Win7 -pády PC Vyřešeno

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

multa62
Level 2
Level 2
Příspěvky: 153
Registrován: únor 09
Bydliště: Havířov
Pohlaví: Muž
Stav:
Offline

Win7 -pády PC

Příspěvekod multa62 » 16 pro 2014 20:26

Prosím o kontrolu logu.
Pády PC zejména při hrách(hra spadne,na spodní liště se objeví ikona-kliknutím na ni hra většinou pokračuje).

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:11:53, on 16.12.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\Origin\Origin.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Users\MULTA\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\MULTA\Downloads\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: DeviceVM Url Search Hook - {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - C:\Windows\System32\dvmurl.dll
R3 - URLSearchHook: (no name) - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - (no file)
O2 - BHO: Linkey - {4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: (no name) - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - (no file)
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [VolPanel] "C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" /r
O4 - HKLM\..\Run: [P17RunE] RunDll32 P17RunE.dll,RunDLLEntry
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe /boot
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\MULTA\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\MULTA\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [EADM] "C:\Program Files\Origin\Origin.exe" -AutoStart
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Smart Driver Updater] C:\Program Files\Smart PC Solutions\Smart Driver Updater\SDULauncher.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Freemake Improver - Freemake - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files\Origin\OriginClientService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: SmdmF Service (SmdmFService) - Aztec Media Inc - C:\Program Files\Settings Manager\smdmf\SmdmFService.exe
O23 - Service: WindowsMangerProtect Service (WindowsMangerProtect) - Fuyu LIMITED - C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe

--
End of file - 7191 bytes
Win10/Pro; CPU-Ryzen 5/2600;AGP Asus Rog Strix B450 gaming;SSD-Kingston 240GB;RAM 8GB
GPU-GeForce GTX 1060 3G ;;zdroj Corsair 450W ;;

Reklama
Uživatelský avatar
Orcus
člen Security týmu
Elite Level 10.5
Elite Level 10.5
Příspěvky: 10645
Registrován: duben 10
Bydliště: Okolo rostou 3 růže =o)
Pohlaví: Muž
Stav:
Offline

Re: Win7 -pády PC

Příspěvekod Orcus » 16 pro 2014 23:05

A ta ikona je růžová, fialovaá, bleděmodrá? Nemáme křišťálovou kouli, tak buď více konkrétní (ideálně printscreen) :-)

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.

===================================================

Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

===================================================

Stáhni AdwCleaner (by Xplode)

Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

===================================================

Stáhni si Malwarebytes' Anti-Malware
- Při instalaci odeber zatržítko u „Povolit bezplatnou zkušební verzi Malwarebytes' Anti-Malware Premium“
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a klikni na Skenovat nyní a
- po proběhnutí programu se ti objeví hláška vpravo dole tak klikni na b] Kopírovat do schránky [/b]a a vlož sem celý log.

- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).

Pokud budou problémy , spusť v nouz. režimu.
Láska hřeje, ale uhlí je uhlí. :fire:



Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.

Pár rad k bezpečnosti PC.

Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix

Pokud budete spokojeni , můžete podpořit naše fórum.

multa62
Level 2
Level 2
Příspěvky: 153
Registrován: únor 09
Bydliště: Havířov
Pohlaví: Muž
Stav:
Offline

Re: Win7 -pády PC

Příspěvekod multa62 » 17 pro 2014 16:15

Jedná se vždy o ikonu zástupce té,či oné hry a je samozřejmě pokaždé jiná(podle hry)momentálně kulatá růžová s bílou hvězdou uvnitř (Wings of Prey).
Teď nevím,jestli mám udělat postupně všechny akce jak jsi mi popsal,nebo stačí vybrat jednu z nich ?
Win10/Pro; CPU-Ryzen 5/2600;AGP Asus Rog Strix B450 gaming;SSD-Kingston 240GB;RAM 8GB
GPU-GeForce GTX 1060 3G ;;zdroj Corsair 450W ;;

guest
Pohlaví: Nespecifikováno

Re: Win7 -pády PC

Příspěvekod guest » 17 pro 2014 16:23

Všechny postupně jak to máš napsané.

Odesláno z mého MT15i

multa62
Level 2
Level 2
Příspěvky: 153
Registrován: únor 09
Bydliště: Havířov
Pohlaví: Muž
Stav:
Offline

Re: Win7 -pády PC

Příspěvekod multa62 » 17 pro 2014 16:40

Už při tom prvním ATF Cleaner mi to vypsalo hlášku: jste si jistí atd... dal jsem ano -vypsalo ,žádné soubory byly odstraněny.Znovu jsem se vrátil na začátek a dal ne -opět žádné soubory ...což je podle mne nesmysl těch cache souborů tam musí být hafo.
Win10/Pro; CPU-Ryzen 5/2600;AGP Asus Rog Strix B450 gaming;SSD-Kingston 240GB;RAM 8GB
GPU-GeForce GTX 1060 3G ;;zdroj Corsair 450W ;;

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Win7 -pády PC

Příspěvekod jaro3 » 17 pro 2014 19:03

ATF vynech a pokračuj dál.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

multa62
Level 2
Level 2
Příspěvky: 153
Registrován: únor 09
Bydliště: Havířov
Pohlaví: Muž
Stav:
Offline

Re: Win7 -pády PC

Příspěvekod multa62 » 18 pro 2014 03:46

Teď jsem v takovém ,,malém" průšvihu.Zkoušel jsem ATF spustit v nouzovém režimu .Fungoval stejně-tedy nijak ,ale PC už se mi nepodařilo otevřít v normálním provozu.Zkoušel jsem dát poslední bod obnovení ,ale je to totéž.Mohl by jsi mi prosím poradit jak z toho ven.Ještě ,že mám na jiném disku WinXP,tak teď komunikuji přes OS-XP.
Win10/Pro; CPU-Ryzen 5/2600;AGP Asus Rog Strix B450 gaming;SSD-Kingston 240GB;RAM 8GB
GPU-GeForce GTX 1060 3G ;;zdroj Corsair 450W ;;

multa62
Level 2
Level 2
Příspěvky: 153
Registrován: únor 09
Bydliště: Havířov
Pohlaví: Muž
Stav:
Offline

Re: Win7 -pády PC

Příspěvekod multa62 » 18 pro 2014 05:56

Promiň,že otravuji zbytečnostmi,ale už je to OK.Win 7 nabíhá normálně (odstraněno zatržítko ) .
Budu tedy pokračovat v doporučeném postupu.
Win10/Pro; CPU-Ryzen 5/2600;AGP Asus Rog Strix B450 gaming;SSD-Kingston 240GB;RAM 8GB
GPU-GeForce GTX 1060 3G ;;zdroj Corsair 450W ;;

multa62
Level 2
Level 2
Příspěvky: 153
Registrován: únor 09
Bydliště: Havířov
Pohlaví: Muž
Stav:
Offline

Re: Win7 -pády PC

Příspěvekod multa62 » 18 pro 2014 06:22

# AdwCleaner v4.105 - Report created 18/12/2014 at 06:12:11
# Updated 08/12/2014 by Xplode
# Database : 2014-12-16.1 [Live]
# Operating System : Windows 7 Ultimate Service Pack 1 (32 bits)
# Username : MULTA - MULTA-PC
# Running from : C:\Users\MULTA\Desktop\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****

Service Found : F06DEFF2-5B9C-490D-910F-35D3A9119622
Service Found : SmdmFService
Service Found : WindowsMangerProtect

