:41]

########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [1078 octets] ##########

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 15.10.2014
Scan Time: 18:09:33
Logfile: Malwa.txt
Administrator: Yes

Version: 2.00.3.1025
Malware Database: v2014.10.15.06
Rootkit Database: v2014.10.15.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: TIMvelkA1

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 346684
Time Elapsed: 6 min, 34 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 7
PUP.Optional.AppsHat.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Apps Hat, , [ec16f32286f643f3fab7182e56ad8d73],
PUP.Optional.TidyNetwork.A, HKU\S-1-5-21-2588056556-1671135975-2711471001-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLAPLUGINS\@tnt2ghost.com/Plugin, , [4db58d88d3a9270f835cb79749baef11],
PUP.Optional.TidyNetwork.A, HKU\S-1-5-21-2588056556-1671135975-2711471001-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLAPLUGINS\@tnt2npapi.com/Plugin, , [19e9da3b314b62d466f8094531d23ec2],
PUP.Optional.TidyNetwork.A, HKU\S-1-5-21-2588056556-1671135975-2711471001-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{41F5CDAF-7767-49E4-9DFD-4F20F9DCD536}, , [a55d67ae522a86b088826d7f0ff30ff1],
PUP.Optional.TidyNetwork.A, HKU\S-1-5-21-2588056556-1671135975-2711471001-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{EE2815A8-9EBC-47B8-A455-7B4CF24EFF85}, , [a55d67ae522a86b088826d7f0ff30ff1],
PUP.Optional.TidyNetwork.A, HKLM\SOFTWARE\CLASSES\CLSID\{0FEB2313-F89B-4AC6-8153-84025604A06A}, , [25dd28ed5428df57e2298c6062a054ac],
PUP.Optional.TidyNetwork.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{0FEB2313-F89B-4AC6-8153-84025604A06A}, , [25dd28ed5428df57e2298c6062a054ac],

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 11
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2, , [a55d67ae522a86b088826d7f0ff30ff1],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\2.0.0.1760, , [a55d67ae522a86b088826d7f0ff30ff1],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\Common, , [a55d67ae522a86b088826d7f0ff30ff1],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\Profiles, , [a55d67ae522a86b088826d7f0ff30ff1],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\Profiles\10511, , [a55d67ae522a86b088826d7f0ff30ff1],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\Profiles\10513, , [a55d67ae522a86b088826d7f0ff30ff1],
PUP.Optional.TidyNetwork.A, C:\Program Files (x86)\TNT2, , [25dd28ed5428df57e2298c6062a054ac],
PUP.Optional.TidyNetwork.A, C:\Program Files (x86)\TNT2\2.0.0.1760, , [25dd28ed5428df57e2298c6062a054ac],
PUP.Optional.TidyNetwork.A, C:\Program Files (x86)\TNT2\Profiles, , [25dd28ed5428df57e2298c6062a054ac],
PUP.Optional.TidyNetwork.A, C:\Program Files (x86)\TNT2\Profiles\10511, , [25dd28ed5428df57e2298c6062a054ac],
PUP.Optional.TidyNetwork.A, C:\Program Files (x86)\TNT2\Profiles\10513, , [25dd28ed5428df57e2298c6062a054ac],

Files: 69
PUP.PSWTool.ProductKey, C:\Users\TIMvelkA1\Downloads\produkey-x64.zip, , [b151e3322b5172c4880313561ce428d8],
PUP.Optional.OpenCandy, C:\Users\TIMvelkA1\Downloads\adobe-reader-11.0.06.exe, , [09f95db824588ea8cb84eb5b9c69ad53],
PUP.PSW.Passview, C:\Users\TIMvelkA1\Downloads\iepv_setup.exe, , [7f838590c8b477bf14bcb37b22e39769],
PUP.Riskware.Patcher, C:\Users\TIMvelkA1\Downloads\vso-convertXtoDVD-5.rar, , [8f7349cc6d0fa98d703e32e3cd34d030],
PUP.Optional.Somoto, C:\Users\TIMvelkA1\Downloads\Tarzan-pc-game-installer.rar, , [4bb780950b7160d613744ff64bba6a96],
Adware.InstallBrain, C:\Users\TIMvelkA1\Downloads\FreeCodecPackSetup.exe, , [13efce475b210b2b4de028f4ee13b54b],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\2.0.0.1760\passport.dll, , [a55d67ae522a86b088826d7f0ff30ff1],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\2.0.0.1760\TNT2UserPS.dll, , [a55d67ae522a86b088826d7f0ff30ff1],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\2.0.0.1760\crx.tar, , [a55d67ae522a86b088826d7f0ff30ff1],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\2.0.0.1760\GameApps.ini, , [a55d67ae522a86b088826d7f0ff30ff1],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\2.0.0.1760\GameConsole.exe, , [a55d67ae522a86b088826d7f0ff30ff1],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\2.0.0.1760\GameEngine.dll, , [a55d67ae522a86b088826d7f0ff30ff1],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\2.0.0.1760\GLOBALUNINSTALL.TNT, , [a55d67ae522a86b088826d7f0ff30ff1],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\2.0.0.1760\hmac.1.dll, , [a55d67ae522a86b088826d7f0ff30ff1],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\2.0.0.1760\iestage2.1.dll, , [a55d67ae522a86b088826d7f0ff30ff1],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\2.0.0.1760\IEToolbar.dll, , [a55d67ae522a86b088826d7f0ff30ff1],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\2.0.0.1760\IEToolbar64.dll, , [a55d67ae522a86b088826d7f0ff30ff1],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\2.0.0.1760\INSTALL.TNT, , [a55d67ae522a86b088826d7f0ff30ff1],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\2.0.0.1760\LastSession.log, , [a55d67ae522a86b088826d7f0ff30ff1],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\2.0.0.1760\log.dll, , [a55d67ae522a86b088826d7f0ff30ff1],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\2.0.0.1760\MinecraftShims64.dll, , [a55d67ae522a86b088826d7f0ff30ff1],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\2.0.0.1760\npTNT2.dll, , [a55d67ae522a86b088826d7f0ff30ff1],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\2.0.0.1760\npTNT2Ghost.dll, , [a55d67ae522a86b088826d7f0ff30ff1],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\2.0.0.1760\PARTNER.TNT, , [a55d67ae522a86b088826d7f0ff30ff1],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\2.0.0.1760\passport64.dll, , [a55d67ae522a86b088826d7f0ff30ff1],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\2.0.0.1760\pinnedSearch.htm, , [a55d67ae522a86b088826d7f0ff30ff1],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\2.0.0.1760\pinnedSearch_FindWide.htm, , [a55d67ae522a86b088826d7f0ff30ff1],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\2.0.0.1760\ppshim.dll, , [a55d67ae522a86b088826d7f0ff30ff1],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\2.0.0.1760\ppTNT2.dll, , [a55d67ae522a86b088826d7f0ff30ff1],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\2.0.0.1760\progress.1.dll, , [a55d67ae522a86b088826d7f0ff30ff1],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\2.0.0.1760\regsvr.1.dll, , [a55d67ae522a86b088826d7f0ff30ff1],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\2.0.0.1760\RemoteSkin.wms, , [a55d67ae522a86b088826d7f0ff30ff1],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\2.0.0.1760\sqlite.1.dll, , [a55d67ae522a86b088826d7f0ff30ff1],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\2.0.0.1760\tnt2chrome.dll, , [a55d67ae522a86b088826d7f0ff30ff1],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\2.0.0.1760\TNT2User.exe, , [a55d67ae522a86b088826d7f0ff30ff1],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\2.0.0.1760\TNT2UserPS64.dll, , [a55d67ae522a86b088826d7f0ff30ff1],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\2.0.0.1760\TntMagicDel.dll, , [a55d67ae522a86b088826d7f0ff30ff1],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\2.0.0.1760\UnInjLib.dll, , [a55d67ae522a86b088826d7f0ff30ff1],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\2.0.0.1760\UnInjLib64.dll, , [a55d67ae522a86b088826d7f0ff30ff1],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\2.0.0.1760\UNINSTALL.TNT, , [a55d67ae522a86b088826d7f0ff30ff1],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\2.0.0.1760\UninstallDlg.1.dll, , [a55d67ae522a86b088826d7f0ff30ff1],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\2.0.0.1760\untar.1.dll, , [a55d67ae522a86b088826d7f0ff30ff1],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\2.0.0.1760\UPDATE.TNT, , [a55d67ae522a86b088826d7f0ff30ff1],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\2.0.0.1760\xpi.tar, , [a55d67ae522a86b088826d7f0ff30ff1],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\2.0.0.1760\zipunzip.1.dll, , [a55d67ae522a86b088826d7f0ff30ff1],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\Common\GameConsole.exe, , [a55d67ae522a86b088826d7f0ff30ff1],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\Common\pinnedSearch.htm, , [a55d67ae522a86b088826d7f0ff30ff1],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\Profiles\10511\inst.ini, , [a55d67ae522a86b088826d7f0ff30ff1],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\Profiles\10511\os10511.xml, , [a55d67ae522a86b088826d7f0ff30ff1],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\Profiles\10511\PARTNER.1.TNT, , [a55d67ae522a86b088826d7f0ff30ff1],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\Profiles\10511\partner.dat, , [a55d67ae522a86b088826d7f0ff30ff1],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\Profiles\10511\runt.ini, , [a55d67ae522a86b088826d7f0ff30ff1],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\Profiles\10511\yah10511.xml, , [a55d67ae522a86b088826d7f0ff30ff1],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\Profiles\10513\inst.ini, , [a55d67ae522a86b088826d7f0ff30ff1],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\Profiles\10513\os10513.xml, , [a55d67ae522a86b088826d7f0ff30ff1],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\Profiles\10513\PARTNER.1.TNT, , [a55d67ae522a86b088826d7f0ff30ff1],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\Profiles\10513\partner.dat, , [a55d67ae522a86b088826d7f0ff30ff1],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\Profiles\10513\runt.ini, , [a55d67ae522a86b088826d7f0ff30ff1],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\Profiles\10513\yah10513.xml, , [a55d67ae522a86b088826d7f0ff30ff1],
PUP.Optional.TidyNetwork.A, C:\Program Files (x86)\TNT2\TNT2UserPS.dll, , [25dd28ed5428df57e2298c6062a054ac],
PUP.Optional.TidyNetwork.A, C:\Program Files (x86)\TNT2\TNT2UserPS64.dll, , [25dd28ed5428df57e2298c6062a054ac],
PUP.Optional.TidyNetwork.A, C:\Program Files (x86)\TNT2\2.0.0.1760\IEToolbar.dll, , [25dd28ed5428df57e2298c6062a054ac],
PUP.Optional.TidyNetwork.A, C:\Program Files (x86)\TNT2\2.0.0.1760\IEToolbar64.dll, , [25dd28ed5428df57e2298c6062a054ac],
PUP.Optional.TidyNetwork.A, C:\Program Files (x86)\TNT2\2.0.0.1760\ppshim.dll, , [25dd28ed5428df57e2298c6062a054ac],
PUP.Optional.TidyNetwork.A, C:\Program Files (x86)\TNT2\2.0.0.1760\ppTNT2.dll, , [25dd28ed5428df57e2298c6062a054ac],
PUP.Optional.TidyNetwork.A, C:\Program Files (x86)\TNT2\Profiles\10511\passport.dll, , [25dd28ed5428df57e2298c6062a054ac],
PUP.Optional.TidyNetwork.A, C:\Program Files (x86)\TNT2\Profiles\10511\passport64.dll, , [25dd28ed5428df57e2298c6062a054ac],
PUP.Optional.TidyNetwork.A, C:\Program Files (x86)\TNT2\Profiles\10513\passport.dll, , [25dd28ed5428df57e2298c6062a054ac],
PUP.Optional.TidyNetwork.A, C:\Program Files (x86)\TNT2\Profiles\10513\passport64.dll, , [25dd28ed5428df57e2298c6062a054ac],

