Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 26.10.2014
Scan Time: 9:30:58
Logfile: 22222222222222222.txt
Administrator: Yes
Version: 2.00.3.1025
Malware Database: v2014.10.26.02
Rootkit Database: v2014.10.22.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: WIN-7
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 320960
Time Elapsed: 9 min, 1 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 8
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{a9d9ea68-5d09-43ef-a0c5-6f6a6f82a0e1}, , [5af058c1e597082ee1ee8d1a36cc669a],
PUP.Optional.MindSpark.A, HKU\S-1-5-21-1771569909-1647976279-3687859458-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{A9D9EA68-5D09-43EF-A0C5-6F6A6F82A0E1}, , [5af058c1e597082ee1ee8d1a36cc669a],
PUP.Optional.MindSpark.A, HKU\S-1-5-21-1771569909-1647976279-3687859458-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{A9D9EA68-5D09-43EF-A0C5-6F6A6F82A0E1}, , [5af058c1e597082ee1ee8d1a36cc669a],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\SafePCRepair_89, , [77d346d3433983b3d65cbd8a5ba8a759],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@SafePCRepair_89.com/Plugin, , [1b2f34e53f3d132359d6291e73903dc3],
PUP.Optional.MindSpark.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SafePCRepair_89Service, , [64e6bf5ab4c8a59164d195b29a693dc3],
PUP.Optional.MindSpark.A, HKU\S-1-5-21-1771569909-1647976279-3687859458-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SafePCRepair_89, , [0c3ec356a5d7a19559d0f25505fe9e62],
PUP.Optional.MindSpark.A, HKU\S-1-5-21-1771569909-1647976279-3687859458-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\SafePCRepair_89, , [8fbb0f0a7c009b9b5a48c27c72915ca4],
Registry Values: 8
PUP.Optional.MindSpark.A, HKU\S-1-5-21-1771569909-1647976279-3687859458-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER|{A9D9EA68-5D09-43EF-A0C5-6F6A6F82A0E1}, hÄ?A®Â© ]Ä?C Ä1ojoâ?? A!, , [5af058c1e597082ee1ee8d1a36cc669a]
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{A9D9EA68-5D09-43EF-A0C5-6F6A6F82A0E1}, , [5af058c1e597082ee1ee8d1a36cc669a],
PUP.Optional.MindSpark.A, HKU\S-1-5-21-1771569909-1647976279-3687859458-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER\{A9D9EA68-5D09-43EF-A0C5-6F6A6F82A0E1}, , [83c7fd1c7efe0f27a52a980f3ec451af],
PUP.Optional.MindSpark.A, HKU\S-1-5-21-1771569909-1647976279-3687859458-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS\{be823b8c-a7ec-4078-a321-0f8046cbb48a}, , [c6847d9cee8e191dc60af6b16f93cd33],
PUP.Optional.MindSpark.A, HKU\S-1-5-21-1771569909-1647976279-3687859458-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS|{BE823B8C-A7EC-4078-A321-0F8046CBB48A}, , [c6847d9cee8e191dc60af6b16f93cd33],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\{a9d9ea68-5d09-43ef-a0c5-6f6a6f82a0e1}, , [82c898810c70fc3ae5eadbccf80a2ed2],
PUP.Optional.MindSpark, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|SafePCRepair AppIntegrator 32-bit, C:\PROGRA~2\SAFEPC~2\bar\1.bin\AppIntegrator.exe, , [0347eb2ea4d876c0ef7f150da95ac63a]
PUP.Optional.MindSpark, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|SafePCRepair AppIntegrator 64-bit, C:\PROGRA~2\SAFEPC~2\bar\1.bin\AppIntegrator64.exe, , [361445d4601ccb6b1b5347db5ea53ec2]
Registry Data: 0
(No malicious items detected)
Folders: 2
PUP.Optional.MindSpark.A, C:\Users\WIN-7\AppData\Roaming\Mozilla\Firefox\Profiles\rlzsrqeu.default\extensions\89ffxtbr@SafePCRepair_89.com, , [7dcdc7520b718da95359d32ae41e30d0],
PUP.Optional.MindSpark.A, C:\Users\WIN-7\AppData\Roaming\Mozilla\Firefox\Profiles\rlzsrqeu.default\extensions\89ffxtbr@SafePCRepair_89.com\chrome, , [7dcdc7520b718da95359d32ae41e30d0],
Files: 6
PUP.Optional.Spigot.A, C:\Windows\Installer\1b76e7.msi, , [1d2de930daa2ae8898f50fb29b66d42c],
PUP.Optional.MindSpark.A, C:\Users\WIN-7\AppData\Roaming\Mozilla\Firefox\Profiles\rlzsrqeu.default\extensions\89ffxtbr@SafePCRepair_89.com\bootstrap.js, , [7dcdc7520b718da95359d32ae41e30d0],
PUP.Optional.MindSpark.A, C:\Users\WIN-7\AppData\Roaming\Mozilla\Firefox\Profiles\rlzsrqeu.default\extensions\89ffxtbr@SafePCRepair_89.com\chrome.manifest, , [7dcdc7520b718da95359d32ae41e30d0],
PUP.Optional.MindSpark.A, C:\Users\WIN-7\AppData\Roaming\Mozilla\Firefox\Profiles\rlzsrqeu.default\extensions\89ffxtbr@SafePCRepair_89.com\install.rdf, , [7dcdc7520b718da95359d32ae41e30d0],
PUP.Optional.MindSpark.A, C:\Users\WIN-7\AppData\Roaming\Mozilla\Firefox\Profiles\rlzsrqeu.default\extensions\89ffxtbr@SafePCRepair_89.com\installKeys.js, , [7dcdc7520b718da95359d32ae41e30d0],
PUP.Optional.MindSpark.A, C:\Users\WIN-7\AppData\Roaming\Mozilla\Firefox\Profiles\rlzsrqeu.default\extensions\89ffxtbr@SafePCRepair_89.com\chrome\89ffxtbr.jar, , [7dcdc7520b718da95359d32ae41e30d0],
Physical Sectors: 0
(No malicious items detected)
(end)
Stránky se samy pohybují nahoru dolů, kurzor skáče… *
Re: Stránky se samy pohybují nahoru dolů, kurzor skáče… *
RogueKiller V10.0.3.0 [Oct 22 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com
Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno : Normální režim
Uživatel : WIN-7 [Práva správce]
Mód : Smazat -- Datum : 10/26/2014 11:13:56
¤¤¤ Procesy : 0 ¤¤¤
¤¤¤ Registry : 8 ¤¤¤
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-1771569909-1647976279-3687859458-1000\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.seznam.cz/ -> Nevybráno
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-1771569909-1647976279-3687859458-1000\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.seznam.cz/ -> Nevybráno
[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Nevybráno
[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Nevybráno
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nevybráno
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Nevybráno
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nevybráno
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Nevybráno
¤¤¤ Úlohy : 0 ¤¤¤
¤¤¤ Soubory : 0 ¤¤¤
¤¤¤ Soubor HOSTS : 0 ¤¤¤
¤¤¤ Antirootkit : 0 (Driver: Nenahrán [0xc000036b]) ¤¤¤
¤¤¤ Webové prohlížeče : 1 ¤¤¤
[PUM.HomePage][FIREFX:Config] rlzsrqeu.default : user_pref("browser.startup.homepage", "http://www.seznam.cz/"); -> Nevybráno
¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: WDC WD7500AAKS-00RBA0 ATA Device +++++
--- User ---
[MBR] b0ceb66e63918d7b9dfaeba0c5d79af0
[BSP] 3c4af5d591a2cf6ae9b8e4b99fa5da61 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 715402 MB
User = LL1 ... OK
User = LL2 ... OK
+++++ PhysicalDrive1: GENERIC USB Storage-SMC USB Device +++++
Error reading User MBR! ([15] Za?ízení není p?ipraveno. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Po?adavek není podporován. )
+++++ PhysicalDrive2: GENERIC USB Storage-CFC USB Device +++++
Error reading User MBR! ([15] Za?ízení není p?ipraveno. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Po?adavek není podporován. )
+++++ PhysicalDrive3: GENERIC USB Storage-SDC USB Device +++++
Error reading User MBR! ([15] Za?ízení není p?ipraveno. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Po?adavek není podporován. )
+++++ PhysicalDrive4: GENERIC USB Storage-MSC USB Device +++++
Error reading User MBR! ([15] Za?ízení není p?ipraveno. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Po?adavek není podporován. )
============================================
RKreport_DEL_10252014_232318.log - RKreport_SCN_10252014_231938.log - RKreport_SCN_10262014_111302.log
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com
Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno : Normální režim
Uživatel : WIN-7 [Práva správce]
Mód : Smazat -- Datum : 10/26/2014 11:13:56
¤¤¤ Procesy : 0 ¤¤¤
¤¤¤ Registry : 8 ¤¤¤
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-1771569909-1647976279-3687859458-1000\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.seznam.cz/ -> Nevybráno
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-1771569909-1647976279-3687859458-1000\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.seznam.cz/ -> Nevybráno
[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Nevybráno
[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Nevybráno
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nevybráno
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Nevybráno
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nevybráno
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Nevybráno
¤¤¤ Úlohy : 0 ¤¤¤
¤¤¤ Soubory : 0 ¤¤¤
¤¤¤ Soubor HOSTS : 0 ¤¤¤
¤¤¤ Antirootkit : 0 (Driver: Nenahrán [0xc000036b]) ¤¤¤
¤¤¤ Webové prohlížeče : 1 ¤¤¤
[PUM.HomePage][FIREFX:Config] rlzsrqeu.default : user_pref("browser.startup.homepage", "http://www.seznam.cz/"); -> Nevybráno
¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: WDC WD7500AAKS-00RBA0 ATA Device +++++
--- User ---
[MBR] b0ceb66e63918d7b9dfaeba0c5d79af0
[BSP] 3c4af5d591a2cf6ae9b8e4b99fa5da61 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 715402 MB
User = LL1 ... OK
User = LL2 ... OK
+++++ PhysicalDrive1: GENERIC USB Storage-SMC USB Device +++++
Error reading User MBR! ([15] Za?ízení není p?ipraveno. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Po?adavek není podporován. )
+++++ PhysicalDrive2: GENERIC USB Storage-CFC USB Device +++++
Error reading User MBR! ([15] Za?ízení není p?ipraveno. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Po?adavek není podporován. )
+++++ PhysicalDrive3: GENERIC USB Storage-SDC USB Device +++++
Error reading User MBR! ([15] Za?ízení není p?ipraveno. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Po?adavek není podporován. )
+++++ PhysicalDrive4: GENERIC USB Storage-MSC USB Device +++++
Error reading User MBR! ([15] Za?ízení není p?ipraveno. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Po?adavek není podporován. )
============================================
RKreport_DEL_10252014_232318.log - RKreport_SCN_10252014_231938.log - RKreport_SCN_10262014_111302.log
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43287
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Stránky se samy pohybují nahoru dolů, kurzor skáče… *
. spusť znovu MbAM a dej Skenovat nyní
- po proběhnutí programu se ti objeví hláška tak klikni na „Vše do karantény(smazat vybrané)“ a na „Exportovat záznam“ a vyber „textový soubor“ , soubor nějak pojmenuj a někam ho ulož. Zkopíruj se celý obsah toho logu.
Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB (kromě myši s klávesnice) nebo externí disky z počítače před spuštěním tohoto programu.
Spusť znovu RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Pak klikni na "Prohledat " ,po jeho skončení:
- V záložkách (Registry , Tasks , Web Browser apod.) vše zatrhni (dej zatržítka)
(musíš dát myší zatržítko do toho čtverečku vlevo od registru ap.)
- Klikni na "Smazat"
- Počkej, dokud Status box nezobrazí " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller
Stáhni
Zoek.exe
a uloz si ho na plochu.
Zavři všechny ostatní programy , okna i prohlížeče.
Spusť Zoek.exe ( u win vista , win7, 8 klikni na něj pravým a vyber : „Spustit jako správce“
- pozor , náběh programu může trvat déle.
Do okna programu vlož skript níže:
klikni na Run Script
Program provede sken , opravu, sken i oprava může trvat i více minut ,je třeba posečkat do konce. Do okna neklikej!
Program nabídne restart , potvrď .
Po restartu se může nějaký čas ukázat pouze černá plocha , to je normální. Je třeba počkat až se vytvoří log. Ten si můžeš uložit třeba do dokumentů , jinak se sám ukládá do:
C:\zoek-results.log
Zkopíruj sem celý obsah toho logu.
- po proběhnutí programu se ti objeví hláška tak klikni na „Vše do karantény(smazat vybrané)“ a na „Exportovat záznam“ a vyber „textový soubor“ , soubor nějak pojmenuj a někam ho ulož. Zkopíruj se celý obsah toho logu.
Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB (kromě myši s klávesnice) nebo externí disky z počítače před spuštěním tohoto programu.
Spusť znovu RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Pak klikni na "Prohledat " ,po jeho skončení:
- V záložkách (Registry , Tasks , Web Browser apod.) vše zatrhni (dej zatržítka)
(musíš dát myší zatržítko do toho čtverečku vlevo od registru ap.)
- Klikni na "Smazat"
- Počkej, dokud Status box nezobrazí " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller
Stáhni
Zoek.exe
a uloz si ho na plochu.