***** [ Files / Folders ] *****

File Found : C:\Program Files\Mozilla Firefox\browser\searchplugins\default-search.xml
File Found : C:\Program Files\Mozilla Firefox\browser\searchplugins\webssearches.xml
File Found : C:\Users\MULTA\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.ak.facebook.com_0.localstorage
File Found : C:\Users\MULTA\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.ak.facebook.com_0.localstorage-journal
File Found : C:\Users\MULTA\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage-journal
File Found : C:\Users\MULTA\AppData\Roaming\Mozilla\Firefox\Profiles\46ohr41a.default\invalidprefs.js
File Found : C:\Users\MULTA\AppData\Roaming\Mozilla\Firefox\Profiles\46ohr41a.default\searchplugins\aol-web-search.xml
File Found : C:\Users\MULTA\AppData\Roaming\Mozilla\Firefox\Profiles\46ohr41a.default\searchplugins\Askcom.xml
File Found : C:\Users\MULTA\AppData\Roaming\Mozilla\Firefox\Profiles\46ohr41a.default\searchplugins\askcomsearch.xml
File Found : C:\Users\MULTA\AppData\Roaming\Mozilla\Firefox\Profiles\46ohr41a.default\searchplugins\ask-search.xml
File Found : C:\Users\MULTA\AppData\Roaming\Mozilla\Firefox\Profiles\46ohr41a.default\searchplugins\ask-web-search.xml
File Found : C:\Users\MULTA\AppData\Roaming\Mozilla\Firefox\Profiles\46ohr41a.default\searchplugins\bingp.xml
File Found : C:\Users\MULTA\AppData\Roaming\Mozilla\Firefox\Profiles\46ohr41a.default\searchplugins\daemon-search.xml
File Found : C:\Users\MULTA\AppData\Roaming\Mozilla\Firefox\Profiles\46ohr41a.default\searchplugins\default-search.xml
File Found : C:\Users\MULTA\AppData\Roaming\Mozilla\Firefox\Profiles\46ohr41a.default\searchplugins\winamp-search.xml
File Found : C:\Users\MULTA\Desktop\Smart Driver Updater.lnk
File Found : C:\Users\Public\Desktop\Babylon.lnk
File Found : C:\Users\Public\Desktop\Babylon.lnk
Folder Found : C:\Program Files\Babylon
Folder Found : C:\Program Files\driver-soft
Folder Found : C:\Program Files\GreenTree Applications
Folder Found : C:\Program Files\Internet Speed Checker
Folder Found : C:\Program Files\Internet Speed Checker
Folder Found : C:\Program Files\NCH Software
Folder Found : C:\Program Files\Settings Manager
Folder Found : C:\Program Files\Smart Driver Updater
Folder Found : C:\ProgramData\apn
Folder Found : C:\ProgramData\Babylon
Folder Found : C:\ProgramData\drivergenius
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader
Folder Found : C:\ProgramData\NCH Software
Folder Found : C:\ProgramData\smdmf
Folder Found : C:\ProgramData\WindowsMangerProtect
Folder Found : C:\ProgramData\ytd video downloader
Folder Found : C:\Users\MULTA\AppData\Local\Babylon
Folder Found : C:\Users\MULTA\AppData\Local\Slick Savings
Folder Found : C:\Users\MULTA\AppData\Roaming\Babylon
Folder Found : C:\Users\MULTA\AppData\Roaming\FirefoxToolbar
Folder Found : C:\Users\MULTA\AppData\Roaming\NCH Software
Folder Found : C:\Users\MULTA\AppData\Roaming\OpenCandy
Folder Found : C:\Users\MULTA\AppData\Roaming\RHEng
Folder Found : C:\Users\MULTA\Documents\PC Speed Maximizer
Folder Found : C:\Users\Public\Documents\drivergenius

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Data Found : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command [(Default)] - "C:\Program Files\Mozilla Firefox\firefox.exe" hxxp://istart.webssearches.com/?type=sc ... XX9QGAEMTA
Data Found : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command [(Default)] - "C:\Program Files\Google\Chrome\Application\chrome.exe" hxxp://istart.webssearches.com/?type=sc ... XX9QGAEMTA
Key Found : HKCU\Software\APN PIP
Key Found : HKCU\Software\AppDataLow\Software\Smartbar
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\InstalledBrowserExtensions
Key Found : HKCU\Software\LINKEY
Key Found : HKCU\Software\Linkey
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\babylon.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\babylon.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\isearch.babylon.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2503}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}
Key Found : HKCU\Software\Mozilla\Extends
Key Found : HKCU\Software\SmdmF
Key Found : HKLM\SOFTWARE\Babylon
Key Found : HKLM\SOFTWARE\Classes\AppID\{6A7CD9EC-D8BD-4340-BCD0-77C09A282921}
Key Found : HKLM\SOFTWARE\Classes\AppID\iedll.dll
Key Found : HKLM\SOFTWARE\Classes\CLSID\{059EACC2-1ABE-49E8-928D-DC8BD355B7A9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E1842850-FB16-4471-B327-7343FBAED55C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4613B1C1-FBC0-43C3-A4B9-B1D6CD360BB3}
Key Found : HKLM\SOFTWARE\Classes\Interface\{AA760BA8-5862-4BC5-9263-4452CBC0B264}
Key Found : HKLM\SOFTWARE\Classes\Linkey.Linkey
Key Found : HKLM\SOFTWARE\CLASSES\Linkey.Linkey
Key Found : HKLM\SOFTWARE\Classes\SettingsManagerIEHelper.DNSGuard
Key Found : HKLM\SOFTWARE\Classes\SettingsManagerIEHelper.DNSGuard.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{726E90BE-DC22-4965-B215-E0784DC26F47}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{93D511B5-143B-4A99-ABFC-B5B78AD0AE1B}
Key Found : HKLM\SOFTWARE\Conduit
Key Found : HKLM\SOFTWARE\Driver-Soft
Key Found : HKLM\SOFTWARE\dt soft\daemon tools toolbar
Key Found : HKLM\SOFTWARE\GlobalUpdate
Key Found : HKLM\SOFTWARE\InstalledBrowserExtensions
Key Found : HKLM\SOFTWARE\Internet Speed Checker
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2503}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Driver Genius Professional Edition_is1
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Settings Manager
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Smart Driver Updater_is1
Key Found : HKLM\SOFTWARE\MyAshampoo\toolbar
Key Found : HKLM\SOFTWARE\PIP
Key Found : HKLM\SOFTWARE\SmdmF
Key Found : HKLM\SOFTWARE\supWindowsMangerProtect
Key Found : HKLM\SOFTWARE\webssearchesSoftware
Key Found : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}]
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Smart Driver Updater]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [faststartff@gmail.com]
Value Found : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x64]
Value Found : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x86]
Value Found : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x64]
Value Found : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x86]
Value Found : HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\AppCertDlls [x64]
Value Found : HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\AppCertDlls [x86]

***** [ Browsers ] *****

-\\ Internet Explorer v0.0.0.0


-\\ Mozilla Firefox v34.0.5 (x86 cs)