Physical Sectors: 0
(No malicious items detected)

(end)
Nouzový režim nebyl potřeba.

Příspěvekod **jaro3** » 15 říj 2014 18:54

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
klikni na „Prohledat-Scan“, po prohledání klikni na „ Vymazat-Clean“

Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.

Stáhni si Junkware Removal Tool by Thisisu

na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

. spusť znovu MbAM a dej Skenovat nyní
- po proběhnutí programu se ti objeví hláška tak klikni na „Vše do karantény(smazat vybrané)“ a na „Exportovat záznam“ a vyber „textový soubor“ , soubor nějak pojmenuj a někam ho ulož. Zkopíruj se celý obsah toho logu.

Stáhni si RogueKiller by Adlice Software
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

Kozlna · Příspěvekod **Kozlna** » 16 říj 2014 22:27

Dobrý večer - den teď jsem dorazil z práce tak posílám. Po dokončení úkolu jsem zkušebně restartoval zatím žádná změna.
# AdwCleaner v4.000 - Report created 16/10/2014 at 20:38:50
# DB v2014-10-15.7
# Updated 12/10/2014 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : TIMvelký - TIMVELKY-PC
# Running from : C:\Users\TIMvelký\Desktop\adwcleaner_4.000.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\SoftSafe

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKCU\Software\usyndication.com
Key Deleted : HKCU\Software\VIS

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17344

-\\ Mozilla Firefox v

-\\ Google Chrome v37.0.2062.124

*************************

AdwCleaner[R0].txt - [1105 octets] - [15/10/2014 17:52:39]
AdwCleaner[R1].txt - [1166 octets] - [15/10/2014 17:56:41]
AdwCleaner[R2].txt - [1226 octets] - [16/10/2014 20:36:44]
AdwCleaner[S0].txt - [1063 octets] - [16/10/2014 20:38:50]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1123 octets] ##########

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.3 (10.14.2014:1)
OS: Windows 7 Ultimate x64
Ran by TIMvelkě on źt 16.10.2014 at 21:18:27,63
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{4430ADF5-70E7-4B54-883E-302A2A403480}

~~~ Files

~~~ Folders

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on źt 16.10.2014 at 21:20:59,71
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 16.10.2014
Čas skenování: 21:34:51
Protokol: mb.txt
Správce: Ano

Verze: 2.00.3.1025
Databáze malwaru: v2014.10.15.06
Databáze rootkitů: v2014.10.15.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Sebeobrany: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: TIMvelkA1

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 346825
Uplynulý čas: 7 min, 37 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Žádné zákerné zjištěny položek)

Moduly: 0
(Žádné zákerné zjištěny položek)

Klíče registru: 7
PUP.Optional.AppsHat.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Apps Hat, Do karantény, [6b979481b3c96accdcd5d76f05fe817f],
PUP.Optional.TidyNetwork.A, HKU\S-1-5-21-2588056556-1671135975-2711471001-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLAPLUGINS\@tnt2ghost.com/Plugin, Do karantény, [4fb3a57086f659dd15caeb6312f11de3],
PUP.Optional.TidyNetwork.A, HKU\S-1-5-21-2588056556-1671135975-2711471001-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLAPLUGINS\@tnt2npapi.com/Plugin, Do karantény, [10f239dc3d3fdc5a8ad4bc92b94a25db],
PUP.Optional.TidyNetwork.A, HKU\S-1-5-21-2588056556-1671135975-2711471001-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{41F5CDAF-7767-49E4-9DFD-4F20F9DCD536}, Do karantény, [e2200c09aad278befb0f02eabf43b947],
PUP.Optional.TidyNetwork.A, HKU\S-1-5-21-2588056556-1671135975-2711471001-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{EE2815A8-9EBC-47B8-A455-7B4CF24EFF85}, Do karantény, [e2200c09aad278befb0f02eabf43b947],
PUP.Optional.TidyNetwork.A, HKLM\SOFTWARE\CLASSES\CLSID\{0FEB2313-F89B-4AC6-8153-84025604A06A}, Do karantény, [20e2d83d700c0630d338f0fc7e84b44c],
PUP.Optional.TidyNetwork.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{0FEB2313-F89B-4AC6-8153-84025604A06A}, Do karantény, [20e2d83d700c0630d338f0fc7e84b44c],

Hodnoty registru: 0
(Žádné zákerné zjištěny položek)

Data registru: 0
(Žádné zákerné zjištěny položek)

Složky: 11
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2, Do karantény, [e2200c09aad278befb0f02eabf43b947],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\2.0.0.1760, Do karantény, [e2200c09aad278befb0f02eabf43b947],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\Common, Do karantény, [e2200c09aad278befb0f02eabf43b947],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\Profiles, Do karantény, [e2200c09aad278befb0f02eabf43b947],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\Profiles\10511, Do karantény, [e2200c09aad278befb0f02eabf43b947],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\Profiles\10513, Do karantény, [e2200c09aad278befb0f02eabf43b947],
PUP.Optional.TidyNetwork.A, C:\Program Files (x86)\TNT2, Do karantény, [20e2d83d700c0630d338f0fc7e84b44c],
PUP.Optional.TidyNetwork.A, C:\Program Files (x86)\TNT2\2.0.0.1760, Do karantény, [20e2d83d700c0630d338f0fc7e84b44c],
PUP.Optional.TidyNetwork.A, C:\Program Files (x86)\TNT2\Profiles, Do karantény, [20e2d83d700c0630d338f0fc7e84b44c],
PUP.Optional.TidyNetwork.A, C:\Program Files (x86)\TNT2\Profiles\10511, Do karantény, [20e2d83d700c0630d338f0fc7e84b44c],
PUP.Optional.TidyNetwork.A, C:\Program Files (x86)\TNT2\Profiles\10513, Do karantény, [20e2d83d700c0630d338f0fc7e84b44c],