Zavři všechny ostatní programy , okna i prohlížeče.
Spusť Zoek.exe ( u win vista , win7, 8 klikni na něj pravým a vyber : „Spustit jako správce“
- pozor , náběh programu může trvat déle.
Do okna programu vlož skript níže:
Kód: Vybrat vše
autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts; klikni na Run Script
Program provede sken , opravu, sken i oprava může trvat i více minut ,je třeba posečkat do konce. Do okna neklikej!
Program nabídne restart , potvrď .
Po restartu se může nějaký čas ukázat pouze černá plocha , to je normální. Je třeba počkat až se vytvoří log. Ten si můžeš uložit třeba do dokumentů , jinak se sám ukládá do:
C:\zoek-results.log
Zkopíruj sem celý obsah toho logu.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Stránky se samy pohybují nahoru dolů, kurzor skáče… *
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 27.10.2014
Scan Time: 9:27:01
Logfile: 1111111111111111111.txt
Administrator: Yes
Version: 2.00.3.1025
Malware Database: v2014.10.27.01
Rootkit Database: v2014.10.22.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: WIN-7
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 321106
Time Elapsed: 9 min, 16 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 0
(No malicious items detected)
Registry Values: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Folders: 0
(No malicious items detected)
Files: 0
(No malicious items detected)
Physical Sectors: 0
(No malicious items detected)
(end)
www.malwarebytes.org
Scan Date: 27.10.2014
Scan Time: 9:27:01
Logfile: 1111111111111111111.txt
Administrator: Yes
Version: 2.00.3.1025
Malware Database: v2014.10.27.01
Rootkit Database: v2014.10.22.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: WIN-7
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 321106
Time Elapsed: 9 min, 16 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 0
(No malicious items detected)
Registry Values: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Folders: 0
(No malicious items detected)
Files: 0
(No malicious items detected)
Physical Sectors: 0
(No malicious items detected)
(end)
Re: Stránky se samy pohybují nahoru dolů, kurzor skáče… *
RogueKiller V10.0.3.0 [Oct 22 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com
Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno : Normální režim
Uživatel : WIN-7 [Práva správce]
Mód : Smazat -- Datum : 10/27/2014 10:18:33
¤¤¤ Procesy : 0 ¤¤¤
¤¤¤ Registry : 8 ¤¤¤
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-1771569909-1647976279-3687859458-1000\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.seznam.cz/ -> Nevybráno
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-1771569909-1647976279-3687859458-1000\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.seznam.cz/ -> Nevybráno
[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Nevybráno
[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Nevybráno
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nevybráno
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Nevybráno
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nevybráno
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Nevybráno
¤¤¤ Úlohy : 0 ¤¤¤
¤¤¤ Soubory : 0 ¤¤¤
¤¤¤ Soubor HOSTS : 0 ¤¤¤
¤¤¤ Antirootkit : 0 (Driver: Nenahrán [0xc000036b]) ¤¤¤
¤¤¤ Webové prohlížeče : 1 ¤¤¤
[PUM.HomePage][FIREFX:Config] rlzsrqeu.default : user_pref("browser.startup.homepage", "http://www.seznam.cz/"); -> Nevybráno
¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: WDC WD7500AAKS-00RBA0 ATA Device +++++
--- User ---
[MBR] b0ceb66e63918d7b9dfaeba0c5d79af0
[BSP] 3c4af5d591a2cf6ae9b8e4b99fa5da61 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 715402 MB
User = LL1 ... OK
User = LL2 ... OK
+++++ PhysicalDrive1: GENERIC USB Storage-SMC USB Device +++++
Error reading User MBR! ([15] Za?ízení není p?ipraveno. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Po?adavek není podporován. )
+++++ PhysicalDrive2: GENERIC USB Storage-CFC USB Device +++++
Error reading User MBR! ([15] Za?ízení není p?ipraveno. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Po?adavek není podporován. )
+++++ PhysicalDrive3: GENERIC USB Storage-SDC USB Device +++++
Error reading User MBR! ([15] Za?ízení není p?ipraveno. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Po?adavek není podporován. )
+++++ PhysicalDrive4: GENERIC USB Storage-MSC USB Device +++++
Error reading User MBR! ([15] Za?ízení není p?ipraveno. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Po?adavek není podporován. )
============================================
RKreport_DEL_10252014_232318.log - RKreport_DEL_10262014_111356.log - RKreport_SCN_10252014_231938.log - RKreport_SCN_10262014_111302.log
RKreport_SCN_10272014_101405.log
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com
Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno : Normální režim
Uživatel : WIN-7 [Práva správce]
Mód : Smazat -- Datum : 10/27/2014 10:18:33
¤¤¤ Procesy : 0 ¤¤¤
¤¤¤ Registry : 8 ¤¤¤
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-1771569909-1647976279-3687859458-1000\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.seznam.cz/ -> Nevybráno
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-1771569909-1647976279-3687859458-1000\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.seznam.cz/ -> Nevybráno
[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Nevybráno
[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Nevybráno
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nevybráno
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Nevybráno
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nevybráno
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Nevybráno
¤¤¤ Úlohy : 0 ¤¤¤
¤¤¤ Soubory : 0 ¤¤¤
¤¤¤ Soubor HOSTS : 0 ¤¤¤
¤¤¤ Antirootkit : 0 (Driver: Nenahrán [0xc000036b]) ¤¤¤
¤¤¤ Webové prohlížeče : 1 ¤¤¤
[PUM.HomePage][FIREFX:Config] rlzsrqeu.default : user_pref("browser.startup.homepage", "http://www.seznam.cz/"); -> Nevybráno
¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: WDC WD7500AAKS-00RBA0 ATA Device +++++
--- User ---
[MBR] b0ceb66e63918d7b9dfaeba0c5d79af0
[BSP] 3c4af5d591a2cf6ae9b8e4b99fa5da61 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 715402 MB
User = LL1 ... OK
User = LL2 ... OK
+++++ PhysicalDrive1: GENERIC USB Storage-SMC USB Device +++++
Error reading User MBR! ([15] Za?ízení není p?ipraveno. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Po?adavek není podporován. )
+++++ PhysicalDrive2: GENERIC USB Storage-CFC USB Device +++++
Error reading User MBR! ([15] Za?ízení není p?ipraveno. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Po?adavek není podporován. )
+++++ PhysicalDrive3: GENERIC USB Storage-SDC USB Device +++++
Error reading User MBR! ([15] Za?ízení není p?ipraveno. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Po?adavek není podporován. )
+++++ PhysicalDrive4: GENERIC USB Storage-MSC USB Device +++++
Error reading User MBR! ([15] Za?ízení není p?ipraveno. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Po?adavek není podporován. )
============================================
RKreport_DEL_10252014_232318.log - RKreport_DEL_10262014_111356.log - RKreport_SCN_10252014_231938.log - RKreport_SCN_10262014_111302.log
RKreport_SCN_10272014_101405.log
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43287
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Stránky se samy pohybují nahoru dolů, kurzor skáče… *
Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB (kromě myši s klávesnice) nebo externí disky z počítače před spuštěním tohoto programu.
