LOG-Appky proste padajúú

mimi973 · Příspěvekod **mimi973** » 22 kvě 2015 18:10

Ahoj, prosím o kontrologu logu. Aplikácie padajú hneď po ich štarte či už Lolko (hra), MK JOGO(taká apka ku hre), garmin appka(appka ku navigácii) a ďalšie,,,ďakujem za rady.

Prikladám log z HJT:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:10:12, on 22.5.2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17416)

Boot mode: Normal

Running processes:
C:\Program Files (x86)\BloodyToneMaker\BloodyToneMaker\Bloody ToneMaker1.exe
C:\PROGRA~2\Raptr\raptr.exe
C:\PROGRA~2\PlaysTV\playstv.exe
C:\PROGRA~2\Raptr\raptr_im.exe
C:\Program Files (x86)\KeyDominator1\KeyDominator1\KeyDominator1.exe
C:\Users\Bobo\AppData\Roaming\SpaceEngineers\Caches\mdm
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Bobo\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Raptr] C:\PROGRA~2\Raptr\raptrstub.exe --startup
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [PlaysTV] "C:\Program Files (x86)\PlaysTV\playstv_launcher.exe" --startup
O4 - HKCU\..\Run: [BloodyToneMaker] "C:\Program Files (x86)\BloodyToneMaker\BloodyToneMaker\Bloody ToneMaker1.exe" Minimum
O4 - HKCU\..\Run: [BloodyKeyboard] "C:\Program Files (x86)\KeyDominator1\KeyDominator1\KeyDominator1.exe" Minimum
O4 - HKCU\..\Run: [SteelSeries Engine] C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Bobo\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [MK LOL] "C:\Program Files (x86)\MKJogo\MK IM\Bin\MKIM.exe" -auto
O4 - Startup: 526962672680771234s.lnk = C:\ProgramData\{4b427e72-f194-364b-4b42-27e72f19f9cb}\526962672680771234s.exe
O4 - Startup: Download PC Torrents - KickassTorrents.lnk = C:\ProgramData\{07a31bd7-2088-55d1-07a3-31bd72086f5c}\Download PC Torrents - KickassTorrents.exe
O4 - Global Startup: Canon LBP2900 Status Window.lnk = C:\Windows\System32\spool\drivers\x64\3\CNAB4LAD.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10213 bytes

Reklama

Příspěvekod **jerabina** » 22 kvě 2015 21:36

Ahoj, logy sem pro příště vkládej jako prostý text.

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.

===================================================

Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

===================================================

Stáhni AdwCleaner (by Xplode)

Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

===================================================

Stáhni si Malwarebytes' Anti-Malware
- Při instalaci odeber zatržítko u „Povolit bezplatnou zkušební verzi Malwarebytes' Anti-Malware Premium“
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a klikni na Skenovat nyní a
- po proběhnutí programu se ti objeví hláška vpravo dole tak klikni na Kopírovat do schránky a a vlož sem celý log.

- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).

Pokud budou problémy , spusť v nouz. režimu.

mimi973 · Příspěvekod **mimi973** » 23 kvě 2015 21:47

ADW:
# AdwCleaner v4.101 - Report created 23/11/2014 at 11:09:09
# Updated 09/11/2014 by Xplode
# Database : 2014-11-22.1 [Live]
# Operating System : Windows 7 Ultimate (64 bits)
# Username : Cracked_folder - B-A-S-Z
# Running from : C:\Users\Cracked_folder\Desktop\adwcleaner_4.101.exe
# Option : Scan

***** [ Services ] *****

***** [ Files / Folders ] *****

File Found : C:\END
File Found : C:\Users\Cracked_folder\AppData\Roaming\LiveSupport.exe_log.txt
File Found : C:\Users\Cracked_folder\AppData\Roaming\regsvr32.exe_log.txt
File Found : C:\Windows\System32\roboot64.exe
Folder Found : C:\ProgramData\eSafe
Folder Found : C:\ProgramData\WindowsProtectManger
Folder Found : C:\Users\Cracked_folder\AppData\Local\Bundled software uninstaller
Folder Found : C:\Users\Cracked_folder\AppData\Local\CrashRpt
Folder Found : C:\Users\Cracked_folder\AppData\Roaming\PerformerSoft
Folder Found : C:\Users\Cracked_folder\AppData\Roaming\qone8
Folder Found : C:\Users\Cracked_folder\AppData\Roaming\SupTab
Folder Found : C:\Users\Cracked_folder\Documents\Optimizer Pro