Soubory: 69
PUP.PSWTool.ProductKey, C:\Users\TIMvelkA1\Downloads\produkey-x64.zip, Do karantény, [7a881203c6b683b3ccbf10598c7437c9],
PUP.Optional.OpenCandy, C:\Users\TIMvelkA1\Downloads\adobe-reader-11.0.06.exe, Do karantény, [808242d30c7045f163ec74d21bea45bb],
PUP.PSW.Passview, C:\Users\TIMvelkA1\Downloads\iepv_setup.exe, Do karantény, [837fb46184f8f640f0e0a18d788d4db3],
PUP.Riskware.Patcher, C:\Users\TIMvelkA1\Downloads\vso-convertXtoDVD-5.rar, Do karantény, [867ce53095e7c274921c769f956c47b9],
PUP.Optional.Somoto, C:\Users\TIMvelkA1\Downloads\Tarzan-pc-game-installer.rar, Do karantény, [c43e74a1403ce551b1d62d18a16412ee],
Adware.InstallBrain, C:\Users\TIMvelkA1\Downloads\FreeCodecPackSetup.exe, Do karantény, [25dd0a0bc3b91521c766051711f0ef11],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\2.0.0.1760\passport.dll, Do karantény, [e2200c09aad278befb0f02eabf43b947],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\2.0.0.1760\TNT2UserPS.dll, Do karantény, [e2200c09aad278befb0f02eabf43b947],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\2.0.0.1760\crx.tar, Do karantény, [e2200c09aad278befb0f02eabf43b947],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\2.0.0.1760\GameApps.ini, Do karantény, [e2200c09aad278befb0f02eabf43b947],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\2.0.0.1760\GameConsole.exe, Do karantény, [e2200c09aad278befb0f02eabf43b947],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\2.0.0.1760\GameEngine.dll, Do karantény, [e2200c09aad278befb0f02eabf43b947],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\2.0.0.1760\GLOBALUNINSTALL.TNT, Do karantény, [e2200c09aad278befb0f02eabf43b947],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\2.0.0.1760\hmac.1.dll, Do karantény, [e2200c09aad278befb0f02eabf43b947],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\2.0.0.1760\iestage2.1.dll, Do karantény, [e2200c09aad278befb0f02eabf43b947],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\2.0.0.1760\IEToolbar.dll, Do karantény, [e2200c09aad278befb0f02eabf43b947],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\2.0.0.1760\IEToolbar64.dll, Do karantény, [e2200c09aad278befb0f02eabf43b947],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\2.0.0.1760\INSTALL.TNT, Do karantény, [e2200c09aad278befb0f02eabf43b947],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\2.0.0.1760\LastSession.log, Do karantény, [e2200c09aad278befb0f02eabf43b947],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\2.0.0.1760\log.dll, Do karantény, [e2200c09aad278befb0f02eabf43b947],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\2.0.0.1760\MinecraftShims64.dll, Do karantény, [e2200c09aad278befb0f02eabf43b947],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\2.0.0.1760\npTNT2.dll, Do karantény, [e2200c09aad278befb0f02eabf43b947],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\2.0.0.1760\npTNT2Ghost.dll, Do karantény, [e2200c09aad278befb0f02eabf43b947],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\2.0.0.1760\PARTNER.TNT, Do karantény, [e2200c09aad278befb0f02eabf43b947],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\2.0.0.1760\passport64.dll, Do karantény, [e2200c09aad278befb0f02eabf43b947],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\2.0.0.1760\pinnedSearch.htm, Do karantény, [e2200c09aad278befb0f02eabf43b947],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\2.0.0.1760\pinnedSearch_FindWide.htm, Do karantény, [e2200c09aad278befb0f02eabf43b947],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\2.0.0.1760\ppshim.dll, Do karantény, [e2200c09aad278befb0f02eabf43b947],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\2.0.0.1760\ppTNT2.dll, Do karantény, [e2200c09aad278befb0f02eabf43b947],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\2.0.0.1760\progress.1.dll, Do karantény, [e2200c09aad278befb0f02eabf43b947],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\2.0.0.1760\regsvr.1.dll, Do karantény, [e2200c09aad278befb0f02eabf43b947],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\2.0.0.1760\RemoteSkin.wms, Do karantény, [e2200c09aad278befb0f02eabf43b947],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\2.0.0.1760\sqlite.1.dll, Do karantény, [e2200c09aad278befb0f02eabf43b947],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\2.0.0.1760\tnt2chrome.dll, Do karantény, [e2200c09aad278befb0f02eabf43b947],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\2.0.0.1760\TNT2User.exe, Do karantény, [e2200c09aad278befb0f02eabf43b947],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\2.0.0.1760\TNT2UserPS64.dll, Do karantény, [e2200c09aad278befb0f02eabf43b947],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\2.0.0.1760\TntMagicDel.dll, Do karantény, [e2200c09aad278befb0f02eabf43b947],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\2.0.0.1760\UnInjLib.dll, Do karantény, [e2200c09aad278befb0f02eabf43b947],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\2.0.0.1760\UnInjLib64.dll, Do karantény, [e2200c09aad278befb0f02eabf43b947],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\2.0.0.1760\UNINSTALL.TNT, Do karantény, [e2200c09aad278befb0f02eabf43b947],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\2.0.0.1760\UninstallDlg.1.dll, Do karantény, [e2200c09aad278befb0f02eabf43b947],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\2.0.0.1760\untar.1.dll, Do karantény, [e2200c09aad278befb0f02eabf43b947],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\2.0.0.1760\UPDATE.TNT, Do karantény, [e2200c09aad278befb0f02eabf43b947],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\2.0.0.1760\xpi.tar, Do karantény, [e2200c09aad278befb0f02eabf43b947],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\2.0.0.1760\zipunzip.1.dll, Do karantény, [e2200c09aad278befb0f02eabf43b947],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\Common\GameConsole.exe, Do karantény, [e2200c09aad278befb0f02eabf43b947],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\Common\pinnedSearch.htm, Do karantény, [e2200c09aad278befb0f02eabf43b947],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\Profiles\10511\inst.ini, Do karantény, [e2200c09aad278befb0f02eabf43b947],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\Profiles\10511\os10511.xml, Do karantény, [e2200c09aad278befb0f02eabf43b947],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\Profiles\10511\PARTNER.1.TNT, Do karantény, [e2200c09aad278befb0f02eabf43b947],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\Profiles\10511\partner.dat, Do karantény, [e2200c09aad278befb0f02eabf43b947],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\Profiles\10511\runt.ini, Do karantény, [e2200c09aad278befb0f02eabf43b947],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\Profiles\10511\yah10511.xml, Do karantény, [e2200c09aad278befb0f02eabf43b947],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\Profiles\10513\inst.ini, Do karantény, [e2200c09aad278befb0f02eabf43b947],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\Profiles\10513\os10513.xml, Do karantény, [e2200c09aad278befb0f02eabf43b947],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\Profiles\10513\PARTNER.1.TNT, Do karantény, [e2200c09aad278befb0f02eabf43b947],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\Profiles\10513\partner.dat, Do karantény, [e2200c09aad278befb0f02eabf43b947],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\Profiles\10513\runt.ini, Do karantény, [e2200c09aad278befb0f02eabf43b947],
PUP.Optional.TidyNetwork.A, C:\Users\TIMvelkA1\AppData\Local\TNT2\Profiles\10513\yah10513.xml, Do karantény, [e2200c09aad278befb0f02eabf43b947],
PUP.Optional.TidyNetwork.A, C:\Program Files (x86)\TNT2\TNT2UserPS.dll, Do karantény, [20e2d83d700c0630d338f0fc7e84b44c],
PUP.Optional.TidyNetwork.A, C:\Program Files (x86)\TNT2\TNT2UserPS64.dll, Do karantény, [20e2d83d700c0630d338f0fc7e84b44c],
PUP.Optional.TidyNetwork.A, C:\Program Files (x86)\TNT2\2.0.0.1760\IEToolbar.dll, Do karantény, [20e2d83d700c0630d338f0fc7e84b44c],
PUP.Optional.TidyNetwork.A, C:\Program Files (x86)\TNT2\2.0.0.1760\IEToolbar64.dll, Do karantény, [20e2d83d700c0630d338f0fc7e84b44c],
PUP.Optional.TidyNetwork.A, C:\Program Files (x86)\TNT2\2.0.0.1760\ppshim.dll, Do karantény, [20e2d83d700c0630d338f0fc7e84b44c],
PUP.Optional.TidyNetwork.A, C:\Program Files (x86)\TNT2\2.0.0.1760\ppTNT2.dll, Do karantény, [20e2d83d700c0630d338f0fc7e84b44c],
PUP.Optional.TidyNetwork.A, C:\Program Files (x86)\TNT2\Profiles\10511\passport.dll, Do karantény, [20e2d83d700c0630d338f0fc7e84b44c],
PUP.Optional.TidyNetwork.A, C:\Program Files (x86)\TNT2\Profiles\10511\passport64.dll, Do karantény, [20e2d83d700c0630d338f0fc7e84b44c],
PUP.Optional.TidyNetwork.A, C:\Program Files (x86)\TNT2\Profiles\10513\passport.dll, Do karantény, [20e2d83d700c0630d338f0fc7e84b44c],
PUP.Optional.TidyNetwork.A, C:\Program Files (x86)\TNT2\Profiles\10513\passport64.dll, Do karantény, [20e2d83d700c0630d338f0fc7e84b44c],

Fyzické sektory: 0
(Žádné zákerné zjištěny položek)

(end)

RogueKiller V10.0.2.0 (x64) [Oct 16 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno : Normální režim
Uživatel : TIMvelký [Práva správce]
Mód : Prohledat -- Datum : 10/16/2014 22:08:18

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 17 ¤¤¤
[PUM.HomePage] (X64) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir.dl ... ar=msnhome -> Nalezeno
[PUM.HomePage] (X86) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir.dl ... ar=msnhome -> Nalezeno
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-2588056556-1671135975-2711471001-1000\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.centrum.cz/ -> Nalezeno
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-2588056556-1671135975-2711471001-1000\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.centrum.cz/ -> Nalezeno
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir.dl ... ar=msnhome -> Nalezeno
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir.dl ... ar=msnhome -> Nalezeno
[PUM.SearchPage] (X64) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dl ... r=iesearch -> Nalezeno
[PUM.SearchPage] (X86) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dl ... r=iesearch -> Nalezeno
[PUM.SearchPage] (X64) HKEY_USERS\S-1-5-21-2588056556-1671135975-2711471001-1000\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dl ... r=iesearch -> Nalezeno
[PUM.SearchPage] (X86) HKEY_USERS\S-1-5-21-2588056556-1671135975-2711471001-1000\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dl ... r=iesearch -> Nalezeno
[PUM.SearchPage] (X64) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dl ... r=iesearch -> Nalezeno
[PUM.SearchPage] (X86) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dl ... r=iesearch -> Nalezeno
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nalezeno
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Nalezeno
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nalezeno
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Nalezeno
[Suspicious.Path] (X64) HKEY_USERS\S-1-5-21-2588056556-1671135975-2711471001-1000\Control Panel\Desktop | SCRNSAVE.EXE : C:\Windows\css.scr -> Nalezeno