Spusť znovu RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Pak klikni na "Prohledat " ,po jeho skončení:
- V záložkách (Registry , Tasks , Web Browser apod.) vše zatrhni (dej zatržítka)
(musíš dát myší zatržítko do toho čtverečku vlevo od registru ap.)
- Klikni na "Smazat"
- Počkej, dokud Status box nezobrazí " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller
A Zoek.exe?,
Prosím, odpoj všechny USB (kromě myši s klávesnice) nebo externí disky z počítače před spuštěním tohoto programu.
Spusť znovu RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Pak klikni na "Prohledat " ,po jeho skončení:
- V záložkách (Registry , Tasks , Web Browser apod.) vše zatrhni (dej zatržítka)
(musíš dát myší zatržítko do toho čtverečku vlevo od registru ap.)
- Klikni na "Smazat"
- Počkej, dokud Status box nezobrazí " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller
A Zoek.exe?,
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Stránky se samy pohybují nahoru dolů, kurzor skáče… *
RogueKiller V10.0.3.0 [Oct 22 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com
Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno : Normální režim
Uživatel : WIN-7 [Práva správce]
Mód : Smazat -- Datum : 10/27/2014 23:23:56
¤¤¤ Procesy : 0 ¤¤¤
¤¤¤ Registry : 8 ¤¤¤
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-1771569909-1647976279-3687859458-1000\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.seznam.cz/ -> Nahrazeno (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-1771569909-1647976279-3687859458-1000\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.seznam.cz/ -> Nahrazeno (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Nahrazeno (2)
[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Nahrazeno (2)
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nahrazeno (0)
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Nahrazeno (0)
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nahrazeno (0)
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Nahrazeno (0)
¤¤¤ Úlohy : 0 ¤¤¤
¤¤¤ Soubory : 0 ¤¤¤
¤¤¤ Soubor HOSTS : 2 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost -> Smazáno
[C:\Windows\System32\drivers\etc\hosts] ::1 localhost -> Smazáno
¤¤¤ Antirootkit : 0 (Driver: Nenahrán [0xc000036b]) ¤¤¤
¤¤¤ Webové prohlížeče : 3 ¤¤¤
[FIREFX:Addon] rlzsrqeu.default : Seznam lištička [{ea614400-e918-4741-9a97-7a972ff7c30b}] -> Smazáno
[FIREFX:Addon] rlzsrqeu.default : avast! Online Security [wrc@avast.com] -> Smazáno
[FIREFX:Addon] rlzsrqeu.default : McAfee Security Scan Plus detection [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] -> Smazáno
¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: WDC WD7500AAKS-00RBA0 ATA Device +++++
--- User ---
[MBR] b0ceb66e63918d7b9dfaeba0c5d79af0
[BSP] 3c4af5d591a2cf6ae9b8e4b99fa5da61 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 715402 MB
User = LL1 ... OK
User = LL2 ... OK
+++++ PhysicalDrive1: GENERIC USB Storage-SMC USB Device +++++
Error reading User MBR! ([15] Za?ízení není p?ipraveno. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Po?adavek není podporován. )
+++++ PhysicalDrive2: GENERIC USB Storage-CFC USB Device +++++
Error reading User MBR! ([15] Za?ízení není p?ipraveno. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Po?adavek není podporován. )
+++++ PhysicalDrive3: GENERIC USB Storage-SDC USB Device +++++
Error reading User MBR! ([15] Za?ízení není p?ipraveno. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Po?adavek není podporován. )
+++++ PhysicalDrive4: GENERIC USB Storage-MSC USB Device +++++
Error reading User MBR! ([15] Za?ízení není p?ipraveno. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Po?adavek není podporován. )
============================================
RKreport_DEL_10252014_232318.log - RKreport_DEL_10262014_111356.log - RKreport_DEL_10272014_101833.log - RKreport_SCN_10252014_231938.log
RKreport_SCN_10262014_111302.log - RKreport_SCN_10272014_101405.log - RKreport_SCN_10272014_232000.log
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com
Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno : Normální režim
Uživatel : WIN-7 [Práva správce]
Mód : Smazat -- Datum : 10/27/2014 23:23:56
¤¤¤ Procesy : 0 ¤¤¤
¤¤¤ Registry : 8 ¤¤¤
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-1771569909-1647976279-3687859458-1000\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.seznam.cz/ -> Nahrazeno (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-1771569909-1647976279-3687859458-1000\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.seznam.cz/ -> Nahrazeno (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Nahrazeno (2)
[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Nahrazeno (2)
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nahrazeno (0)
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Nahrazeno (0)
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nahrazeno (0)
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Nahrazeno (0)
¤¤¤ Úlohy : 0 ¤¤¤
¤¤¤ Soubory : 0 ¤¤¤
¤¤¤ Soubor HOSTS : 2 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost -> Smazáno
[C:\Windows\System32\drivers\etc\hosts] ::1 localhost -> Smazáno
¤¤¤ Antirootkit : 0 (Driver: Nenahrán [0xc000036b]) ¤¤¤
¤¤¤ Webové prohlížeče : 3 ¤¤¤
[FIREFX:Addon] rlzsrqeu.default : Seznam lištička [{ea614400-e918-4741-9a97-7a972ff7c30b}] -> Smazáno
[FIREFX:Addon] rlzsrqeu.default : avast! Online Security [wrc@avast.com] -> Smazáno
[FIREFX:Addon] rlzsrqeu.default : McAfee Security Scan Plus detection [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] -> Smazáno
¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: WDC WD7500AAKS-00RBA0 ATA Device +++++
--- User ---
[MBR] b0ceb66e63918d7b9dfaeba0c5d79af0
[BSP] 3c4af5d591a2cf6ae9b8e4b99fa5da61 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 715402 MB
User = LL1 ... OK
User = LL2 ... OK
+++++ PhysicalDrive1: GENERIC USB Storage-SMC USB Device +++++
Error reading User MBR! ([15] Za?ízení není p?ipraveno. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Po?adavek není podporován. )
+++++ PhysicalDrive2: GENERIC USB Storage-CFC USB Device +++++
Error reading User MBR! ([15] Za?ízení není p?ipraveno. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Po?adavek není podporován. )
+++++ PhysicalDrive3: GENERIC USB Storage-SDC USB Device +++++
Error reading User MBR! ([15] Za?ízení není p?ipraveno. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Po?adavek není podporován. )
+++++ PhysicalDrive4: GENERIC USB Storage-MSC USB Device +++++
Error reading User MBR! ([15] Za?ízení není p?ipraveno. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Po?adavek není podporován. )
============================================
RKreport_DEL_10252014_232318.log - RKreport_DEL_10262014_111356.log - RKreport_DEL_10272014_101833.log - RKreport_SCN_10252014_231938.log
RKreport_SCN_10262014_111302.log - RKreport_SCN_10272014_101405.log - RKreport_SCN_10272014_232000.log
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43287
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Stránky se samy pohybují nahoru dolů, kurzor skáče… *
A Zoek.exe?