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Data Found : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command [(Default)] - C:\Program Files (x86)\Internet Explorer\iexplore.exe hxxp://www.dosearches.com/?utm_source=b ... 1383648591
Data Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SupTab\SEARCH~1.DLL
Key Found : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Found : HKCU\Software\BI
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1B084C86-9657-42F9-A5E5-AC8DD832CDE9}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1B084C86-9657-42F9-A5E5-AC8DD832CDE9}
Key Found : HKCU\Software\Myfree Codec
Key Found : HKCU\Software\performersoft llc
Key Found : HKCU\Software\Popajar
Key Found : [x64] HKCU\Software\BI
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Found : [x64] HKCU\Software\Myfree Codec
Key Found : [x64] HKCU\Software\performersoft llc
Key Found : [x64] HKCU\Software\Popajar
Key Found : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Found : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Found : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Found : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Found : HKLM\SOFTWARE\Classes\CLSID\{56FDF344-FD6D-11D0-958A-006097C9A090}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Found : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Key Found : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Found : HKLM\SOFTWARE\eSafeSecControl
Key Found : HKLM\SOFTWARE\Myfree Codec
Key Found : HKLM\SOFTWARE\SupDp
Key Found : HKLM\SOFTWARE\SupTab
Key Found : HKLM\SOFTWARE\supWindowsProtectManger
Key Found : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Key Found : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{56FDF344-FD6D-11D0-958A-006097C9A090}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [cmd]

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.7600.16385

Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://www.qone8.com/web/?type=ds&ts=14 ... 1D6Z62X&q={searchTerms}
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://www.qone8.com/web/?type=ds&ts=14 ... 1D6Z62X&q={searchTerms}
Setting Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://www.qone8.com/web/?type=ds&ts=14 ... 1D6Z62X&q={searchTerms}
Setting Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://www.qone8.com/web/?type=ds&ts=14 ... 1D6Z62X&q={searchTerms}

-\\ Mozilla Firefox v

-\\ Google Chrome v39.0.2171.65

[C:\Users\Cracked_folder\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}
[C:\Users\Cracked_folder\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://eu.wowarmory.com/search.xml?searchQuery={searchTerms}&searchType=all

-\\ Chromium v

*************************

AdwCleaner[R0].txt - [5760 octets] - [23/11/2014 11:09:09]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [5820 octets] ##########
# AdwCleaner v4.205 - Logfile created 23/05/2015 at 21:13:50
# Updated 21/05/2015 by Xplode
# Database : 2015-05-21.2 [Server]
# Operating system : Windows 8.1 Pro (x64)
# Username : Bobo - ZER0
# Running from : C:\Users\Bobo\Desktop\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****

***** [ Files / Folders ] *****

File Found : C:\Users\Bobo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage
File Found : C:\Users\Bobo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage-journal
Folder Found : C:\ProgramData\{07a31bd7-2088-55d1-07a3-31bd72086f5c}
Folder Found : C:\ProgramData\{4b427e72-f194-364b-4b42-27e72f19f9cb}
Folder Found : C:\ProgramData\{8176cdb3-5950-fbe5-8176-6cdb359536cd}
Folder Found : C:\Users\Bobo\AppData\Roaming\OpenCandy
Folder Found : C:\Users\Bobo\AppData\Roaming\RHEng

***** [ Scheduled tasks ] *****

Task Found : Bidaily Synchronize Task

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Found : HKLM\SOFTWARE\Classes\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17416

-\\ Google Chrome v43.0.2357.65

[C:\Users\Bobo\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}

*************************

AdwCleaner[R0].txt - [7358 bytes] - [23/11/2014 12:09:09]
AdwCleaner[R1].txt - [5838 bytes] - [24/11/2014 17:14:39]
AdwCleaner[S0].txt - [6685 bytes] - [24/11/2014 17:21:33]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [7535 bytes] ##########
MBAM:
Malwarebytes Anti-Malware
http://www.malwarebytes.org

Datum skenování: 23.5.2015
Čas skenování: 21:27:51
Protokol:
Správce: Ano

Verze: 2.01.6.1022
Databáze malwaru: v2015.05.23.03
Databáze rootkitů: v2015.05.16.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto

OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: Bobo

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 384013
Uplynulý čas: 9 min, 11 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 1
Riskware.BitcoinMiner, C:\Users\Bobo\AppData\Roaming\SpaceEngineers\Caches\mdm, 832, , [d837d4c3d2b85ed86f2861ff837f2ad6]

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 2
PUP.Optional.OpenCandy, C:\Users\Bobo\AppData\Roaming\OpenCandy, , [858aa2f51f6bd3637734e5c427dc5ba5],
PUP.Optional.OpenCandy, C:\Users\Bobo\AppData\Roaming\OpenCandy\5D24D2584B564C599536648959F27226, , [858aa2f51f6bd3637734e5c427dc5ba5],