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 1 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost

¤¤¤ Antirootkit : 34 (Driver: Nahrán) ¤¤¤
[IAT:Addr] (explorer.exe @ POWRPROF.dll) SETUPAPI.dll - CM_Get_DevNode_Status : C:\Windows\system32\CFGMGR32.dll @ 0x7fefd5a30c0
[IAT:Addr] (explorer.exe @ POWRPROF.dll) SETUPAPI.dll - CM_Get_Device_IDW : C:\Windows\system32\CFGMGR32.dll @ 0x7fefd5a4034
[IAT:Addr] (explorer.exe @ urlmon.dll) api-ms-win-downlevel-ole32-l1-1-0.dll - CLSIDFromString : C:\Windows\system32\ole32.dll @ 0x7fefdc90680
[IAT:Addr] (explorer.exe @ urlmon.dll) api-ms-win-downlevel-ole32-l1-1-0.dll - StringFromCLSID : C:\Windows\system32\ole32.dll @ 0x7fefdc89370
[IAT:Addr] (explorer.exe @ urlmon.dll) api-ms-win-downlevel-ole32-l1-1-0.dll - CoGetClassObject : C:\Windows\system32\ole32.dll @ 0x7fefdcb2e18
[IAT:Addr] (explorer.exe @ urlmon.dll) api-ms-win-downlevel-ole32-l1-1-0.dll - CoCreateInstance : C:\Windows\system32\ole32.dll @ 0x7fefdca7490
[IAT:Addr] (explorer.exe @ urlmon.dll) api-ms-win-downlevel-ole32-l1-1-0.dll - CoInitializeEx : C:\Windows\system32\ole32.dll @ 0x7fefdca2a30
[IAT:Addr] (explorer.exe @ urlmon.dll) api-ms-win-downlevel-ole32-l1-1-0.dll - CoUnmarshalInterface : C:\Windows\system32\ole32.dll @ 0x7fefdcaea20
[IAT:Addr] (explorer.exe @ urlmon.dll) api-ms-win-downlevel-ole32-l1-1-0.dll - CoSetProxyBlanket : C:\Windows\system32\ole32.dll @ 0x7fefdcbbf00
[IAT:Addr] (explorer.exe @ urlmon.dll) api-ms-win-downlevel-ole32-l1-1-0.dll - CoGetTreatAsClass : C:\Windows\system32\ole32.dll @ 0x7fefdc93e90
[IAT:Addr] (explorer.exe @ urlmon.dll) api-ms-win-downlevel-ole32-l1-1-0.dll - CoFreeUnusedLibraries : C:\Windows\system32\ole32.dll @ 0x7fefdc88284
[IAT:Addr] (explorer.exe @ urlmon.dll) api-ms-win-downlevel-ole32-l1-1-0.dll - CoCreateGuid : C:\Windows\system32\ole32.dll @ 0x7fefdc8d9d0
[IAT:Addr] (explorer.exe @ urlmon.dll) api-ms-win-downlevel-ole32-l1-1-0.dll - CoGetMarshalSizeMax : C:\Windows\system32\ole32.dll @ 0x7fefdcaef20
[IAT:Addr] (explorer.exe @ urlmon.dll) api-ms-win-downlevel-ole32-l1-1-0.dll - CoMarshalInterface : C:\Windows\system32\ole32.dll @ 0x7fefdcaf1ac
[IAT:Addr] (explorer.exe @ urlmon.dll) api-ms-win-downlevel-ole32-l1-1-0.dll - StringFromGUID2 : C:\Windows\system32\ole32.dll @ 0x7fefdca3560
[IAT:Addr] (explorer.exe @ urlmon.dll) api-ms-win-downlevel-ole32-l1-1-0.dll - CLSIDFromProgID : C:\Windows\system32\ole32.dll @ 0x7fefdc99980
[IAT:Addr] (explorer.exe @ urlmon.dll) api-ms-win-downlevel-ole32-l1-1-0.dll - FreePropVariantArray : C:\Windows\system32\ole32.dll @ 0x7fefdda9440
[IAT:Addr] (explorer.exe @ urlmon.dll) api-ms-win-downlevel-ole32-l1-1-0.dll - CoTaskMemAlloc : C:\Windows\system32\ole32.dll @ 0x7fefdca8e70
[IAT:Addr] (explorer.exe @ urlmon.dll) api-ms-win-downlevel-ole32-l1-1-0.dll - CoTaskMemFree : C:\Windows\system32\ole32.dll @ 0x7fefdca8e20
[IAT:Addr] (explorer.exe @ urlmon.dll) api-ms-win-downlevel-ole32-l1-1-0.dll - CoUninitialize : C:\Windows\system32\ole32.dll @ 0x7fefdca1314
[IAT:Addr] (explorer.exe @ urlmon.dll) api-ms-win-downlevel-version-l1-1-0.dll - GetFileVersionInfoExW : C:\Windows\system32\version.DLL @ 0x7fefc2d193c
[IAT:Addr] (explorer.exe @ urlmon.dll) api-ms-win-downlevel-version-l1-1-0.dll - VerQueryValueW : C:\Windows\system32\version.DLL @ 0x7fefc2d15e0
[IAT:Addr] (explorer.exe @ urlmon.dll) api-ms-win-downlevel-version-l1-1-0.dll - GetFileVersionInfoSizeExW : C:\Windows\system32\version.DLL @ 0x7fefc2d14e8
[IAT:Addr] (explorer.exe @ iertutil.dll) api-ms-win-downlevel-version-l1-1-0.dll - VerQueryValueW : C:\Windows\system32\version.DLL @ 0x7fefc2d15e0
[IAT:Addr] (explorer.exe @ iertutil.dll) api-ms-win-downlevel-version-l1-1-0.dll - GetFileVersionInfoExW : C:\Windows\system32\version.DLL @ 0x7fefc2d193c
[IAT:Addr] (explorer.exe @ iertutil.dll) api-ms-win-downlevel-version-l1-1-0.dll - GetFileVersionInfoSizeExW : C:\Windows\system32\version.DLL @ 0x7fefc2d14e8
[IAT:Addr] (explorer.exe @ WININET.dll) api-ms-win-downlevel-version-l1-1-0.dll - VerQueryValueW : C:\Windows\system32\version.DLL @ 0x7fefc2d15e0
[IAT:Addr] (explorer.exe @ WININET.dll) api-ms-win-downlevel-version-l1-1-0.dll - GetFileVersionInfoSizeExW : C:\Windows\system32\version.DLL @ 0x7fefc2d14e8
[IAT:Addr] (explorer.exe @ WININET.dll) api-ms-win-downlevel-version-l1-1-0.dll - GetFileVersionInfoExW : C:\Windows\system32\version.DLL @ 0x7fefc2d193c
[IAT:Addr] (explorer.exe @ WININET.dll) api-ms-win-downlevel-version-l1-1-0.dll - VerQueryValueA : C:\Windows\system32\version.DLL @ 0x7fefc2d1b94
[IAT:Addr] (explorer.exe @ ieframe.dll) api-ms-win-downlevel-version-l1-1-0.dll - GetFileVersionInfoSizeExW : C:\Windows\system32\version.DLL @ 0x7fefc2d14e8
[IAT:Addr] (explorer.exe @ ieframe.dll) api-ms-win-downlevel-version-l1-1-0.dll - GetFileVersionInfoExW : C:\Windows\system32\version.DLL @ 0x7fefc2d193c
[IAT:Addr] (explorer.exe @ ieframe.dll) api-ms-win-downlevel-version-l1-1-0.dll - VerQueryValueW : C:\Windows\system32\version.DLL @ 0x7fefc2d15e0
[IAT:Addr] (explorer.exe @ acppage.dll) sfc.dll - SfcIsFileProtected : C:\Windows\system32\sfc_os.DLL @ 0x7fef8bc16f0

¤¤¤ Webové prohlížeče : 1 ¤¤¤
[PUM.HomePage][FIREFX:Config] nahd6ha2.default : user_pref("browser.startup.homepage", "http://www.seznam.cz/?clid=6826"); -> Nalezeno

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: WDC WD10EZEX-00ZF5A0 ATA Device +++++
--- User ---
[MBR] 4b1231dd58011c7f51498685972ec29d
[BSP] 928b29019379c36cf3066ce2090ffbb6 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 204800 MB
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 419637248 | Size: 199999 MB
3 - [XXXXXX] EXTEN-LBA (0xf) [VISIBLE] Offset (sectors): 829237248 | Size: 548967 MB
User = LL1 ... OK
User = LL2 ... OK

Díky za váš čas a ochotu

Příspěvekod **jaro3** » 17 říj 2014 10:26

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB (kromě myši s klávesnice) nebo externí disky z počítače před spuštěním tohoto programu.
Spusť znovu RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Pak klikni na "Prohledat " ,po jeho skončení:

- V záložkách (Registry , Tasks , Web Browser apod.) vše zatrhni (dej zatržítka)

- Klikni na "Smazat"
- Počkej, dokud Status box nezobrazí " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

Stáhni
Zoek.exe

a uloz si ho na plochu.
Zavři všechny ostatní programy , okna i prohlížeče.
Spusť Zoek.exe ( u win vista , win7, 8 klikni na něj pravým a vyber : „Spustit jako správce“
- pozor , náběh programu může trvat déle.

Do okna programu vlož skript níže:

Kód: Vybrat vše

autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts;

klikni na Run Script
Program provede sken , opravu, sken i oprava může trvat i více minut ,je třeba posečkat do konce. Do okna neklikej!
Program nabídne restart , potvrď .