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Stránky se samy pohybují nahoru dolů, kurzor skáče… *
Zoek - proveden 2x.
Re: Stránky se samy pohybují nahoru dolů, kurzor skáče… *
1.
Zoek.exe v5.0.0.0 Updated 27-10-2014
Tool run by WIN-7 on Łt 28.10.2014 at 9:42:23,80.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\WIN-7\Desktop\Nová složka (7)\zoek.com [Scan all users] [Script inserted]
==== Older Logs ======================
C:\zoek-results2014-10-27-140113.log 13787 bytes
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\WIN-7\AppData\Roaming\Mozilla\Firefox\Profiles\rlzsrqeu.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.useDBForOrder", true);
Added to C:\Users\WIN-7\AppData\Roaming\Mozilla\Firefox\Profiles\rlzsrqeu.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
==== Deleting Files \ Folders ======================
C:\Users\WIN-7\AppData\LocalLow\ADSRemoval deleted
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\Alwil Software\Avast5\WebRep\FF" [03.10.2014 19:54]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"{e4f94d1e-2f53-401e-8885-681602c0ddd8}"="C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi" [04.04.2014 11:36]
==== Firefox Extensions ======================
ProfilePath: C:\Users\WIN-7\AppData\Roaming\Mozilla\Firefox\Profiles\rlzsrqeu.default
- Free Download Manager plugin - C:\ProgramData\Free Download Manager\Firefox\Extensions\1.6.0.8
- Free Download Manager plugin - %ProfilePath%\extensions\fdm_ffext@freedownloadmanager.org
- Advanced SystemCare Surfing Protection - %ProfilePath%\extensions\ascsurfingprotection@iobit.com
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
==== Firefox Plugins ======================
Profilepath: C:\Users\WIN-7\AppData\Roaming\Mozilla\Firefox\Profiles\rlzsrqeu.default
DFC9460CC37E5C414DC4680B10C19E7A - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll - Shockwave Flash
D1DC265C3FF7F92B4A75A55B3749D48C - C:\Program Files\VLC\npvlc.dll - VLC Web Plugin
1B197A0ED28DB310AB67591567C3787A - C:\Windows\SysWOW64\npDeployJava1.dll - Java Deployment Toolkit 7.0.150.3
D94C362E750F8C283BF52537D3DF28B5 - C:\Users\WIN-7\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll - Facebook Plugin
15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System
==== Chromium Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx[03.10.2014 19:53]
Advanced SystemCare Surfing Protection - WIN-7\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbmegnmpleoagolcnjnejdacakedpcgd
Seznam Li\u0161ti\u010Dka - Email - WIN-7\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig
Seznam Li\u0161ti\u010Dka - Slovn\u00EDk - WIN-7\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd
avast Online Security - WIN-7\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.seznam.cz/"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.seznam.cz/"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} @ieframe.dll,-12512 Url="http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC"
{07462E64-1C1D-4B00-ABDA-1E50688074D7} Zbo§ˇ.cz Url="http://www.zbozi.cz/?q={searchTerms}&r=campmoz&sourceid=QuickSearch_12454"
{107E7678-07BA-48D0-80EA-4152C97ADCA7} Bing Url="http://www.bing.com/search?FORM=UP74DF&PC=UP74&dt=032613&q={searchTerms}&src=IE-SearchBox"
{1EB7515C-0348-42F4-9D1A-5634402411AB} Encyklopedie Seznam Url="http://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454"
{29300D7F-AB09-4E33-B3C2-43394DEEA6AD} Seznam TV Program Url="http://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454"
{38D6D3B1-2B10-474C-BEF7-0CDFB4010D92} Novinky.cz Url="http://www.novinky.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454"
{5B774506-5730-41A6-B347-28E2D9E19927} Slovnˇk CZ/EN Url="http://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Goo Url="http://www.google.com/search?q={sear"
{736F3620-9AB2-4522-B2B8-D73EF9CCFB05} Google Url="http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8"
{77621B07-7005-46D0-9552-C68E0E2BA724} Slovnˇk EN/CZ Url="http://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454"
{C624AA04-A992-40DC-9A64-B0662458CE40} Mapy.cz Url="http://www.mapy.cz/?query={searchTerms}&sourceid=QuickSearch_12454"
{DF0C53F8-515F-4732-80C6-48E0482B3C5D} Firmy.cz Url="http://www.firmy.cz/phr/{searchTerms}?sourceid=QuickSearch_12454"
==== Reset Google Chrome ======================
Nothing found to reset
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\WIN-7\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\WIN-7\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K1ZLP8QR will be deleted at reboot
==== Empty FireFox Cache ======================
C:\Users\WIN-7\AppData\Local\Mozilla\Firefox\Profiles\rlzsrqeu.default\cache2 emptied successfully
==== Empty Chrome Cache ======================
C:\Users\WIN-7\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=101 folders=34 54369131 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\WIN-7\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
Zoek.exe v5.0.0.0 Updated 27-10-2014
Tool run by WIN-7 on Łt 28.10.2014 at 9:42:23,80.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\WIN-7\Desktop\Nová složka (7)\zoek.com [Scan all users] [Script inserted]
==== Older Logs ======================
C:\zoek-results2014-10-27-140113.log 13787 bytes
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\WIN-7\AppData\Roaming\Mozilla\Firefox\Profiles\rlzsrqeu.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.useDBForOrder", true);
Added to C:\Users\WIN-7\AppData\Roaming\Mozilla\Firefox\Profiles\rlzsrqeu.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
==== Deleting Files \ Folders ======================
C:\Users\WIN-7\AppData\LocalLow\ADSRemoval deleted
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\Alwil Software\Avast5\WebRep\FF" [03.10.2014 19:54]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"{e4f94d1e-2f53-401e-8885-681602c0ddd8}"="C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi" [04.04.2014 11:36]
==== Firefox Extensions ======================
ProfilePath: C:\Users\WIN-7\AppData\Roaming\Mozilla\Firefox\Profiles\rlzsrqeu.default
- Free Download Manager plugin - C:\ProgramData\Free Download Manager\Firefox\Extensions\1.6.0.8
- Free Download Manager plugin - %ProfilePath%\extensions\fdm_ffext@freedownloadmanager.org
- Advanced SystemCare Surfing Protection - %ProfilePath%\extensions\ascsurfingprotection@iobit.com
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
==== Firefox Plugins ======================
Profilepath: C:\Users\WIN-7\AppData\Roaming\Mozilla\Firefox\Profiles\rlzsrqeu.default
DFC9460CC37E5C414DC4680B10C19E7A - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll - Shockwave Flash
D1DC265C3FF7F92B4A75A55B3749D48C - C:\Program Files\VLC\npvlc.dll - VLC Web Plugin