[46ohr41a.default] - Line Found : user_pref("CT2405280.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
[46ohr41a.default] - Line Found : user_pref("CT2405280.CTID", "CT2405280");
[46ohr41a.default] - Line Found : user_pref("CT2405280.CurrentServerDate", "1-12-2010");
[46ohr41a.default] - Line Found : user_pref("CT2405280.DialogsAlignMode", "LTR");
[46ohr41a.default] - Line Found : user_pref("CT2405280.DownloadReferralCookieData", "");
[46ohr41a.default] - Line Found : user_pref("CT2405280.EMailNotifierPollDate", "Wed Dec 01 2010 18:34:47 GMT+0100");
[46ohr41a.default] - Line Found : user_pref("CT2405280.FeedLastCount1783261708582779529", 1487);
[46ohr41a.default] - Line Found : user_pref("CT2405280.FeedPollDate129255180392415092", "Wed Dec 01 2010 18:34:48 GMT+0100");
[46ohr41a.default] - Line Found : user_pref("CT2405280.FeedPollDate129255180392415098", "Wed Dec 01 2010 18:34:48 GMT+0100");
[46ohr41a.default] - Line Found : user_pref("CT2405280.FeedPollDate129255180392415104", "Wed Dec 01 2010 18:34:48 GMT+0100");
[46ohr41a.default] - Line Found : user_pref("CT2405280.FeedPollDate129255180392415110", "Wed Dec 01 2010 18:34:48 GMT+0100");
[46ohr41a.default] - Line Found : user_pref("CT2405280.FeedPollDate129255180392415116", "Wed Dec 01 2010 18:34:48 GMT+0100");
[46ohr41a.default] - Line Found : user_pref("CT2405280.FeedPollDate129255180392415122", "Wed Dec 01 2010 18:34:49 GMT+0100");
[46ohr41a.default] - Line Found : user_pref("CT2405280.FeedPollDate129255180392571378", "Wed Dec 01 2010 18:34:49 GMT+0100");
[46ohr41a.default] - Line Found : user_pref("CT2405280.FeedPollDate129255180392571384", "Wed Dec 01 2010 18:34:49 GMT+0100");
[46ohr41a.default] - Line Found : user_pref("CT2405280.FeedPollDate129255180392571390", "Wed Dec 01 2010 18:34:49 GMT+0100");
[46ohr41a.default] - Line Found : user_pref("CT2405280.FeedPollDate129255180392571396", "Wed Dec 01 2010 18:34:49 GMT+0100");
[46ohr41a.default] - Line Found : user_pref("CT2405280.FeedPollDate129255180392571402", "Wed Dec 01 2010 18:34:49 GMT+0100");
[46ohr41a.default] - Line Found : user_pref("CT2405280.FeedPollDate129255180392571408", "Wed Dec 01 2010 18:34:49 GMT+0100");
[46ohr41a.default] - Line Found : user_pref("CT2405280.FeedPollDate129255180392571414", "Wed Dec 01 2010 18:34:49 GMT+0100");
[46ohr41a.default] - Line Found : user_pref("CT2405280.FeedPollDate129255180392571420", "Wed Dec 01 2010 18:34:49 GMT+0100");
[46ohr41a.default] - Line Found : user_pref("CT2405280.FeedPollDate129255180392571426", "Wed Dec 01 2010 18:34:49 GMT+0100");
[46ohr41a.default] - Line Found : user_pref("CT2405280.FeedPollDate129255180392571432", "Wed Dec 01 2010 18:34:49 GMT+0100");
[46ohr41a.default] - Line Found : user_pref("CT2405280.FeedPollDate129255180392571438", "Wed Dec 01 2010 18:34:50 GMT+0100");
[46ohr41a.default] - Line Found : user_pref("CT2405280.FeedPollDate129255180392571444", "Wed Dec 01 2010 18:34:50 GMT+0100");
[46ohr41a.default] - Line Found : user_pref("CT2405280.FeedPollDate129255180392727700", "Wed Dec 01 2010 18:34:50 GMT+0100");
[46ohr41a.default] - Line Found : user_pref("CT2405280.FeedPollDate129255180392727706", "Wed Dec 01 2010 18:34:50 GMT+0100");
[46ohr41a.default] - Line Found : user_pref("CT2405280.FeedPollDate129255180392727712", "Wed Dec 01 2010 18:34:50 GMT+0100");
[46ohr41a.default] - Line Found : user_pref("CT2405280.FeedPollDate129255180392727718", "Wed Dec 01 2010 18:34:50 GMT+0100");
[46ohr41a.default] - Line Found : user_pref("CT2405280.FeedPollDate129255180392727724", "Wed Dec 01 2010 18:34:50 GMT+0100");
[46ohr41a.default] - Line Found : user_pref("CT2405280.FeedPollDate129255180392727730", "Wed Dec 01 2010 18:34:50 GMT+0100");
[46ohr41a.default] - Line Found : user_pref("CT2405280.FeedPollDate129255180392727736", "Wed Dec 01 2010 18:34:50 GMT+0100");
[46ohr41a.default] - Line Found : user_pref("CT2405280.FeedPollDate129255180392727742", "Wed Dec 01 2010 18:34:50 GMT+0100");
[46ohr41a.default] - Line Found : user_pref("CT2405280.FeedPollDate129255180392727748", "Wed Dec 01 2010 18:34:51 GMT+0100");
[46ohr41a.default] - Line Found : user_pref("CT2405280.FeedPollDate129255180392727754", "Wed Dec 01 2010 18:34:51 GMT+0100");
[46ohr41a.default] - Line Found : user_pref("CT2405280.FeedPollDate129255180392727760", "Wed Dec 01 2010 18:34:51 GMT+0100");
[46ohr41a.default] - Line Found : user_pref("CT2405280.FeedPollDate129255180392727766", "Wed Dec 01 2010 18:34:51 GMT+0100");
[46ohr41a.default] - Line Found : user_pref("CT2405280.FeedPollDate129255180392727772", "Wed Dec 01 2010 18:34:51 GMT+0100");
[46ohr41a.default] - Line Found : user_pref("CT2405280.FeedPollDate129255180392727778", "Wed Dec 01 2010 18:34:51 GMT+0100");
[46ohr41a.default] - Line Found : user_pref("CT2405280.FeedPollDate129255180392727784", "Wed Dec 01 2010 18:34:51 GMT+0100");
[46ohr41a.default] - Line Found : user_pref("CT2405280.FeedPollDate129255180392727790", "Wed Dec 01 2010 18:34:51 GMT+0100");
[46ohr41a.default] - Line Found : user_pref("CT2405280.FeedPollDate129255180392727796", "Wed Dec 01 2010 18:34:51 GMT+0100");
[46ohr41a.default] - Line Found : user_pref("CT2405280.FeedPollDate129255180392727802", "Wed Dec 01 2010 18:34:51 GMT+0100");
[46ohr41a.default] - Line Found : user_pref("CT2405280.FeedPollDate129255180392727808", "Wed Dec 01 2010 18:34:52 GMT+0100");
[46ohr41a.default] - Line Found : user_pref("CT2405280.FeedPollDate129255180392727814", "Wed Dec 01 2010 18:34:52 GMT+0100");
[46ohr41a.default] - Line Found : user_pref("CT2405280.FeedPollDate129255180392727820", "Wed Dec 01 2010 18:34:52 GMT+0100");
[46ohr41a.default] - Line Found : user_pref("CT2405280.FeedPollDate129255180392727826", "Wed Dec 01 2010 18:34:52 GMT+0100");
[46ohr41a.default] - Line Found : user_pref("CT2405280.FeedPollDate129255180392727832", "Wed Dec 01 2010 18:34:52 GMT+0100");
[46ohr41a.default] - Line Found : user_pref("CT2405280.FeedPollDate129255180392727838", "Wed Dec 01 2010 18:34:52 GMT+0100");
[46ohr41a.default] - Line Found : user_pref("CT2405280.FeedPollDate129255180392727844", "Wed Dec 01 2010 18:34:52 GMT+0100");
[46ohr41a.default] - Line Found : user_pref("CT2405280.FeedPollDate129255180392727850", "Wed Dec 01 2010 18:34:52 GMT+0100");
[46ohr41a.default] - Line Found : user_pref("CT2405280.FeedPollDate129255180392727856", "Wed Dec 01 2010 18:34:52 GMT+0100");
[46ohr41a.default] - Line Found : user_pref("CT2405280.FeedPollDate129255180392727862", "Wed Dec 01 2010 18:34:52 GMT+0100");
[46ohr41a.default] - Line Found : user_pref("CT2405280.FeedPollDate129255180392727868", "Wed Dec 01 2010 18:34:52 GMT+0100");
[46ohr41a.default] - Line Found : user_pref("CT2405280.FeedPollDate129255180392727874", "Wed Dec 01 2010 18:34:52 GMT+0100");
[46ohr41a.default] - Line Found : user_pref("CT2405280.FeedPollDate129255180392727880", "Wed Dec 01 2010 18:34:53 GMT+0100");
[46ohr41a.default] - Line Found : user_pref("CT2405280.FeedPollDate129255180392727886", "Wed Dec 01 2010 18:34:53 GMT+0100");
[46ohr41a.default] - Line Found : user_pref("CT2405280.FeedPollDate129255180392727892", "Wed Dec 01 2010 18:34:53 GMT+0100");
[46ohr41a.default] - Line Found : user_pref("CT2405280.FeedPollDate129255180392727898", "Wed Dec 01 2010 18:34:53 GMT+0100");
[46ohr41a.default] - Line Found : user_pref("CT2405280.FeedTTL129255180392415104", 15);
[46ohr41a.default] - Line Found : user_pref("CT2405280.FeedTTL129255180392415116", 60);
[46ohr41a.default] - Line Found : user_pref("CT2405280.FeedTTL129255180392571420", 60);
[46ohr41a.default] - Line Found : user_pref("CT2405280.FeedTTL129255180392571426", 15);