Po restartu se může nějaký čas ukázat pouze černá plocha , to je normální. Je třeba počkat až se vytvoří log. Ten si můžeš uložit třeba do dokumentů , jinak se sám ukládá do:
C:\zoek-results.log
Zkopíruj sem celý obsah toho logu.

Kozlna · Příspěvekod **Kozlna** » 17 říj 2014 15:35

Dobrý den zatím žádná změna
RogueKiller V10.0.2.0 (x64) [Oct 16 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno : Normální režim
Uživatel : TIMvelký [Práva správce]
Mód : Smazat -- Datum : 10/17/2014 15:04:34

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 17 ¤¤¤
[PUM.HomePage] (X64) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir.dl ... ar=msnhome -> Nahrazeno (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.HomePage] (X86) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir.dl ... ar=msnhome -> Nahrazeno (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-2588056556-1671135975-2711471001-1000\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.centrum.cz/ -> Nahrazeno (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-2588056556-1671135975-2711471001-1000\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.centrum.cz/ -> Nahrazeno (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir.dl ... ar=msnhome -> Nahrazeno (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir.dl ... ar=msnhome -> Nahrazeno (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.SearchPage] (X64) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dl ... r=iesearch -> Nahrazeno (http://go.microsoft.com/fwlink/?LinkId=54896)
[PUM.SearchPage] (X86) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dl ... r=iesearch -> Nahrazeno (http://go.microsoft.com/fwlink/?LinkId=54896)
[PUM.SearchPage] (X64) HKEY_USERS\S-1-5-21-2588056556-1671135975-2711471001-1000\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dl ... r=iesearch -> Nahrazeno (http://go.microsoft.com/fwlink/?LinkId=54896)
[PUM.SearchPage] (X86) HKEY_USERS\S-1-5-21-2588056556-1671135975-2711471001-1000\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dl ... r=iesearch -> Nahrazeno (http://go.microsoft.com/fwlink/?LinkId=54896)
[PUM.SearchPage] (X64) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dl ... r=iesearch -> Nahrazeno (http://go.microsoft.com/fwlink/?LinkId=54896)
[PUM.SearchPage] (X86) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dl ... r=iesearch -> Nahrazeno (http://go.microsoft.com/fwlink/?LinkId=54896)
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nahrazeno (0)
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Nahrazeno (0)
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nahrazeno (0)
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Nahrazeno (0)
[Suspicious.Path] (X64) HKEY_USERS\S-1-5-21-2588056556-1671135975-2711471001-1000\Control Panel\Desktop | SCRNSAVE.EXE : C:\Windows\css.scr [x] -> Nahrazeno (C:\Windows\system32\logon.scr)

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 1 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost -> Smazáno

¤¤¤ Antirootkit : 16 (Driver: Nahrán) ¤¤¤
[IAT:Addr] (explorer.exe @ POWRPROF.dll) SETUPAPI.dll - CM_Get_DevNode_Status : C:\Windows\system32\CFGMGR32.dll @ 0x7fefd9730c0
[IAT:Addr] (explorer.exe @ POWRPROF.dll) SETUPAPI.dll - CM_Get_Device_IDW : C:\Windows\system32\CFGMGR32.dll @ 0x7fefd974034
[IAT:Addr] (explorer.exe @ iertutil.dll) api-ms-win-downlevel-version-l1-1-0.dll - VerQueryValueW : C:\Windows\system32\version.DLL @ 0x7fefc6c15e0
[IAT:Addr] (explorer.exe @ iertutil.dll) api-ms-win-downlevel-version-l1-1-0.dll - GetFileVersionInfoExW : C:\Windows\system32\version.DLL @ 0x7fefc6c193c
[IAT:Addr] (explorer.exe @ iertutil.dll) api-ms-win-downlevel-version-l1-1-0.dll - GetFileVersionInfoSizeExW : C:\Windows\system32\version.DLL @ 0x7fefc6c14e8
[IAT:Addr] (explorer.exe @ urlmon.dll) api-ms-win-downlevel-version-l1-1-0.dll - VerQueryValueW : C:\Windows\system32\version.DLL @ 0x7fefc6c15e0
[IAT:Addr] (explorer.exe @ urlmon.dll) api-ms-win-downlevel-version-l1-1-0.dll - GetFileVersionInfoExW : C:\Windows\system32\version.DLL @ 0x7fefc6c193c
[IAT:Addr] (explorer.exe @ urlmon.dll) api-ms-win-downlevel-version-l1-1-0.dll - GetFileVersionInfoSizeExW : C:\Windows\system32\version.DLL @ 0x7fefc6c14e8
[IAT:Addr] (explorer.exe @ WININET.dll) api-ms-win-downlevel-version-l1-1-0.dll - VerQueryValueW : C:\Windows\system32\version.DLL @ 0x7fefc6c15e0
[IAT:Addr] (explorer.exe @ WININET.dll) api-ms-win-downlevel-version-l1-1-0.dll - GetFileVersionInfoSizeExW : C:\Windows\system32\version.DLL @ 0x7fefc6c14e8
[IAT:Addr] (explorer.exe @ WININET.dll) api-ms-win-downlevel-version-l1-1-0.dll - GetFileVersionInfoExW : C:\Windows\system32\version.DLL @ 0x7fefc6c193c
[IAT:Addr] (explorer.exe @ WININET.dll) api-ms-win-downlevel-version-l1-1-0.dll - VerQueryValueA : C:\Windows\system32\version.DLL @ 0x7fefc6c1b94
[IAT:Addr] (explorer.exe @ ieframe.dll) api-ms-win-downlevel-version-l1-1-0.dll - GetFileVersionInfoSizeExW : C:\Windows\system32\version.DLL @ 0x7fefc6c14e8
[IAT:Addr] (explorer.exe @ ieframe.dll) api-ms-win-downlevel-version-l1-1-0.dll - GetFileVersionInfoExW : C:\Windows\system32\version.DLL @ 0x7fefc6c193c
[IAT:Addr] (explorer.exe @ ieframe.dll) api-ms-win-downlevel-version-l1-1-0.dll - VerQueryValueW : C:\Windows\system32\version.DLL @ 0x7fefc6c15e0
[IAT:Addr] (explorer.exe @ acppage.dll) sfc.dll - SfcIsFileProtected : C:\Windows\system32\sfc_os.DLL @ 0x7fef8ee16f0

¤¤¤ Webové prohlížeče : 2 ¤¤¤
[IE:Addon] System : Google Toolbar [{2318C2B1-4965-11d4-9B18-009027A5CD4F}] -> Smazáno
[PUM.HomePage][FIREFX:Config] nahd6ha2.default : user_pref("browser.startup.homepage", "http://www.seznam.cz/?clid=6826"); -> Nahrazeno (about:home)

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: WDC WD10EZEX-00ZF5A0 ATA Device +++++
--- User ---
[MBR] 4b1231dd58011c7f51498685972ec29d
[BSP] 928b29019379c36cf3066ce2090ffbb6 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 204800 MB
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 419637248 | Size: 199999 MB
3 - [XXXXXX] EXTEN-LBA (0xf) [VISIBLE] Offset (sectors): 829237248 | Size: 548967 MB
User = LL1 ... OK
User = LL2 ... OK

============================================
RKreport_SCN_10162014_220818.log - RKreport_SCN_10172014_150136.log

Zoek.exe v5.0.0.0 Updated 16-10-2014
Tool run by TIMvelkě on p 17.10.2014 at 15:11:55,03.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\TIMVEL~1\Desktop\zoek\zoek.com [Scan all users] [Script inserted]

==== System Restore Info ======================

17.10.2014 15:13:22 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2588056556-1671135975-2711471001-1000\Software\Microsoft\Internet Explorer\SearchScopes\{D8D171EA-CAE3-4E61-8038-EE9C85B684B6} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-2588056556-1671135975-2711471001-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{91397D20-1446-11D4-8AF4-0040CA1127B6} deleted successfully

==== Deleting Services ======================

==== FireFox Fix ======================

Deleted from C:\Users\TIMVEL~1\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\prefs.js:
user_pref("browser.startup.homepage", "about:home"about:home);
user_pref("browser.search.defaultenginename", "Seznam");
user_pref("browser.search.selectedEngine", "Seznam");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", false);

Added to C:\Users\TIMVEL~1\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Users\TIMVEL~1\AppData\Roaming\TomTom\HOME\Profiles\a8vzseyu.default\prefs.js:

Added to C:\Users\TIMVEL~1\AppData\Roaming\TomTom\HOME\Profiles\a8vzseyu.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

==== Deleting Files \ Folders ======================

C:\PROGRA~3\InstallMate deleted
C:\PROGRA~3\Package Cache deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\Users\TIMVEL~1\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged deleted

==== Firefox Extensions ======================

ProfilePath: C:\Users\TIMVEL~1\AppData\Roaming\TomTom\HOME\Profiles\a8vzseyu.default
- Undetermined - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com
- Undetermined - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com

==== Firefox Plugins ======================

==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
aminlpmkfcdibgpgfajlgnamicjckkjf - No path found[]
jdkihdhlegcdggknokfekoemkjjnjhgi - No path found[]

ĐˇŃ‚Đ°Ń€Ń‚ĐľĐ˛Đ°ŃŹ â€” ĐŻĐ˝Đ´ĐµĐşŃ - TIMVEL~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdkihdhlegcdggknokfekoemkjjnjhgi