1B197A0ED28DB310AB67591567C3787A - C:\Windows\SysWOW64\npDeployJava1.dll - Java Deployment Toolkit 7.0.150.3
D94C362E750F8C283BF52537D3DF28B5 - C:\Users\WIN-7\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll - Facebook Plugin
15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System
==== Chromium Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx[03.10.2014 19:53]
Advanced SystemCare Surfing Protection - WIN-7\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbmegnmpleoagolcnjnejdacakedpcgd
Seznam Li\u0161ti\u010Dka - Email - WIN-7\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig
Seznam Li\u0161ti\u010Dka - Slovn\u00EDk - WIN-7\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd
avast Online Security - WIN-7\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.seznam.cz/"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.seznam.cz/"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} @ieframe.dll,-12512 Url="http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC"
{07462E64-1C1D-4B00-ABDA-1E50688074D7} Zbo§ˇ.cz Url="http://www.zbozi.cz/?q={searchTerms}&r=campmoz&sourceid=QuickSearch_12454"
{107E7678-07BA-48D0-80EA-4152C97ADCA7} Bing Url="http://www.bing.com/search?FORM=UP74DF&PC=UP74&dt=032613&q={searchTerms}&src=IE-SearchBox"
{1EB7515C-0348-42F4-9D1A-5634402411AB} Encyklopedie Seznam Url="http://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454"
{29300D7F-AB09-4E33-B3C2-43394DEEA6AD} Seznam TV Program Url="http://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454"
{38D6D3B1-2B10-474C-BEF7-0CDFB4010D92} Novinky.cz Url="http://www.novinky.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454"
{5B774506-5730-41A6-B347-28E2D9E19927} Slovnˇk CZ/EN Url="http://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Goo Url="http://www.google.com/search?q={sear"
{736F3620-9AB2-4522-B2B8-D73EF9CCFB05} Google Url="http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8"
{77621B07-7005-46D0-9552-C68E0E2BA724} Slovnˇk EN/CZ Url="http://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454"
{C624AA04-A992-40DC-9A64-B0662458CE40} Mapy.cz Url="http://www.mapy.cz/?query={searchTerms}&sourceid=QuickSearch_12454"
{DF0C53F8-515F-4732-80C6-48E0482B3C5D} Firmy.cz Url="http://www.firmy.cz/phr/{searchTerms}?sourceid=QuickSearch_12454"
==== Reset Google Chrome ======================
Nothing found to reset
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\WIN-7\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\WIN-7\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K1ZLP8QR will be deleted at reboot
==== Empty FireFox Cache ======================
C:\Users\WIN-7\AppData\Local\Mozilla\Firefox\Profiles\rlzsrqeu.default\cache2 emptied successfully
==== Empty Chrome Cache ======================
C:\Users\WIN-7\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=101 folders=34 54369131 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\WIN-7\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
Re: Stránky se samy pohybují nahoru dolů, kurzor skáče… *
2.
Zoek.exe v5.0.0.0 Updated 26-10-2014
Tool run by WIN-7 on po 27.10.2014 at 11:30:28,08.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\WIN-7\Desktop\Nová složka (7)\zoek.com [Scan all users] [Script inserted]
==== System Restore Info ======================
27.10.2014 11:31:56 Zoek.exe System Restore Point Created Succesfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-1771569909-1647976279-3687859458-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9CCC42F5-D545-4015-81D4-98A6AB706D45} deleted successfully
==== Deleting CLSID Registry Values ======================
HKEY_USERS\S-1-5-21-1771569909-1647976279-3687859458-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{5347542D-5637-006A-76A7-7A786E7484D7} deleted successfully
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\WIN-7\AppData\Roaming\Mozilla\Firefox\Profiles\rlzsrqeu.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.seznam.cz/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Yahoo!");
user_pref("browser.search.selectedEngine", "Yahoo!");
user_pref("keyword.URL", "https://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=198484&p=");
user_pref("browser.search.useDBForOrder", true);
Added to C:\Users\WIN-7\AppData\Roaming\Mozilla\Firefox\Profiles\rlzsrqeu.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
ProfilePath: C:\Users\WIN-7\AppData\Roaming\Mozilla\Firefox\Profiles\rlzsrqeu.default
user.js not found
---- Lines ask.com modified from prefs.js ----
user_pref("extensions.enabledItems", "DTToolbar@toolbarnet.com:1.1.2.0185,{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20,{A27F3FEF-1113-4cfb-A032-8E12D
---- FireFox user.js and prefs.js backups ----
prefs_27.10.2014_1307_.backup
==== Deleting Files \ Folders ======================
"C:\Windows\Installer\1b76e7.msi" not found
C:\PROGRA~3\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} deleted
C:\PROGRA~3\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} deleted
C:\PROGRA~2\Mozilla Firefox\defaults\preferences\pref.js deleted
C:\PROGRA~2\WinZip Driver Updater deleted
C:\Users\WIN-7\AppData\Roaming\WinZip\WinZipDU deleted
C:\Users\WIN-7\AppData\Roaming\ZoomBrowser EX deleted
C:\Users\WIN-7\AppData\Roaming\Sammsoft deleted
C:\PROGRA~3\Avg_Update_0814tb deleted
C:\PROGRA~3\ProductData deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk deleted
C:\Users\WIN-7\AppData\LocalLow\IObit Apps deleted
C:\Users\WIN-7\AppData\LocalLow\ADSRemoval deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG SafeGuard toolbar deleted
C:\Windows\tasks\WinZipDriverUpdater_UPDATES.job deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
"C:\PROGRA~2\Paradox Interactive" deleted
"C:\PROGRA~2\Windows Portable Devices" deleted
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\Alwil Software\Avast5\WebRep\FF" [03.10.2014 19:54]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"{e4f94d1e-2f53-401e-8885-681602c0ddd8}"="C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi" [04.04.2014 11:36]
==== Firefox Extensions ======================
ProfilePath: C:\Users\WIN-7\AppData\Roaming\Mozilla\Firefox\Profiles\rlzsrqeu.default
- Free Download Manager plugin - C:\ProgramData\Free Download Manager\Firefox\Extensions\1.6.0.8
- Free Download Manager plugin - %ProfilePath%\extensions\fdm_ffext@freedownloadmanager.org
- Advanced SystemCare Surfing Protection - %ProfilePath%\extensions\ascsurfingprotection@iobit.com
- Start Page - %ProfilePath%\extensions\{62DD0A97-FDD4-421b-94A5-D1A9434450C7}
- Seznam litika - %ProfilePath%\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
==== Firefox Plugins ======================
Profilepath: C:\Users\WIN-7\AppData\Roaming\Mozilla\Firefox\Profiles\rlzsrqeu.default
DFC9460CC37E5C414DC4680B10C19E7A - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll - Shockwave Flash