[46ohr41a.default] - Line Found : user_pref("CT2405280.FeedTTL129255180392571432", 2);
[46ohr41a.default] - Line Found : user_pref("CT2405280.FeedTTL129255180392571438", 15);
[46ohr41a.default] - Line Found : user_pref("CT2405280.FeedTTL129255180392727700", 2);
[46ohr41a.default] - Line Found : user_pref("CT2405280.FeedTTL129255180392727706", 5);
[46ohr41a.default] - Line Found : user_pref("CT2405280.FeedTTL129255180392727712", 5);
[46ohr41a.default] - Line Found : user_pref("CT2405280.FeedTTL129255180392727724", 5);
[46ohr41a.default] - Line Found : user_pref("CT2405280.FeedTTL129255180392727736", 30);
[46ohr41a.default] - Line Found : user_pref("CT2405280.FeedTTL129255180392727742", 30);
[46ohr41a.default] - Line Found : user_pref("CT2405280.FeedTTL129255180392727766", 15);
[46ohr41a.default] - Line Found : user_pref("CT2405280.FeedTTL129255180392727778", 15);
[46ohr41a.default] - Line Found : user_pref("CT2405280.FeedTTL129255180392727784", 15);
[46ohr41a.default] - Line Found : user_pref("CT2405280.FeedTTL129255180392727790", 15);
[46ohr41a.default] - Line Found : user_pref("CT2405280.FeedTTL129255180392727808", 1440);
[46ohr41a.default] - Line Found : user_pref("CT2405280.FeedTTL129255180392727838", 10);
[46ohr41a.default] - Line Found : user_pref("CT2405280.FeedTTL129255180392727856", 5);
[46ohr41a.default] - Line Found : user_pref("CT2405280.FirstServerDate", "28-9-2010");
[46ohr41a.default] - Line Found : user_pref("CT2405280.FirstTime", true);
[46ohr41a.default] - Line Found : user_pref("CT2405280.FirstTimeFF3", true);
[46ohr41a.default] - Line Found : user_pref("CT2405280.FirstTimeSettingsDone", true);
[46ohr41a.default] - Line Found : user_pref("CT2405280.FixPageNotFoundErrors", true);
[46ohr41a.default] - Line Found : user_pref("CT2405280.GroupingServerCheckInterval", 1440);
[46ohr41a.default] - Line Found : user_pref("CT2405280.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
[46ohr41a.default] - Line Found : user_pref("CT2405280.Initialize", true);
[46ohr41a.default] - Line Found : user_pref("CT2405280.InitializeCommonPrefs", true);
[46ohr41a.default] - Line Found : user_pref("CT2405280.InstallationAndCookieDataSentCount", 2);
[46ohr41a.default] - Line Found : user_pref("CT2405280.InstallationType", "UnknownIntegration");
[46ohr41a.default] - Line Found : user_pref("CT2405280.InstalledDate", "Tue Sep 28 2010 06:36:38 GMT+0200");
[46ohr41a.default] - Line Found : user_pref("CT2405280.InvalidateCache", false);
[46ohr41a.default] - Line Found : user_pref("CT2405280.IsGrouping", false);
[46ohr41a.default] - Line Found : user_pref("CT2405280.IsMulticommunity", false);
[46ohr41a.default] - Line Found : user_pref("CT2405280.IsOpenThankYouPage", false);
[46ohr41a.default] - Line Found : user_pref("CT2405280.IsOpenUninstallPage", true);
[46ohr41a.default] - Line Found : user_pref("CT2405280.LanguagePackLastCheckTime", "Wed Dec 01 2010 18:34:49 GMT+0100");
[46ohr41a.default] - Line Found : user_pref("CT2405280.LanguagePackReloadIntervalMM", 1440);
[46ohr41a.default] - Line Found : user_pref("CT2405280.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
[46ohr41a.default] - Line Found : user_pref("CT2405280.LastLogin_2.7.1.3", "Wed Dec 01 2010 18:34:48 GMT+0100");
[46ohr41a.default] - Line Found : user_pref("CT2405280.LatestVersion", "2.7.2.0");
[46ohr41a.default] - Line Found : user_pref("CT2405280.Locale", "en-us");
[46ohr41a.default] - Line Found : user_pref("CT2405280.LoginCache", 4);
[46ohr41a.default] - Line Found : user_pref("CT2405280.MCDetectTooltipHeight", "83");
[46ohr41a.default] - Line Found : user_pref("CT2405280.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
[46ohr41a.default] - Line Found : user_pref("CT2405280.MCDetectTooltipWidth", "295");
[46ohr41a.default] - Line Found : user_pref("CT2405280.RadioIsPodcast", false);
[46ohr41a.default] - Line Found : user_pref("CT2405280.RadioLastCheckTime", "Wed Dec 01 2010 18:34:48 GMT+0100");
[46ohr41a.default] - Line Found : user_pref("CT2405280.RadioLastUpdateIPServer", "3");
[46ohr41a.default] - Line Found : user_pref("CT2405280.RadioLastUpdateServer", "129167775315800000");
[46ohr41a.default] - Line Found : user_pref("CT2405280.RadioMediaID", "20503713");
[46ohr41a.default] - Line Found : user_pref("CT2405280.RadioMediaType", "Media Player");
[46ohr41a.default] - Line Found : user_pref("CT2405280.RadioMenuSelectedID", "EBRadioMenu_CT240528020503713");
[46ohr41a.default] - Line Found : user_pref("CT2405280.RadioStationName", "Virgin%20Radio%20Classic%20Rock");
[46ohr41a.default] - Line Found : user_pref("CT2405280.RadioStationURL", "hxxp://www.smgradio.com/core/audio/wmp/live.asx?service=vcbb");
[46ohr41a.default] - Line Found : user_pref("CT2405280.SavedHomepage", "hxxp://www.seznam.cz/");
[46ohr41a.default] - Line Found : user_pref("CT2405280.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TERM&ctid=CT2405280&octid=EB_ORIGINAL_CTID&SearchSource=1");
[46ohr41a.default] - Line Found : user_pref("CT2405280.SearchFromAddressBarIsInit", true);
[46ohr41a.default] - Line Found : user_pref("CT2405280.SearchInNewTabEnabled", true);
[46ohr41a.default] - Line Found : user_pref("CT2405280.SearchInNewTabIntervalMM", 1440);
[46ohr41a.default] - Line Found : user_pref("CT2405280.SearchInNewTabLastCheckTime", "Wed Dec 01 2010 18:34:47 GMT+0100");
[46ohr41a.default] - Line Found : user_pref("CT2405280.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID");
[46ohr41a.default] - Line Found : user_pref("CT2405280.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageService.asmx/UsersRequests?ctid=EB_TOOLBAR_ID");
[46ohr41a.default] - Line Found : user_pref("CT2405280.SettingsCheckIntervalMin", 120);
[46ohr41a.default] - Line Found : user_pref("CT2405280.SettingsLastCheckTime", "Wed Dec 01 2010 18:34:47 GMT+0100");
[46ohr41a.default] - Line Found : user_pref("CT2405280.SettingsLastUpdate", "1285607154");
[46ohr41a.default] - Line Found : user_pref("CT2405280.ThirdPartyComponentsInterval", 504);
[46ohr41a.default] - Line Found : user_pref("CT2405280.ThirdPartyComponentsLastCheck", "Wed Dec 01 2010 18:34:47 GMT+0100");
[46ohr41a.default] - Line Found : user_pref("CT2405280.ThirdPartyComponentsLastUpdate", "1246790578");
[46ohr41a.default] - Line Found : user_pref("CT2405280.TrusteLinkUrl", "hxxp://www.truste.org/pvr.php?page=validate&softwareProgramId=101&sealid=112");
[46ohr41a.default] - Line Found : user_pref("CT2405280.UserID", "UN72414317277207475");
[46ohr41a.default] - Line Found : user_pref("CT2405280.WeatherNetwork", "");
[46ohr41a.default] - Line Found : user_pref("CT2405280.WeatherPollDate", "Wed Dec 01 2010 18:34:49 GMT+0100");
[46ohr41a.default] - Line Found : user_pref("CT2405280.WeatherUnit", "C");
[46ohr41a.default] - Line Found : user_pref("CT2405280.alertChannelId", "799768");
[46ohr41a.default] - Line Found : user_pref("CT2405280.clientLogIsEnabled", false);
[46ohr41a.default] - Line Found : user_pref("CT2405280.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
[46ohr41a.default] - Line Found : user_pref("CT2405280.myStuffEnabled", true);
[46ohr41a.default] - Line Found : user_pref("CT2405280.myStuffPublihserMinWidth", 400);
[46ohr41a.default] - Line Found : user_pref("CT2405280.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
[46ohr41a.default] - Line Found : user_pref("CT2405280.myStuffServiceIntervalMM", 1440);
[46ohr41a.default] - Line Found : user_pref("CT2405280.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
[46ohr41a.default] - Line Found : user_pref("CT2405280.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