==== Chromium Startpages ======================

C:\Users\TIMVEL~1\AppData\Local\Chromium\User Data\Default\Preferences
{"default_search_provider_data":{"template_url_data":{"search_terms_replacement_key":"","search_url_post_params":"","suggestions_url_post_params":"","id":"5","short_name":"Seznam","keyword":"seznam.cz","favicon_url":"http://seznam.cz/favicon.ico","url":"http://search.seznam.cz/?sourceid=quicksearch_6826&q={searchTerms}","safe_for_autoreplace":true,"suggestions_url":"http://suggest.fulltext.seznam.cz/fulltext_ff?phrase={searchTerms}","prepopulate_id":0,"input_encodings":["UTF-8"]}},"homepage_is_newtabpage":false,"homepage":"http://www.seznam.cz/?clid=6826","session":{"startup_urls":["http://www.seznam.cz/?clid=6826"]},"browser":{"show_home_button":true}}

==== Chromium Fix ======================

C:\Users\TIMVEL~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdkihdhlegcdggknokfekoemkjjnjhgi deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\fi]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\ma]
@="http://www.mapy.cz/?sourceid=quicksearch_6826&query=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\se]
@="http://search.seznam.cz/?sourceid=quicksearch_6826&q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\vi]
@="http://videa.seznam.cz/?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\zb]
@="http://www.zbozi.cz/?sourceid=quicksearch_6826&q=%s"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{4430ADF5-70E7-4B54-883E-302A2A403480}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{4430ADF5-70E7-4B54-883E-302A2A403480}] not found

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{79B125D9-479A-4084-898D-6BC8756C9EC4} Seznam TV Program Url="http://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415"

==== Reset Google Chrome ======================

C:\Users\TIMVEL~1\AppData\Local\Chromium\User Data\Default\Preferences was reset successfully
C:\Users\TIMVEL~1\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\TIMVEL~1\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences was reset successfully
C:\Users\TIMVEL~1\AppData\Local\Chromium\User Data\Default\Web Data was reset successfully
C:\Users\TIMVEL~1\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\TIMVEL~1\AppData\Local\Yandex\YandexBrowser\User Data\Default\Web Data was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E185E96B-6329-9846-8DEA-010D2FC4E7C9} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\aminlpmkfcdibgpgfajlgnamicjckkjf deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\jdkihdhlegcdggknokfekoemkjjnjhgi deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\TIMVEL~1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\TIMVEL~1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\TIMVEL~1\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\TIMVEL~1\AppData\Local\Yandex\YandexBrowser\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=207 folders=52 54136893 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Default User\AppData\Local\temp emptied successfully
C:\Users\Public\AppData\Local\temp emptied successfully
C:\Users\TIMVEL~1\AppData\Local\Temp will be emptied at reboot
C:\Users\TIMVEL~2\AppData\Local\temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\TIMVEL~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on p 17.10.2014 at 15:28:17,70 ======================

Příspěvekod **jaro3** » 17 říj 2014 18:23

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Kozlna · Příspěvekod **Kozlna** » 17 říj 2014 21:00

ComboFix 14-10-15.01 - TIMvelký 17.10.2014 20:20:42.2.2 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.4061.2693 [GMT 2:00]
Spuštěný z: c:\users\TIMvelký\Desktop\zoek\ComboFix.exe
AV: ESET NOD32 Antivirus 4.0 *Disabled/Updated* {CB0F8167-5331-BA19-698E-64816B6801A5}
SP: ESET NOD32 Antivirus 4.0 *Disabled/Updated* {706E6083-750B-B597-533E-5FF310EF4B18}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-09-17 do 2014-10-17 )))))))))))))))))))))))))))))))
.
.
2014-10-17 18:25 . 2014-10-17 18:25 -------- d-----w- c:\users\TIMvelkĂ˝\AppData\Local\temp
2014-10-17 18:25 . 2014-10-17 18:25 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-10-17 13:38 . 2014-10-17 18:23 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{EE144695-1012-44FC-A6A7-87481C2C61C1}\offreg.dll
2014-10-17 13:37 . 2014-09-09 02:05 11578928 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{EE144695-1012-44FC-A6A7-87481C2C61C1}\mpengine.dll
2014-10-17 13:24 . 2014-10-17 18:25 -------- d-----w- c:\users\TIMvelký\AppData\Local\Temp
2014-10-17 13:24 . 2014-02-13 21:59 24064 ----a-w- c:\windows\zoek-delete.exe
2014-10-17 13:11 . 2014-10-17 13:22 -------- d-----w- C:\zoek_backup
2014-10-16 20:03 . 2014-10-17 12:58 37624 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2014-10-16 20:03 . 2014-10-16 20:03 -------- d-----w- c:\programdata\RogueKiller
2014-10-16 19:18 . 2014-10-16 19:18 -------- d-----w- c:\windows\ERUNT
2014-10-15 18:31 . 2014-10-15 18:31 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2014-10-15 16:07 . 2014-10-16 20:13 129752 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-10-15 16:06 . 2014-10-15 16:06 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2014-10-15 16:06 . 2014-10-15 16:06 -------- d-----w- c:\programdata\Malwarebytes
2014-10-15 16:06 . 2014-10-01 09:11 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-10-15 16:06 . 2014-10-01 09:11 93400 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-10-15 16:06 . 2014-10-01 09:11 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-10-15 15:52 . 2014-10-16 19:30 -------- d-----w- C:\AdwCleaner
2014-10-14 20:05 . 2014-06-18 22:23 73880 ----a-w- c:\windows\system32\mscories.dll
2014-10-11 16:14 . 2014-10-11 16:14 -------- d-----w- c:\program files (x86)\HYPERMAX
2014-10-11 08:28 . 2014-10-11 08:28 -------- d-----w- c:\program files\ESET
2014-10-04 17:23 . 2014-10-04 17:23 -------- d-----w- c:\users\TIMvelký\AppData\Roaming\Wargaming.net
2014-09-30 19:04 . 2014-09-25 02:08 371712 ----a-w- c:\windows\system32\qdvd.dll
2014-09-30 19:04 . 2014-09-25 01:40 519680 ----a-w- c:\windows\SysWow64\qdvd.dll
2014-09-27 22:13 . 2014-09-27 22:13 -------- d-----w- c:\users\TIMvelký\.smtube
2014-09-27 22:03 . 2014-09-27 22:03 -------- d-----w- c:\users\TIMvelký\AppData\Local\fontconfig
2014-09-27 21:51 . 2014-09-27 21:57 -------- d-----w- c:\program files (x86)\Common Files\Symantec Shared
2014-09-27 21:49 . 2014-09-27 22:03 -------- d-----w- c:\users\TIMvelký\.smplayer
2014-09-27 21:47 . 2014-09-27 21:48 -------- d-----w- c:\program files (x86)\SMPlayer
2014-09-27 21:47 . 2014-09-27 21:57 -------- d-----w- c:\programdata\Norton
2014-09-27 21:47 . 2014-09-27 21:58 -------- d-----w- c:\users\TIMvelký\AppData\Local\Yandex
2014-09-27 21:47 . 2014-09-27 21:47 -------- d-----w- c:\users\TIMvelký\AppData\Local\Chromium
2014-09-27 21:47 . 2014-09-27 21:47 -------- d-----w- c:\users\TIMvelký\AppData\Roaming\Opera Software
2014-09-27 21:47 . 2014-09-27 21:58 -------- d-----w- c:\users\TIMvelký\AppData\Roaming\Yandex
2014-09-27 18:07 . 2014-09-27 18:07 -------- d-----w- c:\programdata\InstallShield
2014-09-27 18:07 . 2014-09-27 18:07 -------- d-----w- c:\program files (x86)\THQ
2014-09-24 18:26 . 2014-05-08 09:32 16384 ----a-w- c:\windows\system32\RdpGroupPolicyExtension.dll
2014-09-24 15:19 . 2014-09-09 22:11 2048 ----a-w- c:\windows\system32\tzres.dll
2014-09-24 15:19 . 2014-09-09 21:47 2048 ----a-w- c:\windows\SysWow64\tzres.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-10-14 20:07 . 2013-03-07 21:43 103265616 ----a-w- c:\windows\system32\MRT.exe
2014-09-15 07:06 . 2013-03-07 20:59 278152 ------w- c:\windows\system32\MpSigStub.exe
2014-08-23 02:07 . 2014-08-28 04:54 404480 ----a-w- c:\windows\system32\gdi32.dll
2014-08-23 01:45 . 2014-08-28 04:54 311808 ----a-w- c:\windows\SysWow64\gdi32.dll
2014-08-17 03:57 . 2014-09-16 18:53 1766400 ----a-w- c:\windows\SysWow64\wininet.dll_old0
2014-08-17 03:57 . 2014-09-16 18:53 1180672 ----a-w- c:\windows\SysWow64\urlmon.dll_old0
2014-08-17 03:57 . 2014-09-16 18:53 2055168 ----a-w- c:\windows\SysWow64\iertutil.dll_old0
2014-08-01 11:53 . 2014-09-16 16:38 1031168 ----a-w- c:\windows\system32\TSWorkspace.dll
2014-08-01 11:35 . 2014-09-16 16:38 793600 ----a-w- c:\windows\SysWow64\TSWorkspace.dll
2014-07-25 12:50 . 2014-07-25 12:50 82072 ----a-w- c:\windows\cadkasdeinst01e.exe
2014-07-25 00:35 . 2014-07-25 00:35 875688 ----a-w- c:\windows\SysWow64\msvcr120_clr0400.dll
2014-07-24 21:47 . 2014-07-24 21:47 869544 ----a-w- c:\windows\system32\msvcr120_clr0400.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"Zoner Photo Studio Autoupdate"="c:\program files\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE" [2014-06-16 833024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
"VirtualCloneDrive"="c:\program files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
"ISUSScheduler"="c:\program files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
.
2;2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 AsrCDDrv;AsrCDDrv;c:\windows\SysWOW64\Drivers\AsrCDDrv.sys;c:\windows\SysWOW64\Drivers\AsrCDDrv.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 REN2CAP_DRIVER;Hear;c:\windows\system32\drivers\ren2cap.sys;c:\windows\SYSNATIVE\drivers\ren2cap.sys [x]
R3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\system32\DRIVERS\s0016bus.sys;c:\windows\SYSNATIVE\DRIVERS\s0016bus.sys [x]
R3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s0016mdfl.sys;c:\windows\SYSNATIVE\DRIVERS\s0016mdfl.sys [x]
R3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s0016mdm.sys;c:\windows\SYSNATIVE\DRIVERS\s0016mdm.sys [x]
R3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s0016mgmt.sys;c:\windows\SYSNATIVE\DRIVERS\s0016mgmt.sys [x]
R3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\system32\DRIVERS\s0016nd5.sys;c:\windows\SYSNATIVE\DRIVERS\s0016nd5.sys [x]
R3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s0016obex.sys;c:\windows\SYSNATIVE\DRIVERS\s0016obex.sys [x]
R3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\system32\DRIVERS\s0016unic.sys;c:\windows\SYSNATIVE\DRIVERS\s0016unic.sys [x]
R3 s115bus;Sony Ericsson Device 115 driver (WDM);c:\windows\system32\DRIVERS\s115bus.sys;c:\windows\SYSNATIVE\DRIVERS\s115bus.sys [x]
R3 s115mdfl;Sony Ericsson Device 115 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s115mdfl.sys;c:\windows\SYSNATIVE\DRIVERS\s115mdfl.sys [x]
R3 s115mdm;Sony Ericsson Device 115 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s115mdm.sys;c:\windows\SYSNATIVE\DRIVERS\s115mdm.sys [x]
R3 s115mgmt;Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s115mgmt.sys;c:\windows\SYSNATIVE\DRIVERS\s115mgmt.sys [x]
R3 s115obex;Sony Ericsson Device 115 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s115obex.sys;c:\windows\SYSNATIVE\DRIVERS\s115obex.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [x]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfpr.sys [x]
S2 Garmin Core Update Service;Garmin Core Update Service;c:\program files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe;c:\program files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 ISCT;Intel(R) Smart Connect Technology Device Driver;c:\windows\system32\DRIVERS\ISCTD64.sys;c:\windows\SYSNATIVE\DRIVERS\ISCTD64.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys;c:\windows\SYSNATIVE\Drivers\pcouffin.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-09-29 12:57 1096520 ----a-w- c:\program files (x86)\Google\Chrome\Application\37.0.2062.124\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-10-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-03-07 22:26]
.
2014-10-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-03-07 22:26]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-02-05 2234144]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-02-05 1179576]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-09-29 2716216]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://centrum.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.0.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-{ac22014a-a254-43b9-9cc0-e87cf9c7e18a} - c:\programdata\Package Cache\{ac22014a-a254-43b9-9cc0-e87cf9c7e18a}\GarminExpressInstaller.exe
AddRemove-{ce085a78-074e-4823-8dc1-8a721b94b76d} - c:\programdata\Package Cache\{ce085a78-074e-4823-8dc1-8a721b94b76d}\vcredist_x86.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_38_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_38_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_38_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_38_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_38.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_38.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_38.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_38.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2014-10-17 20:27:47
ComboFix-quarantined-files.txt 2014-10-17 18:27
ComboFix2.txt 2014-09-19 13:03
.
Před spuštěním: Volných bajtů: 30 750 834 688
Po spuštění: Volných bajtů: 30 226 841 600
.
- - End Of File - - 2FB1567E05BA6D4FAF51A55D2C11977B
A36C5E4F47E84449FF07ED3517B43A31