Soubory: 8
Riskware.BitcoinMiner, C:\Users\Bobo\AppData\Roaming\SpaceEngineers\Caches\mdm, , [d837d4c3d2b85ed86f2861ff837f2ad6],
PUP.Optional.MultiPlug, C:\ProgramData\{07a31bd7-2088-55d1-07a3-31bd72086f5c}\Download PC Torrents - KickassTorrents.exe, , [c24dd7c02f5bcc6aa8dcf55cc73bc33d],
PUP.Optional.MultiPlug, C:\ProgramData\{4b427e72-f194-364b-4b42-27e72f19f9cb}\526962672680771234s.exe, , [34dbbadd494138fee1ce86cf6c96f907],
PUP.Optional.ExpressFind.SID.A, C:\Users\Bobo\AppData\Roaming\OpenCandy\5D24D2584B564C599536648959F27226\setup0318.exe, , [1bf43b5cd9b1191d64c390d310f6ce32],
PUP.Optional.Multiplug.A, C:\Windows\System32\Tasks\Bidaily Synchronize Task, , [ff10e2b55832dd59c527dc9911f42bd5],
PUP.Optional.Multiplug.A, C:\Windows\System32\Tasks\Bidaily Synchronize Task[pr], , [9e71dfb893f7a591ffedc0b5e91c619f],
PUP.Optional.Multiplug.A, C:\Windows\Tasks\Bidaily Synchronize Task.job, , [7996fb9cb8d2f5410be26e079d68936d],
PUP.Optional.Multiplug.A, C:\Windows\Tasks\Bidaily Synchronize Task[pr].job, , [6fa0e3b47e0cdb5bb33a3c39cd38639d],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)

(end)

Příspěvekod **jerabina** » 23 kvě 2015 21:50

Ahoj, ten první log z AdwCleaneru je z 23.11.2014, ten druhý už je správně.

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
klikni na „Prohledat-Scan“, po prohledání klikni na „ Vymazat-Clean“

Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.

Spusť znovu MbAM a dej Skenovat nyní
- po proběhnutí programu se ti objeví hláška tak klikni na „Vše do karantény(smazat vybrané)“ a na „Exportovat záznam“ a vyber „textový soubor“ , soubor nějak pojmenuj a někam ho ulož. Zkopíruj se celý obsah toho logu.

Stáhni si Junkware Removal Tool by Thisisu

na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

mimi973 · Příspěvekod **mimi973** » 23 kvě 2015 22:09

ADW:
# AdwCleaner v4.101 - Report created 24/11/2014 at 16:21:33
# Updated 09/11/2014 by Xplode
# Database : 2014-11-24.1 [Live]
# Operating System : Windows 7 Ultimate (64 bits)
# Username : Cracked_folder - B-A-S-Z
# Running from : C:\Users\Cracked_folder\Desktop\adwcleaner_4.101.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

[!] Folder Deleted : C:\ProgramData\eSafe
[!] Folder Deleted : C:\ProgramData\WindowsProtectManger
[!] Folder Deleted : C:\Users\Cracked_folder\AppData\Local\Bundled software uninstaller
[!] Folder Deleted : C:\Users\Cracked_folder\AppData\Local\CrashRpt
[!] Folder Deleted : C:\Users\Cracked_folder\AppData\Roaming\PerformerSoft
[!] Folder Deleted : C:\Users\Cracked_folder\AppData\Roaming\qone8
[!] Folder Deleted : C:\Users\Cracked_folder\AppData\Roaming\SupTab
[!] Folder Deleted : C:\Users\Cracked_folder\Documents\Optimizer Pro
File Deleted : C:\END
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Users\Cracked_folder\AppData\Roaming\LiveSupport.exe_log.txt
File Deleted : C:\Users\Cracked_folder\AppData\Roaming\regsvr32.exe_log.txt

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Spúšťač aplikácií Chrome.lnk
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aplikácie Chrome\Any.do.lnk
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Shortcut Disinfected : C:\Users\Cracked_folder\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
Shortcut Disinfected : C:\Users\Cracked_folder\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Shortcut Disinfected : C:\Users\Cracked_folder\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Shortcut Disinfected : C:\Users\Cracked_folder\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Shortcut Disinfected : C:\Users\Cracked_folder\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer (64-bit).lnk

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [cmd]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1B084C86-9657-42F9-A5E5-AC8DD832CDE9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1B084C86-9657-42F9-A5E5-AC8DD832CDE9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Key Deleted : HKCU\Software\BI
Key Deleted : HKCU\Software\Myfree Codec
Key Deleted : HKCU\Software\performersoft llc
Key Deleted : HKCU\Software\Popajar
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\SOFTWARE\eSafeSecControl
Key Deleted : HKLM\SOFTWARE\Myfree Codec
Key Deleted : HKLM\SOFTWARE\SupDp
Key Deleted : HKLM\SOFTWARE\SupTab
Key Deleted : HKLM\SOFTWARE\supWindowsProtectManger
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SupTab\SEARCH~1.DLL