D1DC265C3FF7F92B4A75A55B3749D48C - C:\Program Files\VLC\npvlc.dll - VLC Web Plugin
1B197A0ED28DB310AB67591567C3787A - C:\Windows\SysWOW64\npDeployJava1.dll - Java Deployment Toolkit 7.0.150.3
D94C362E750F8C283BF52537D3DF28B5 - C:\Users\WIN-7\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll - Facebook Plugin
15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System
==== Deleted Firefox Extensions ======================
C:\Users\WIN-7\AppData\Roaming\Mozilla\Firefox\Profiles\rlzsrqeu.default\extensions\{62DD0A97-FDD4-421b-94A5-D1A9434450C7} deleted
==== Chromium Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx[03.10.2014 19:53]
Advanced SystemCare Surfing Protection - WIN-7\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbmegnmpleoagolcnjnejdacakedpcgd
Seznam Li\u0161ti\u010Dka - Email - WIN-7\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig
Seznam Li\u0161ti\u010Dka - Slovn\u00EDk - WIN-7\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd
avast Online Security - WIN-7\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.seznam.cz/"
"Search Page"="http://www.google.com"
"Default_Search_URL"="http://www.google.com/ie"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
@="http://www.google.com/search?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"SearchAssistant"="http://www.google.com/ie"
"Default_Search_URL"="http://www.google.com/ie"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://www.seznam.cz/"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} @ieframe.dll,-12512 Url="http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC"
{07462E64-1C1D-4B00-ABDA-1E50688074D7} Zbo§ˇ.cz Url="http://www.zbozi.cz/?q={searchTerms}&r=campmoz&sourceid=QuickSearch_12454"
{107E7678-07BA-48D0-80EA-4152C97ADCA7} Bing Url="http://www.bing.com/search?FORM=UP74DF&PC=UP74&dt=032613&q={searchTerms}&src=IE-SearchBox"
{1EB7515C-0348-42F4-9D1A-5634402411AB} Encyklopedie Seznam Url="http://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454"
{29300D7F-AB09-4E33-B3C2-43394DEEA6AD} Seznam TV Program Url="http://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454"
{38D6D3B1-2B10-474C-BEF7-0CDFB4010D92} Novinky.cz Url="http://www.novinky.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454"
{5B774506-5730-41A6-B347-28E2D9E19927} Slovnˇk CZ/EN Url="http://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Goo Url="http://www.google.com/search?q={sear"
{736F3620-9AB2-4522-B2B8-D73EF9CCFB05} Google Url="http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8"
{77621B07-7005-46D0-9552-C68E0E2BA724} Slovnˇk EN/CZ Url="http://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454"
{C624AA04-A992-40DC-9A64-B0662458CE40} Mapy.cz Url="http://www.mapy.cz/?query={searchTerms}&sourceid=QuickSearch_12454"
{DF0C53F8-515F-4732-80C6-48E0482B3C5D} Firmy.cz Url="http://www.firmy.cz/phr/{searchTerms}?sourceid=QuickSearch_12454"
==== Reset Google Chrome ======================
C:\Users\WIN-7\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\WIN-7\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3356AC34C0E398B49AF93621243FCC3F deleted successfully
HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9854A5C4-5BE5-46E2-A989-352DD8B37E20}_is1 deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{43CA6533-3E0C-4B89-A99F-631242F3CCF3} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\3356AC34C0E398B49AF93621243FCC3F deleted successfully
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\WIN-7\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\WIN-7\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\APYGL7IL will be deleted at reboot
C:\Users\WIN-7\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GT6GIZ1I will be deleted at reboot
C:\Users\WIN-7\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K1ZLP8QR will be deleted at reboot
C:\Users\WIN-7\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZATK32ZW will be deleted at reboot
==== Empty FireFox Cache ======================
C:\Users\WIN-7\AppData\Local\Mozilla\Firefox\Profiles\rlzsrqeu.default\cache2 emptied successfully
==== Empty Chrome Cache ======================
C:\Users\WIN-7\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache is not empty, a reboot is needed
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=101 folders=33 54369036 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\WIN-7\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp will be emptied at reboot
C:\Windows\Temp will be emptied at reboot
Zoek.exe v5.0.0.0 Updated 26-10-2014
Tool run by WIN-7 on po 27.10.2014 at 11:30:28,08.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\WIN-7\Desktop\Nová složka (7)\zoek.com [Scan all users] [Script inserted]
==== System Restore Info ======================
27.10.2014 11:31:56 Zoek.exe System Restore Point Created Succesfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-1771569909-1647976279-3687859458-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9CCC42F5-D545-4015-81D4-98A6AB706D45} deleted successfully
==== Deleting CLSID Registry Values ======================
HKEY_USERS\S-1-5-21-1771569909-1647976279-3687859458-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{5347542D-5637-006A-76A7-7A786E7484D7} deleted successfully
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\WIN-7\AppData\Roaming\Mozilla\Firefox\Profiles\rlzsrqeu.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.seznam.cz/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Yahoo!");
user_pref("browser.search.selectedEngine", "Yahoo!");
user_pref("keyword.URL", "https://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=198484&p=");
user_pref("browser.search.useDBForOrder", true);
Added to C:\Users\WIN-7\AppData\Roaming\Mozilla\Firefox\Profiles\rlzsrqeu.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
ProfilePath: C:\Users\WIN-7\AppData\Roaming\Mozilla\Firefox\Profiles\rlzsrqeu.default
user.js not found
---- Lines ask.com modified from prefs.js ----
user_pref("extensions.enabledItems", "DTToolbar@toolbarnet.com:1.1.2.0185,{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20,{A27F3FEF-1113-4cfb-A032-8E12D
---- FireFox user.js and prefs.js backups ----
prefs_27.10.2014_1307_.backup
==== Deleting Files \ Folders ======================
"C:\Windows\Installer\1b76e7.msi" not found
C:\PROGRA~3\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} deleted
C:\PROGRA~3\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} deleted
C:\PROGRA~2\Mozilla Firefox\defaults\preferences\pref.js deleted
C:\PROGRA~2\WinZip Driver Updater deleted
C:\Users\WIN-7\AppData\Roaming\WinZip\WinZipDU deleted
C:\Users\WIN-7\AppData\Roaming\ZoomBrowser EX deleted
C:\Users\WIN-7\AppData\Roaming\Sammsoft deleted
C:\PROGRA~3\Avg_Update_0814tb deleted