Příspěvekod **jaro3** » 17 říj 2014 21:35

Odinstaluj:
Yandex

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::
KillAll::
File::
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

Folder::
c:\programdata\Norton
c:\users\TIMvelký\AppData\Local\Yandex
c:\users\TIMvelký\AppData\Roaming\Yandex
c:\program files (x86)\Google\Update

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_38_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_38_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_38_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_38_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_38.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_38.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_38.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_38.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému

Toto otestuj na Virustotal
c:\windows\cadkasdeinst01e.exe

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

Nebo na:
http://www.virscan.org/

Kozlna · Příspěvekod **Kozlna** » 18 říj 2014 22:45

ComboFix 14-10-15.01 - TIMvelký 18.10.2014 21:36:42.3.2 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.4061.2144 [GMT 2:00]
Spuštěný z: c:\users\TIMvelkř\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\TIMvelkř\Desktop\CFScript.txt
AV: ESET NOD32 Antivirus 4.0 *Disabled/Updated* {CB0F8167-5331-BA19-698E-64816B6801A5}
SP: ESET NOD32 Antivirus 4.0 *Disabled/Updated* {706E6083-750B-B597-533E-5FF310EF4B18}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-09-18 do 2014-10-18 )))))))))))))))))))))))))))))))
.
.
2014-10-18 19:40 . 2014-10-18 19:40 -------- d-----w- c:\users\TIMvelkĂ˝\AppData\Local\temp
2014-10-18 19:40 . 2014-10-18 19:40 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-10-17 13:38 . 2014-10-18 19:17 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{EE144695-1012-44FC-A6A7-87481C2C61C1}\offreg.dll
2014-10-17 13:37 . 2014-09-09 02:05 11578928 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{EE144695-1012-44FC-A6A7-87481C2C61C1}\mpengine.dll
2014-10-17 13:24 . 2014-10-18 19:40 -------- d-----w- c:\users\TIMvelký\AppData\Local\Temp
2014-10-17 13:24 . 2014-02-13 21:59 24064 ----a-w- c:\windows\zoek-delete.exe
2014-10-17 13:11 . 2014-10-17 13:22 -------- d-----w- C:\zoek_backup
2014-10-16 20:03 . 2014-10-17 12:58 37624 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2014-10-16 20:03 . 2014-10-16 20:03 -------- d-----w- c:\programdata\RogueKiller
2014-10-16 19:18 . 2014-10-16 19:18 -------- d-----w- c:\windows\ERUNT
2014-10-15 18:31 . 2014-10-15 18:31 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2014-10-15 16:07 . 2014-10-16 20:13 129752 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-10-15 16:06 . 2014-10-15 16:06 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2014-10-15 16:06 . 2014-10-15 16:06 -------- d-----w- c:\programdata\Malwarebytes
2014-10-15 16:06 . 2014-10-01 09:11 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-10-15 16:06 . 2014-10-01 09:11 93400 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-10-15 16:06 . 2014-10-01 09:11 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-10-15 15:52 . 2014-10-18 19:30 -------- d-----w- C:\AdwCleaner
2014-10-14 20:05 . 2014-06-18 22:23 73880 ----a-w- c:\windows\system32\mscories.dll
2014-10-11 16:14 . 2014-10-11 16:14 -------- d-----w- c:\program files (x86)\HYPERMAX
2014-10-11 08:28 . 2014-10-11 08:28 -------- d-----w- c:\program files\ESET
2014-10-04 17:23 . 2014-10-04 17:23 -------- d-----w- c:\users\TIMvelký\AppData\Roaming\Wargaming.net
2014-09-30 19:04 . 2014-09-25 02:08 371712 ----a-w- c:\windows\system32\qdvd.dll
2014-09-30 19:04 . 2014-09-25 01:40 519680 ----a-w- c:\windows\SysWow64\qdvd.dll
2014-09-27 22:13 . 2014-09-27 22:13 -------- d-----w- c:\users\TIMvelký\.smtube
2014-09-27 22:03 . 2014-09-27 22:03 -------- d-----w- c:\users\TIMvelký\AppData\Local\fontconfig
2014-09-27 21:51 . 2014-09-27 21:57 -------- d-----w- c:\program files (x86)\Common Files\Symantec Shared
2014-09-27 21:49 . 2014-09-27 22:03 -------- d-----w- c:\users\TIMvelký\.smplayer
2014-09-27 21:47 . 2014-09-27 21:57 -------- d-----w- c:\programdata\Norton
2014-09-27 21:47 . 2014-09-27 21:47 -------- d-----w- c:\users\TIMvelký\AppData\Local\Chromium
2014-09-27 21:47 . 2014-09-27 21:47 -------- d-----w- c:\users\TIMvelký\AppData\Roaming\Opera Software
2014-09-27 21:47 . 2014-10-18 19:23 -------- d-----w- c:\users\TIMvelký\AppData\Roaming\Yandex
2014-09-27 18:07 . 2014-09-27 18:07 -------- d-----w- c:\programdata\InstallShield
2014-09-27 18:07 . 2014-09-27 18:07 -------- d-----w- c:\program files (x86)\THQ
2014-09-24 18:26 . 2014-05-08 09:32 16384 ----a-w- c:\windows\system32\RdpGroupPolicyExtension.dll
2014-09-24 15:19 . 2014-09-09 22:11 2048 ----a-w- c:\windows\system32\tzres.dll
2014-09-24 15:19 . 2014-09-09 21:47 2048 ----a-w- c:\windows\SysWow64\tzres.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-10-14 20:07 . 2013-03-07 21:43 103265616 ----a-w- c:\windows\system32\MRT.exe
2014-09-15 07:06 . 2013-03-07 20:59 278152 ------w- c:\windows\system32\MpSigStub.exe
2014-08-23 02:07 . 2014-08-28 04:54 404480 ----a-w- c:\windows\system32\gdi32.dll
2014-08-23 01:45 . 2014-08-28 04:54 311808 ----a-w- c:\windows\SysWow64\gdi32.dll
2014-08-17 03:57 . 2014-09-16 18:53 1766400 ----a-w- c:\windows\SysWow64\wininet.dll_old0
2014-08-17 03:57 . 2014-09-16 18:53 1180672 ----a-w- c:\windows\SysWow64\urlmon.dll_old0
2014-08-17 03:57 . 2014-09-16 18:53 2055168 ----a-w- c:\windows\SysWow64\iertutil.dll_old0
2014-08-01 11:53 . 2014-09-16 16:38 1031168 ----a-w- c:\windows\system32\TSWorkspace.dll
2014-08-01 11:35 . 2014-09-16 16:38 793600 ----a-w- c:\windows\SysWow64\TSWorkspace.dll
2014-07-25 12:50 . 2014-07-25 12:50 82072 ----a-w- c:\windows\cadkasdeinst01e.exe
2014-07-25 00:35 . 2014-07-25 00:35 875688 ----a-w- c:\windows\SysWow64\msvcr120_clr0400.dll
2014-07-24 21:47 . 2014-07-24 21:47 869544 ----a-w- c:\windows\system32\msvcr120_clr0400.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"Zoner Photo Studio Autoupdate"="c:\program files\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE" [2014-06-16 833024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
"VirtualCloneDrive"="c:\program files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
"ISUSScheduler"="c:\program files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
.
2;2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 AsrCDDrv;AsrCDDrv;c:\windows\SysWOW64\Drivers\AsrCDDrv.sys;c:\windows\SysWOW64\Drivers\AsrCDDrv.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 REN2CAP_DRIVER;Hear;c:\windows\system32\drivers\ren2cap.sys;c:\windows\SYSNATIVE\drivers\ren2cap.sys [x]
R3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\system32\DRIVERS\s0016bus.sys;c:\windows\SYSNATIVE\DRIVERS\s0016bus.sys [x]
R3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s0016mdfl.sys;c:\windows\SYSNATIVE\DRIVERS\s0016mdfl.sys [x]
R3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s0016mdm.sys;c:\windows\SYSNATIVE\DRIVERS\s0016mdm.sys [x]
R3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s0016mgmt.sys;c:\windows\SYSNATIVE\DRIVERS\s0016mgmt.sys [x]
R3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\system32\DRIVERS\s0016nd5.sys;c:\windows\SYSNATIVE\DRIVERS\s0016nd5.sys [x]
R3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s0016obex.sys;c:\windows\SYSNATIVE\DRIVERS\s0016obex.sys [x]