[46ohr41a.default] - Line Found : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.properties");
[46ohr41a.default] - Line Found : user_pref("CommunityToolbar.ToolbarsList", "CT2405280");
[46ohr41a.default] - Line Found : user_pref("CommunityToolbar.ToolbarsList2", "CT2405280");
[46ohr41a.default] - Line Found : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
[46ohr41a.default] - Line Found : user_pref("CommunityToolbar.alert.locale", "en");
[46ohr41a.default] - Line Found : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
[46ohr41a.default] - Line Found : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Wed Dec 01 2010 18:34:46 GMT+0100");
[46ohr41a.default] - Line Found : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1291052234");
[46ohr41a.default] - Line Found : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
[46ohr41a.default] - Line Found : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
[46ohr41a.default] - Line Found : user_pref("CommunityToolbar.alert.showTrayIcon", false);
[46ohr41a.default] - Line Found : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
[46ohr41a.default] - Line Found : user_pref("CommunityToolbar.alert.userId", "{6ba8a63e-3389-47e7-9cd6-abc44b9b485f}");
[46ohr41a.default] - Line Found : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Wed Dec 01 2010 18:34:48 GMT+0100");
[46ohr41a.default] - Line Found : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2405280");
[46ohr41a.default] - Line Found : user_pref("aol_toolbar.surf.date", "124");
[46ohr41a.default] - Line Found : user_pref("aol_toolbar.surf.lastDate", "31");
[46ohr41a.default] - Line Found : user_pref("aol_toolbar.surf.lastMonth", "11");
[46ohr41a.default] - Line Found : user_pref("aol_toolbar.surf.lastYear", "2012");
[46ohr41a.default] - Line Found : user_pref("aol_toolbar.surf.month", "386");
[46ohr41a.default] - Line Found : user_pref("aol_toolbar.surf.prevMonth", "1730");
[46ohr41a.default] - Line Found : user_pref("aol_toolbar.surf.total", "8141");
[46ohr41a.default] - Line Found : user_pref("aol_toolbar.surf.week", "156");
[46ohr41a.default] - Line Found : user_pref("aol_toolbar.surf.year", "8066");
[46ohr41a.default] - Line Found : user_pref("de.soerenrinne.googlebuttons.userlist", "Mail,Reader,Web Search,Maps,Calendar,Wave,Dashboard,Google Shortcuts Settings,Translator Toolkit");
[46ohr41a.default] - Line Found : user_pref("extensions.asktb.ff-original-keyword-url", "hxxp://slirsredirect.search.aol.com/redirector/sredir?sredir=2685&invocationType=tb50-ff-winamp-ab-en-us&tb_uuid=20120107064628703&tb_oid=07-01-2[...]
[46ohr41a.default] - Line Found : user_pref("extensions.engine@conduit.com.install-event-fired", true);
[46ohr41a.default] - Line Found : user_pref("extensions.mywebsearch.prevDefaultEngine", "Ask.com Search");
[46ohr41a.default] - Line Found : user_pref("extensions.mywebsearch.prevKwdEnabled", true);
[46ohr41a.default] - Line Found : user_pref("extensions.mywebsearch.prevKwdURL", "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=ORJ&o=&locale=&apn_uid=1272C9A9-87BB-454A-B9D1-E1F2DC0DE57A&apn_ptnrs=9M&apn_sauid=84F68340-D1B3-4[...]
[46ohr41a.default] - Line Found : user_pref("extensions.mywebsearch.prevSelectedEngine", "Google");
[46ohr41a.default] - Line Found : user_pref("extensions.quick_start.enable_search1", false);
[46ohr41a.default] - Line Found : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);
[46ohr41a.default] - Line Found : user_pref("extensions.toolbar.mindspark._4zMembers_.homepage", "hxxp://home.mywebsearch.com/index.jhtml?ptb=C3385AE3-A49F-48CC-94D8-D2D74D1B0487&n=77ee86ea&p2=^HJ^xdm073^YY^cz&si=pconverter");
[46ohr41a.default] - Line Found : user_pref("extensions.toolbar.mindspark._4zMembers_.hp.enabled", false);
[46ohr41a.default] - Line Found : user_pref("extensions.toolbar.mindspark._4zMembers_.hp.lastGuardTime", -1080786769);
[46ohr41a.default] - Line Found : user_pref("extensions.toolbar.mindspark._4zMembers_.hp.numGuards", 1);
[46ohr41a.default] - Line Found : user_pref("extensions.toolbar.mindspark._4zMembers_.hp.user.defined", true);
[46ohr41a.default] - Line Found : user_pref("extensions.toolbar.mindspark._4zMembers_.initialized", true);
[46ohr41a.default] - Line Found : user_pref("extensions.toolbar.mindspark._4zMembers_.installation.contextKey", "");
[46ohr41a.default] - Line Found : user_pref("extensions.toolbar.mindspark._4zMembers_.installation.installDate", "2012120810");
[46ohr41a.default] - Line Found : user_pref("extensions.toolbar.mindspark._4zMembers_.installation.partnerId", "^HJ^xdm073^YY^cz");
[46ohr41a.default] - Line Found : user_pref("extensions.toolbar.mindspark._4zMembers_.installation.partnerSubId", "pconverter");
[46ohr41a.default] - Line Found : user_pref("extensions.toolbar.mindspark._4zMembers_.installation.success", true);
[46ohr41a.default] - Line Found : user_pref("extensions.toolbar.mindspark._4zMembers_.installation.toolbarId", "C3385AE3-A49F-48CC-94D8-D2D74D1B0487");
[46ohr41a.default] - Line Found : user_pref("extensions.toolbar.mindspark._4zMembers_.lastActivePing", "1384072632323");
[46ohr41a.default] - Line Found : user_pref("extensions.toolbar.mindspark._4zMembers_.options.defaultSearch", true);
[46ohr41a.default] - Line Found : user_pref("extensions.toolbar.mindspark._4zMembers_.options.homePageEnabled", true);
[46ohr41a.default] - Line Found : user_pref("extensions.toolbar.mindspark._4zMembers_.options.keywordEnabled", true);
[46ohr41a.default] - Line Found : user_pref("extensions.toolbar.mindspark._4zMembers_.options.tabEnabled", true);
[46ohr41a.default] - Line Found : user_pref("extensions.toolbar.mindspark._4zMembers_.weather.location", "10001");
[46ohr41a.default] - Line Found : user_pref("extensions.toolbar.mindspark._89Members_.browser.search.defaultenginename.prev", "Ask.com Search");
[46ohr41a.default] - Line Found : user_pref("extensions.toolbar.mindspark._89Members_.browser.search.defaultenginename.savedPrev", "true");
[46ohr41a.default] - Line Found : user_pref("extensions.toolbar.mindspark._89Members_.browser.search.defaultenginename.tb", "Ask Web Search");
[46ohr41a.default] - Line Found : user_pref("extensions.toolbar.mindspark._89Members_.browser.search.selectedEngine.prev", "Google");
[46ohr41a.default] - Line Found : user_pref("extensions.toolbar.mindspark._89Members_.browser.search.selectedEngine.savedPrev", "true");
[46ohr41a.default] - Line Found : user_pref("extensions.toolbar.mindspark._89Members_.browser.search.selectedEngine.tb", "Ask Web Search");
[46ohr41a.default] - Line Found : user_pref("extensions.toolbar.mindspark._89Members_.browser.startup.homepage.prev", "hxxps://www.seznam.cz/?clid=22668");
[46ohr41a.default] - Line Found : user_pref("extensions.toolbar.mindspark._89Members_.browser.startup.homepage.savedPrev", "true");
[46ohr41a.default] - Line Found : user_pref("extensions.toolbar.mindspark._89Members_.browser.startup.homepage.tb", "hxxp://home.tb.ask.com/index.jhtml?ptb=CBEBDCC4-CF05-4DBD-88D3-A07DDF63D89D&n=780d0ee8&p2=^AW7^xdm055^YYA^cz&si=YO_SA[...]
[46ohr41a.default] - Line Found : user_pref("extensions.toolbar.mindspark._89Members_.browser.startup.page.savedPrev", 1);
[46ohr41a.default] - Line Found : user_pref("extensions.toolbar.mindspark._89Members_.browser.startup.page.tb", 1);
[46ohr41a.default] - Line Found : user_pref("extensions.toolbar.mindspark._89Members_.browser.version.last", "34.0");
[46ohr41a.default] - Line Found : user_pref("extensions.toolbar.mindspark._89Members_.firstKnownVersion", "6.83.5.42205");