C:\PROGRA~3\ProductData deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk deleted
C:\Users\WIN-7\AppData\LocalLow\IObit Apps deleted
C:\Users\WIN-7\AppData\LocalLow\ADSRemoval deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG SafeGuard toolbar deleted
C:\Windows\tasks\WinZipDriverUpdater_UPDATES.job deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
"C:\PROGRA~2\Paradox Interactive" deleted
"C:\PROGRA~2\Windows Portable Devices" deleted
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\Alwil Software\Avast5\WebRep\FF" [03.10.2014 19:54]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"{e4f94d1e-2f53-401e-8885-681602c0ddd8}"="C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi" [04.04.2014 11:36]
==== Firefox Extensions ======================
ProfilePath: C:\Users\WIN-7\AppData\Roaming\Mozilla\Firefox\Profiles\rlzsrqeu.default
- Free Download Manager plugin - C:\ProgramData\Free Download Manager\Firefox\Extensions\1.6.0.8
- Free Download Manager plugin - %ProfilePath%\extensions\fdm_ffext@freedownloadmanager.org
- Advanced SystemCare Surfing Protection - %ProfilePath%\extensions\ascsurfingprotection@iobit.com
- Start Page - %ProfilePath%\extensions\{62DD0A97-FDD4-421b-94A5-D1A9434450C7}
- Seznam litika - %ProfilePath%\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
==== Firefox Plugins ======================
Profilepath: C:\Users\WIN-7\AppData\Roaming\Mozilla\Firefox\Profiles\rlzsrqeu.default
DFC9460CC37E5C414DC4680B10C19E7A - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll - Shockwave Flash
D1DC265C3FF7F92B4A75A55B3749D48C - C:\Program Files\VLC\npvlc.dll - VLC Web Plugin
1B197A0ED28DB310AB67591567C3787A - C:\Windows\SysWOW64\npDeployJava1.dll - Java Deployment Toolkit 7.0.150.3
D94C362E750F8C283BF52537D3DF28B5 - C:\Users\WIN-7\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll - Facebook Plugin
15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System
==== Deleted Firefox Extensions ======================
C:\Users\WIN-7\AppData\Roaming\Mozilla\Firefox\Profiles\rlzsrqeu.default\extensions\{62DD0A97-FDD4-421b-94A5-D1A9434450C7} deleted
==== Chromium Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx[03.10.2014 19:53]
Advanced SystemCare Surfing Protection - WIN-7\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbmegnmpleoagolcnjnejdacakedpcgd
Seznam Li\u0161ti\u010Dka - Email - WIN-7\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig
Seznam Li\u0161ti\u010Dka - Slovn\u00EDk - WIN-7\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd
avast Online Security - WIN-7\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.seznam.cz/"
"Search Page"="http://www.google.com"
"Default_Search_URL"="http://www.google.com/ie"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
@="http://www.google.com/search?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"SearchAssistant"="http://www.google.com/ie"
"Default_Search_URL"="http://www.google.com/ie"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://www.seznam.cz/"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} @ieframe.dll,-12512 Url="http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC"
{07462E64-1C1D-4B00-ABDA-1E50688074D7} Zbo§ˇ.cz Url="http://www.zbozi.cz/?q={searchTerms}&r=campmoz&sourceid=QuickSearch_12454"
{107E7678-07BA-48D0-80EA-4152C97ADCA7} Bing Url="http://www.bing.com/search?FORM=UP74DF&PC=UP74&dt=032613&q={searchTerms}&src=IE-SearchBox"
{1EB7515C-0348-42F4-9D1A-5634402411AB} Encyklopedie Seznam Url="http://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454"
{29300D7F-AB09-4E33-B3C2-43394DEEA6AD} Seznam TV Program Url="http://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454"
{38D6D3B1-2B10-474C-BEF7-0CDFB4010D92} Novinky.cz Url="http://www.novinky.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454"
{5B774506-5730-41A6-B347-28E2D9E19927} Slovnˇk CZ/EN Url="http://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Goo Url="http://www.google.com/search?q={sear"
{736F3620-9AB2-4522-B2B8-D73EF9CCFB05} Google Url="http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8"
{77621B07-7005-46D0-9552-C68E0E2BA724} Slovnˇk EN/CZ Url="http://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454"
{C624AA04-A992-40DC-9A64-B0662458CE40} Mapy.cz Url="http://www.mapy.cz/?query={searchTerms}&sourceid=QuickSearch_12454"
{DF0C53F8-515F-4732-80C6-48E0482B3C5D} Firmy.cz Url="http://www.firmy.cz/phr/{searchTerms}?sourceid=QuickSearch_12454"
==== Reset Google Chrome ======================
C:\Users\WIN-7\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\WIN-7\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3356AC34C0E398B49AF93621243FCC3F deleted successfully
HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9854A5C4-5BE5-46E2-A989-352DD8B37E20}_is1 deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{43CA6533-3E0C-4B89-A99F-631242F3CCF3} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\3356AC34C0E398B49AF93621243FCC3F deleted successfully
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\WIN-7\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\WIN-7\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\APYGL7IL will be deleted at reboot
C:\Users\WIN-7\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GT6GIZ1I will be deleted at reboot
C:\Users\WIN-7\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K1ZLP8QR will be deleted at reboot
C:\Users\WIN-7\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZATK32ZW will be deleted at reboot
==== Empty FireFox Cache ======================
C:\Users\WIN-7\AppData\Local\Mozilla\Firefox\Profiles\rlzsrqeu.default\cache2 emptied successfully
==== Empty Chrome Cache ======================
C:\Users\WIN-7\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache is not empty, a reboot is needed
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=101 folders=33 54369036 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\WIN-7\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp will be emptied at reboot
C:\Windows\Temp will be emptied at reboot
-
Orcus
- člen Security týmu
-
Elite Level 10.5
- Příspěvky: 10645
- Registrován: duben 10
- Bydliště: Okolo rostou 3 růže =o)
- Pohlaví:
- Stav:
Offline
Re: Stránky se samy pohybují nahoru dolů, kurzor skáče… *
Jak to vypadá s problémy?
Láska hřeje, ale uhlí je uhlí. 
Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.
Pár rad k bezpečnosti PC.
Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix
Pokud budete spokojeni , můžete podpořit naše fórum.
Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.
Pár rad k bezpečnosti PC.
Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix
Pokud budete spokojeni , můžete podpořit naše fórum.
Kdo je online
Uživatelé prohlížející si toto fórum: Karrex a 118 hostů