R3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\system32\DRIVERS\s0016unic.sys;c:\windows\SYSNATIVE\DRIVERS\s0016unic.sys [x]
R3 s115bus;Sony Ericsson Device 115 driver (WDM);c:\windows\system32\DRIVERS\s115bus.sys;c:\windows\SYSNATIVE\DRIVERS\s115bus.sys [x]
R3 s115mdfl;Sony Ericsson Device 115 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s115mdfl.sys;c:\windows\SYSNATIVE\DRIVERS\s115mdfl.sys [x]
R3 s115mdm;Sony Ericsson Device 115 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s115mdm.sys;c:\windows\SYSNATIVE\DRIVERS\s115mdm.sys [x]
R3 s115mgmt;Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s115mgmt.sys;c:\windows\SYSNATIVE\DRIVERS\s115mgmt.sys [x]
R3 s115obex;Sony Ericsson Device 115 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s115obex.sys;c:\windows\SYSNATIVE\DRIVERS\s115obex.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [x]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfpr.sys [x]
S2 Garmin Core Update Service;Garmin Core Update Service;c:\program files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe;c:\program files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 ISCT;Intel(R) Smart Connect Technology Device Driver;c:\windows\system32\DRIVERS\ISCTD64.sys;c:\windows\SYSNATIVE\DRIVERS\ISCTD64.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys;c:\windows\SYSNATIVE\Drivers\pcouffin.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-09-29 12:57 1096520 ----a-w- c:\program files (x86)\Google\Chrome\Application\37.0.2062.124\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-10-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-03-07 22:26]
.
2014-10-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-03-07 22:26]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-02-05 2234144]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-02-05 1179576]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-09-29 2716216]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://centrum.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.0.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-{ac22014a-a254-43b9-9cc0-e87cf9c7e18a} - c:\programdata\Package Cache\{ac22014a-a254-43b9-9cc0-e87cf9c7e18a}\GarminExpressInstaller.exe
AddRemove-{ce085a78-074e-4823-8dc1-8a721b94b76d} - c:\programdata\Package Cache\{ce085a78-074e-4823-8dc1-8a721b94b76d}\vcredist_x86.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_38_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_38_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_38_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_38_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_38.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_38.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_38.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_38.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2014-10-18 21:42:11
ComboFix-quarantined-files.txt 2014-10-18 19:42
ComboFix2.txt 2014-10-17 18:27
ComboFix3.txt 2014-09-19 13:03
.
Před spuštěním: Volných bajtů: 31 629 950 976
Po spuštění: Volných bajtů: 31 420 776 448
.
- - End Of File - - F651E889C6E70457316A46F846D50F13
A36C5E4F47E84449FF07ED3517B43A31

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:04:07, on 18.10.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17344)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTray.exe
C:\Users\TIMvelký\Desktop\HijackThis .exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://centrum.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\PROGRAM FILES\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE"
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Garmin Core Update Service - Garmin Ltd or its subsidiaries - C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8563 bytes

swMBR version 1.0.1.2041 Copyright(c) 2014 AVAST Software
Run date: 2014-10-18 22:05:21
-----------------------------
22:05:21.091 OS Version: Windows x64 6.1.7601 Service Pack 1
22:05:21.091 Number of processors: 2 586 0x3A09
22:05:21.092 ComputerName: TIMVELKY-PC UserName: TIMvelký
22:05:22.032 Initialize success
22:05:22.041 VM: initialized successfully
22:05:22.058 VM: Intel CPU supported
22:05:28.340 VM: supported disk I/O ataport.SYS
22:05:45.028 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-1
22:05:45.031 Disk 0 Vendor: WDC_WD10EZEX-00ZF5A0 80.00A80 Size: 953869MB BusType: 11
22:05:45.084 VM: Disk 0 MBR read successfully
22:05:45.087 Disk 0 MBR scan
22:05:45.090 Disk 0 Windows 7 default MBR code
22:05:45.101 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
22:05:45.103 Disk 0 Boot: NTFS code=2
22:05:45.105 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 204800 MB offset 206848
22:05:45.117 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 199999 MB offset 419637248
22:05:45.119 Disk 0 Partition - 00 0F Extended LBA 548967 MB offset 829237248
22:05:45.139 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 204900 MB offset 829239296
22:05:45.142 Disk 0 Partition - 00 05 Extended 204901 MB offset 1248874496
22:05:45.166 Disk 0 Partition 5 00 07 HPFS/NTFS NTFS 204900 MB offset 1248876544
22:05:45.169 Disk 0 Partition - 00 05 Extended 139165 MB offset 2088148992
22:05:45.192 Disk 0 Partition 6 00 07 HPFS/NTFS NTFS 139164 MB offset 1668513792
22:05:45.237 Disk 0 scanning C:\Windows\system32\drivers
22:05:50.821 Service scanning
22:06:00.904 Modules scanning
22:06:00.911 Disk 0 trace - called modules:
22:06:00.929 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
22:06:00.934 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80045c2060]
22:06:00.940 3 CLASSPNP.SYS[fffff880019c843f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T0L0-1[0xfffffa80044bd060]
22:06:00.946 Scan finished successfully
22:06:34.981 Disk 0 MBR has been saved successfully to "C:\Users\TIMvelký\Desktop\MBR.dat"
22:06:34.984 The log file has been saved successfully to "C:\Users\TIMvelký\Desktop\aswMBR.txt"
22:07:33.052 Disk 0 MBR has been saved successfully to "C:\Users\TIMvelký\Documents\MBR.dat"
22:07:33.056 The log file has been saved successfully to "C:\Users\TIMvelký\Documents\aswMBR.txt"

File already analysed

This file was last analysed by VirusTotal on 2014-09-26 20:54:14 UTC, it was first analysed by VirusTotal on 2012-09-07 01:51:34 UTC.

Detection ratio: 0/55

You can take a look at the last analysis or analyse it again now.

Bohužel zcela jistě těm logům nerozumím. Jen se mi stala podobná věc na přenosném PC: nefungoval Windows update přesto že byl zapnutý hlásil: Služba Windows Update nyní nemůže vyhledat aktualizace, protože tato služba není spuštěna. Nakonec jsem zjistil že mám nainstalovaní originál ovladač Intelu který PC k chodu nepotřebuje ale přitom zblbne Windows update. Po odinstalování, jak mávnutím kouzelným proutkem vše ok. Proto mě vrtá hlavou, zda to nebude podobný případ, ale obráceně. Internet nabíhá na Chrome ,Esetu, a na mini aplikaci AccuWeather okamžitě. Přesto že centrum sítových připojení hlásí, že není připojený. A jelikož Explorer je Win aplikace tak čeká, až se přihlásí. A mám podezření na aktualizace Nvidia. Jak už jsem psal nerozumím tomu jen mi to vrtá hlavou. Díky za pomoc při objasnění této záhady.

Příspěvekod **jaro3** » 19 říj 2014 09:42

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O1 - Hosts: ::1 localhost

Ten script v Combofixu udělej znovu , v nouz. režimu.

Prosím o kontrolu logu

Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Kdo je online