[46ohr41a.default] - Line Found : user_pref("extensions.toolbar.mindspark._89Members_.homepage", "hxxp://home.tb.ask.com/index.jhtml?ptb=CBEBDCC4-CF05-4DBD-88D3-A07DDF63D89D&n=780d0ee8&p2=^AW7^xdm055^YYA^cz&si=YO_SAF_INTL_CZE_45");
[46ohr41a.default] - Line Found : user_pref("extensions.toolbar.mindspark._89Members_.hp.enabled", false);
[46ohr41a.default] - Line Found : user_pref("extensions.toolbar.mindspark._89Members_.hp.guardType", "HPR");
[46ohr41a.default] - Line Found : user_pref("extensions.toolbar.mindspark._89Members_.hp.user.defined", true);
[46ohr41a.default] - Line Found : user_pref("extensions.toolbar.mindspark._89Members_.initialized", true);
[46ohr41a.default] - Line Found : user_pref("extensions.toolbar.mindspark._89Members_.installKeysSource", "LocalStorage");
[46ohr41a.default] - Line Found : user_pref("extensions.toolbar.mindspark._89Members_.installType", "XPI");
[46ohr41a.default] - Line Found : user_pref("extensions.toolbar.mindspark._89Members_.installation.contextKey", "");
[46ohr41a.default] - Line Found : user_pref("extensions.toolbar.mindspark._89Members_.installation.installDate", "2014121704");
[46ohr41a.default] - Line Found : user_pref("extensions.toolbar.mindspark._89Members_.installation.partnerId", "^AW7^xdm055^YYA^cz");
[46ohr41a.default] - Line Found : user_pref("extensions.toolbar.mindspark._89Members_.installation.partnerSubId", "YO_SAF_INTL_CZE_45");
[46ohr41a.default] - Line Found : user_pref("extensions.toolbar.mindspark._89Members_.installation.pixelUrl", "hxxp://download.safepcrepair.com/install_pixels.jhtml?partner=^AW7^xdm055^YYA^cz&sub_id=YO_SAF_INTL_CZE_45&coId=b5333684515[...]
[46ohr41a.default] - Line Found : user_pref("extensions.toolbar.mindspark._89Members_.installation.success", true);
[46ohr41a.default] - Line Found : user_pref("extensions.toolbar.mindspark._89Members_.installation.toolbarId", "CBEBDCC4-CF05-4DBD-88D3-A07DDF63D89D");
[46ohr41a.default] - Line Found : user_pref("extensions.toolbar.mindspark._89Members_.isCompliantUninstallImplementation", true);
[46ohr41a.default] - Line Found : user_pref("extensions.toolbar.mindspark._89Members_.lastActivePing", "1418829769491");
[46ohr41a.default] - Line Found : user_pref("extensions.toolbar.mindspark._89Members_.lastKnownVersion", "6.83.5.42205");
[46ohr41a.default] - Line Found : user_pref("extensions.toolbar.mindspark._89Members_.options.defaultSearch", true);
[46ohr41a.default] - Line Found : user_pref("extensions.toolbar.mindspark._89Members_.options.homePageEnabled", true);
[46ohr41a.default] - Line Found : user_pref("extensions.toolbar.mindspark._89Members_.options.keywordEnabled", true);
[46ohr41a.default] - Line Found : user_pref("extensions.toolbar.mindspark._89Members_.options.tabEnabled", true);
[46ohr41a.default] - Line Found : user_pref("extensions.toolbar.mindspark._89Members_.partnerPixelFired", true);
[46ohr41a.default] - Line Found : user_pref("extensions.toolbar.mindspark._89Members_.successUrl", "hxxp://download.safepcrepair.com/installComplete.jhtml");
[46ohr41a.default] - Line Found : user_pref("extensions.toolbar.mindspark._89Members_.toolbar.ownSearch", false);
[46ohr41a.default] - Line Found : user_pref("extensions.toolbar.mindspark._89Members_.toolbarCollapsed", false);
[46ohr41a.default] - Line Found : user_pref("extensions.toolbar.mindspark._89Members_.weather.location", "10001");
[46ohr41a.default] - Line Found : user_pref("extensions.toolbar.mindspark.hp.enabled", false);
[46ohr41a.default] - Line Found : user_pref("extensions.toolbar.mindspark.hp.enabled.guid", "");
[46ohr41a.default] - Line Found : user_pref("extensions.toolbar.mindspark.lastInstalled", "safepcrepair@mindspark.com");
[46ohr41a.default] - Line Found : user_pref("extensions.toolbar@ask.com.install-event-fired", true);
[46ohr41a.default] - Line Found : user_pref("extensions.toolbar_ORJ-SPE@apn.ask.com.install-event-fired", true);
[46ohr41a.default] - Line Found : user_pref("extensions.wrc.SearchRules.ask.com.url", "^hxxp(s)?\\:\\/\\/(.+\\.)?ask\\.com\\/.*");
[46ohr41a.default] - Line Found : user_pref("sweetim.toolbar.previous.browser.search.defaulturl", "hxxp://search.winamp.com/search/search?query={searchTerms}&invocationType=tb50-ff-winamp-chromesbox-en-us&tb_uuid=20120107064628703&tb_[...]
[46ohr41a.default] - Line Found : user_pref("sweetim.toolbar.urls.homepage", "hxxp://home.sweetim.com/?st=6&barid={A8F623E3-4B5D-11E2-8E92-00241D69FBE4}");
[46ohr41a.default] - Line Found : user_pref("winamp_toolbar.buttons.layout", "shoutcast_30026;mobile/android_33522;post_to_twitter_33500;post_to_facebook_33511;post_to_AIM_33511;");
[46ohr41a.default] - Line Found : user_pref("winamp_toolbar.firsttime.showwindow", false);
[46ohr41a.default] - Line Found : user_pref("winamp_toolbar.guid", "{B607DCEF-E999-B587-5B54-EEEC048DB382}");
[46ohr41a.default] - Line Found : user_pref("winamp_toolbar.install.lastTbVersion", "5.6.18.1");
[46ohr41a.default] - Line Found : user_pref("winamp_toolbar.metrics.activestampdate", "31");
[46ohr41a.default] - Line Found : user_pref("winamp_toolbar.metrics.activestampmonth", "11");
[46ohr41a.default] - Line Found : user_pref("winamp_toolbar.metrics.activestampyear", "2012");
[46ohr41a.default] - Line Found : user_pref("winamp_toolbar.metrics.originalDate", "7");
[46ohr41a.default] - Line Found : user_pref("winamp_toolbar.metrics.originalHours", "6");
[46ohr41a.default] - Line Found : user_pref("winamp_toolbar.metrics.originalMinutes", "52");
[46ohr41a.default] - Line Found : user_pref("winamp_toolbar.metrics.originalMonth", "1");
[46ohr41a.default] - Line Found : user_pref("winamp_toolbar.metrics.originalSeconds", "34");
[46ohr41a.default] - Line Found : user_pref("winamp_toolbar.metrics.originalYear", "2012");
[46ohr41a.default] - Line Found : user_pref("winamp_toolbar.remote.publish.xml", "1356882025051");
[46ohr41a.default] - Line Found : user_pref("winamp_toolbar.search.cid", "07-01-2012");
[46ohr41a.default] - Line Found : user_pref("winamp_toolbar.search.instd", "20120107064628703");
[46ohr41a.default] - Line Found : user_pref("winamp_toolbar.search.oid", "07-01-2012");
[46ohr41a.default] - Line Found : user_pref("winamp_toolbar.search.populateoncomplete", true);
[46ohr41a.default] - Line Found : user_pref("winamp_toolbar.search.searchtype", "web");
[46ohr41a.default] - Line Found : user_pref("winamp_toolbar.search.source", "tb50-ff-winamp");
[46ohr41a.default] - Line Found : user_pref("winamp_toolbar.skin.custom", true);
[46ohr41a.default] - Line Found : user_pref("winamp_toolbar.strbundle.msg", "Winamp Toolbar");
[46ohr41a.default] - Line Found : user_pref("winamp_toolbar.upgrade.showwindow", false);
[46ohr41a.default] - Line Found : user_pref("winamp_toolbar.winamp.artist", "");
[46ohr41a.default] - Line Found : user_pref("winamp_toolbar.winamp.button.focus", true);
[46ohr41a.default] - Line Found : user_pref("winamp_toolbar.winamp.button.forward", true);
[46ohr41a.default] - Line Found : user_pref("winamp_toolbar.winamp.button.open", true);
[46ohr41a.default] - Line Found : user_pref("winamp_toolbar.winamp.button.pause", true);
[46ohr41a.default] - Line Found : user_pref("winamp_toolbar.winamp.button.play", true);
[46ohr41a.default] - Line Found : user_pref("winamp_toolbar.winamp.button.rewind", true);
[46ohr41a.default] - Line Found : user_pref("winamp_toolbar.winamp.button.stop", true);
[46ohr41a.default] - Line Found : user_pref("winamp_toolbar.winamp.button.volume", true);
[46ohr41a.default] - Line Found : user_pref("winamp_toolbar.winamp.ticker.show", true);
[46ohr41a.default] - Line Found : user_pref("winamp_toolbar.winamp.title", "-999999");

-\\ Google Chrome v39.0.2171.95

[C:\Users\MULTA\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://istart.webssearches.com/web/?typ ... QGAEMTA&q={searchTerms}
[C:\Users\MULTA\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://istart.webssearches.com/web/?typ ... QGAEMTA&q={searchTerms}
[C:\Users\MULTA\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://istart.webssearches.com/web/?typ ... QGAEMTA&q={searchTerms}
[C:\Users\MULTA\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://istart.webssearches.com/web/?typ ... QGAEMTA&q={searchTerms}

-\\ Opera v0.0.0.0


*************************

AdwCleaner[R0].txt - [41116 octets] - [18/12/2014 06:12:11]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [41177 octets] ##########
Win10/Pro; CPU-Ryzen 5/2600;AGP Asus Rog Strix B450 gaming;SSD-Kingston 240GB;RAM 8GB
GPU-GeForce GTX 1060 3G ;;zdroj Corsair 450W ;;

multa62
Level 2
Level 2
Příspěvky: 153
Registrován: únor 09
Bydliště: Havířov
Pohlaví: Muž
Stav:
Offline

Re: Win7 -pády PC

Příspěvekod multa62 » 18 pro 2014 07:00

Tak tady je ten poslední ( v příloze), doufám,že jsem vše provedl správně.Ale po odeslání to nikde nevidím,raději to zkopíruji a úpravou to vložím přímo sem.
Zdravím a děkuji za tvůj čas.

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 18.12.2014
Čas skenování: 6:45:09
Protokol: sken.txt
Správce: Ano

Verze: 2.00.4.1028
Databáze malwaru: v2014.12.18.01
Databáze rootkitů: v2014.12.14.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Sebeobrany: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x86
Souborový systém: NTFS
Uživatel: MULTA

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 301142
Uplynulý čas: 6 min, 32 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Vypnuto
PUM: Vypnuto

Procesy: 0
(Žádné zákerné zjištěny položek)

Moduly: 0
(Žádné zákerné zjištěny položek)

Klíče registru: 0
(Žádné zákerné zjištěny položek)

Hodnoty registru: 0
(Žádné zákerné zjištěny položek)

Data registru: 0
(Žádné zákerné zjištěny položek)

Složky: 0
(Žádné zákerné zjištěny položek)

Soubory: 0
(Žádné zákerné zjištěny položek)

Fyzické sektory: 0
(Žádné zákerné zjištěny položek)


(end)
Win10/Pro; CPU-Ryzen 5/2600;AGP Asus Rog Strix B450 gaming;SSD-Kingston 240GB;RAM 8GB
GPU-GeForce GTX 1060 3G ;;zdroj Corsair 450W ;;

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Win7 -pády PC

Příspěvekod jaro3 » 18 pro 2014 10:14

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce
klikni na „Prohledat-Scan“, po prohledání klikni na „ Vymazat-Clean

Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.

Stáhni si Junkware Removal Tool by Thisisu

na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

Stáhni si RogueKiller by Adlice Software
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit

-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

multa62
Level 2
Level 2
Příspěvky: 153
Registrován: únor 09
Bydliště: Havířov
Pohlaví: Muž
Stav:
Offline

Re: Win7 -pády PC

Příspěvekod multa62 » 19 pro 2014 15:15

Tak posílám ,co jsi poradil:
# AdwCleaner v4.105 - Report created 19/12/2014 at 14:15:26
# Updated 08/12/2014 by Xplode
# Database : 2014-12-16.1 [Live]
# Operating System : Windows 7 Ultimate Service Pack 1 (32 bits)
# Username : MULTA - MULTA-PC
# Running from : C:\Users\MULTA\Desktop\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v0.0.0.0


-\\ Mozilla Firefox v34.0.5 (x86 cs)


-\\ Google Chrome v39.0.2171.95


-\\ Opera v0.0.0.0


*************************

AdwCleaner[R0].txt - [41258 octets] - [18/12/2014 06:12:11]
AdwCleaner[R1].txt - [41324 octets] - [19/12/2014 13:18:47]
AdwCleaner[R2].txt - [1559 octets] - [19/12/2014 13:26:09]
AdwCleaner[R3].txt - [842 octets] - [19/12/2014 14:15:26]
AdwCleaner[S0].txt - [45364 octets] - [19/12/2014 13:22:31]
AdwCleaner[S1].txt - [1458 octets] - [19/12/2014 13:28:06]

########## EOF - C:\AdwCleaner\AdwCleaner[R3].txt - [1022 octets] ##########
# AdwCleaner v4.105 - Report created 19/12/2014 at 15:00:03
# Updated 08/12/2014 by Xplode
# Database : 2014-12-16.1 [Live]
# Operating System : Windows 7 Ultimate Service Pack 1 (32 bits)
# Username : MULTA - MULTA-PC
# Running from : C:\Users\MULTA\Desktop\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

File Found : C:\Users\MULTA\AppData\Roaming\Mozilla\Firefox\Profiles\46ohr41a.default\invalidprefs.js

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v0.0.0.0


-\\ Mozilla Firefox v34.0.5 (x86 cs)


-\\ Google Chrome v39.0.2171.95


-\\ Opera v0.0.0.0


*************************

AdwCleaner[R0].txt - [41258 octets] - [18/12/2014 06:12:11]
AdwCleaner[R1].txt - [41324 octets] - [19/12/2014 13:18:47]
AdwCleaner[R2].txt - [1559 octets] - [19/12/2014 13:26:09]
AdwCleaner[R3].txt - [1102 octets] - [19/12/2014 14:15:26]
AdwCleaner[R4].txt - [2107 octets] - [19/12/2014 14:17:55]
AdwCleaner[S0].txt - [45364 octets] - [19/12/2014 13:22:31]
AdwCleaner[S1].txt - [1458 octets] - [19/12/2014 13:28:06]

########## EOF - C:\AdwCleaner\AdwCleaner[R4].txt - [2288 octets] ##########
---------------------------------------------
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.0 (11.29.2014:1)
OS: Windows 7 Ultimate x86
Ran by MULTA on p  19.12.2014 at 14:27:43,27
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\driver genius
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Search Page



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{15C4DF55-4B67-495A-A3D3-A497C4A49EE0}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{69F65D04-37ED-4F2E-9E42-63F379CEF5AF}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{15C4DF55-4B67-495A-A3D3-A497C4A49EE0}



~~~ Files



~~~ Folders



~~~ FireFox

Successfully deleted: [Folder] C:\Users\MULTA\AppData\Roaming\mozilla\firefox\profiles\46ohr41a.default\conduitcommon
Successfully deleted: [Folder] C:\Users\MULTA\AppData\Roaming\mozilla\firefox\profiles\46ohr41a.default\winamptoolbardata
Successfully deleted the following from C:\Users\MULTA\AppData\Roaming\mozilla\firefox\profiles\46ohr41a.default\prefs.js

user_pref("CertifiedToolbar_2958.global.DisplayRecentSearches", "true");
user_pref("browser.search.defaulturl", "hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}&");
user_pref("google.toolbar.search-icon", "data:image/x-icon;base64,AAABAAEAEBAAAAEAIABoBAAAFgAAACgAAAAQAAAAIAAAAAEAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7PT7/3zF6/9Ptu//RbHx/
user_pref("keyword.URL", "hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}&");
Emptied folder: C:\Users\MULTA\AppData\Roaming\mozilla\firefox\profiles\46ohr41a.default\minidumps [40 files]


.........................................

RogueKiller V10.1.0.0 [Dec 11 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno : Normální režim
Uživatel : MULTA [Práva správce]
Mód : Smazat -- Datum : 12/19/2014 14:50:32

¤¤¤ Procesy : 1 ¤¤¤
[Suspicious.Path] szndesktop.exe -- C:\Users\MULTA\AppData\Roaming\Seznam.cz\bin\szndesktop.exe[7] -> Zastaveno [TermProc]

¤¤¤ Registry : 15 ¤¤¤
[PUP] HKEY_LOCAL_MACHINE\RK_Software_ON_F_645C\Microsoft\Windows\CurrentVersion\Run | ApnTBMon : "C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" -> Nevybráno
[Suspicious.Path] HKEY_USERS\S-1-5-21-1524368103-2908244886-999397183-1001\Software\Microsoft\Windows\CurrentVersion\Run | cz.seznam.software.autoupdate : "C:\Users\MULTA\AppData\Roaming\Seznam.cz\szninstall.exe" -c [7][x] -> Smazáno
[Suspicious.Path] HKEY_USERS\S-1-5-21-1524368103-2908244886-999397183-1001\Software\Microsoft\Windows\CurrentVersion\Run | cz.seznam.software.szndesktop : "C:\Users\MULTA\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q [7][x] -> Smazáno
[PUP] HKEY_LOCAL_MACHINE\RK_System_ON_F_7980\ControlSet001\Services\APNMCP -> Nevybráno
[PUP] HKEY_LOCAL_MACHINE\RK_System_ON_F_7980\ControlSet003\Services\APNMCP -> Nevybráno
[PUM.HomePage] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Start Page : https://www.seznam.cz/?clid=22668 -> Nevybráno
[PUM.HomePage] HKEY_USERS\RK_Mamča_ON_F_E5B5\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir.dl ... ar=msnhome -> Nevybráno
[PUM.HomePage] HKEY_USERS\RK_Tata_ON_F_DEC2\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.daemon-search.com/default -> Nevybráno
[PUM.HomePage] HKEY_USERS\S-1-5-21-1524368103-2908244886-999397183-1001\Software\Microsoft\Internet Explorer\Main | Start Page : https://www.seznam.cz/?clid=22668 -> Nevybráno
[PUM.SearchPage] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Search Page : http://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms} -> Nevybráno
[PUM.SearchPage] HKEY_USERS\RK_Mamča_ON_F_E5B5\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dl ... r=iesearch -> Nevybráno
[PUM.Dns] HKEY_LOCAL_MACHINE\RK_System_ON_F_7980\ControlSet002\Services\Tcpip\Parameters\Interfaces\{19051CD3-1292-4A40-96F3-9070F6B5BF8F} | NameServer : 62.129.50.20,85.135.32.100 [CZECH REPUBLIC (CZ)][CZECH REPUBLIC (CZ)] -> Nevybráno
[PUM.DesktopIcons] HKEY_LOCAL_MACHINE\RK_Software_ON_F_645C\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nevybráno
[PUM.DesktopIcons] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nevybráno
[PUM.DesktopIcons] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Nevybráno

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 0 ¤¤¤

¤¤¤ Antirootkit : 7 (Driver: Nahrán) ¤¤¤
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\winhv.sys - IRP_MJ_CREATE[0] : Unknown @ 0x855851f8
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\winhv.sys - IRP_MJ_CLOSE[2] : Unknown @ 0x855851f8
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\winhv.sys - IRP_MJ_DEVICE_CONTROL[14] : Unknown @ 0x855851f8
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\winhv.sys - IRP_MJ_INTERNAL_DEVICE_CONTROL[15] : Unknown @ 0x855851f8
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\winhv.sys - IRP_MJ_POWER[22] : Unknown @ 0x855851f8
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\winhv.sys - IRP_MJ_SYSTEM_CONTROL[23] : Unknown @ 0x855851f8
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\winhv.sys - IRP_MJ_PNP[27] : Unknown @ 0x855851f8

¤¤¤ Webové prohlížeče : 1 ¤¤¤
[PUM.HomePage][FIREFX:Config] 46ohr41a.default : user_pref("browser.startup.homepage", "https://www.seznam.cz/?clid=22668"); -> Nahrazeno (about:home)

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: ST3500630AS ATA Device +++++
--- User ---
[MBR] 3c07197148addc8ff5a50e51f9afcb02
[BSP] 88af6ba6e4693a2b4266f6561c9caeef : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 63 | Size: 100000 MB
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 204800400 | Size: 376936 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: WDC WD5000AAKS-22A7B0 ATA Device +++++
--- User ---
[MBR] 2dc97f1069f1dc2d90577f223960ed60
[BSP] ddb507835a68e0b6d86b3b0557b6b5ac : Windows Vista/7/8 MBR Code
Partition table:
0 - [XXXXXX] EXTEN-LBA (0xf) [VISIBLE] Offset (sectors): 16065 | Size: 149989 MB
1 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 307194930 | Size: 326940 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive2: WDC WD10EALS-00Z8A0 ATA Device +++++
--- User ---
[MBR] b688482f6e640a3475dd97cc0ffc6acf
[BSP] 60c6720f2f402f05fbdf4ad120837221 : Windows XP MBR Code
Partition table:
0 - [XXXXXX] EXTEN-LBA (0xf) [VISIBLE] Offset (sectors): 16065 | Size: 199988 MB
1 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 409593240 | Size: 753870 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive3: Generic USB SD Reader +++++
Error reading User MBR! ([15] Za?ízení není p?ipraveno. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Po?adavek není podporován. )

+++++ PhysicalDrive4: Generic USB CF Reader +++++
Error reading User MBR! ([15] Za?ízení není p?ipraveno. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Po?adavek není podporován. )

+++++ PhysicalDrive5: Generic USB SM Reader +++++
Error reading User MBR! ([15] Za?ízení není p?ipraveno. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Po?adavek není podporován. )

+++++ PhysicalDrive6: Generic USB MS Reader +++++
Error reading User MBR! ([15] Za?ízení není p?ipraveno. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Po?adavek není podporován. )


============================================
RKreport_SCN_12192014_144548.log

...............................................................................................
Pro tvou informaci-ty pády trvají.Ukecal jsem Jéžíška,aby mi koupil SSD disk.Na něj bych dal OS a data bych cpal do jiných disků.Ten co je na něm Win7 bych přeformátoval.Ale vtip je v tom,že ten ST disk na kterém mám WinXP,tak tam to padá taky,takže fakt nevím.
Win10/Pro; CPU-Ryzen 5/2600;AGP Asus Rog Strix B450 gaming;SSD-Kingston 240GB;RAM 8GB
GPU-GeForce GTX 1060 3G ;;zdroj Corsair 450W ;;


Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 94 hostů