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.7600.16385

Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Mozilla Firefox v

-\\ Google Chrome v39.0.2171.65

[C:\Users\Cracked_folder\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}
[C:\Users\Cracked_folder\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://eu.wowarmory.com/search.xml?searchQuery={searchTerms}&searchType=all

-\\ Chromium v

[C:\Users\Cracked_folder\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}
[C:\Users\Cracked_folder\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://eu.wowarmory.com/search.xml?searchQuery={searchTerms}&searchType=all

*************************

AdwCleaner[R0].txt - [5944 octets] - [23/11/2014 11:09:09]
AdwCleaner[R1].txt - [5838 octets] - [24/11/2014 16:14:39]
AdwCleaner[S0].txt - [6525 octets] - [24/11/2014 16:21:33]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6585 octets] ##########
# AdwCleaner v4.205 - Logfile created 23/05/2015 at 22:01:08
# Updated 21/05/2015 by Xplode
# Database : 2015-05-21.2 [Server]
# Operating system : Windows 8.1 Pro (x64)
# Username : Bobo - ZER0
# Running from : C:\Users\Bobo\Desktop\AdwCleaner.exe
# Option : Cleaning

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\{07a31bd7-2088-55d1-07a3-31bd72086f5c}
Folder Deleted : C:\ProgramData\{4b427e72-f194-364b-4b42-27e72f19f9cb}
Folder Deleted : C:\ProgramData\{8176cdb3-5950-fbe5-8176-6cdb359536cd}
Folder Deleted : C:\Users\Bobo\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\Bobo\AppData\Roaming\RHEng
File Deleted : C:\Users\Bobo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage
File Deleted : C:\Users\Bobo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage-journal

***** [ Scheduled tasks ] *****

Task Deleted : Bidaily Synchronize Task

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17416

-\\ Google Chrome v43.0.2357.65

[C:\Users\Bobo\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}

*************************

AdwCleaner[R0].txt - [7614 bytes] - [23/11/2014 12:09:09]
AdwCleaner[R1].txt - [7369 bytes] - [24/11/2014 17:14:39]
AdwCleaner[R2].txt - [1729 bytes] - [23/05/2015 22:00:45]
AdwCleaner[S0].txt - [8300 bytes] - [24/11/2014 17:21:33]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [8359 bytes] ##########
**
MBAM:
Malwarebytes Anti-Malware
http://www.malwarebytes.org

Datum skenování: 23.5.2015
Čas skenování: 22:09:53
Protokol: logg.txt
Správce: Ano

Verze: 2.01.6.1022
Databáze malwaru: v2015.05.23.03
Databáze rootkitů: v2015.05.16.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto

OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: Bobo

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 384135
Uplynulý čas: 9 min, 30 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 2
PUP.Optional.Multiplug.A, C:\Windows\System32\Tasks\Bidaily Synchronize Task[pr], Do karantény, [17f8fc9b5b2f3402bb31da9b32d35da3],
PUP.Optional.Multiplug.A, C:\Windows\Tasks\Bidaily Synchronize Task[pr].job, Do karantény, [df300f886723a492db12fd78b451a957],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)

(end)
***
jrt:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.7.8 (05.23.2015:2)
OS: Windows 8.1 Pro x64
Ran by Bobo on so 23.05.2015 at 22:27:26,43
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Tasks

~~~ Registry Values

~~~ Registry Keys

~~~ Files

~~~ Folders

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on so 23.05.2015 at 22:28:23,39
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
****
RK:
RogueKiller V10.6.5.0 (x64) [May 20 2015] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 8.1 (6.3.9200 ) 64 bits version
Started in : Normal mode
User : Bobo [Administrator]
Started from : C:\Users\Bobo\Desktop\RogueKillerX64.exe
Mode : Scan -- Date : 05/23/2015 22:35:45

¤¤¤ Processes : 0 ¤¤¤

¤¤¤ Registry : 8 ¤¤¤
[PUM.Orphan] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad | WebCheck : {E6FB5E20-DE35-11CF-9C87-00AA005127ED} -> Found
[PUM.Orphan] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad | WebCheck : {E6FB5E20-DE35-11CF-9C87-00AA005127ED} -> Found
[Troj.Generic] (X64) HKEY_USERS\S-1-5-21-4076773374-1843248530-2627806815-1001\Software\Microsoft\Windows\CurrentVersion\Run | MK LOL : "C:\Program Files (x86)\MKJogo\MK IM\Bin\MKIM.exe" -auto [7][x] -> Found
[Troj.Generic] (X86) HKEY_USERS\S-1-5-21-4076773374-1843248530-2627806815-1001\Software\Microsoft\Windows\CurrentVersion\Run | MK LOL : "C:\Program Files (x86)\MKJogo\MK IM\Bin\MKIM.exe" -auto [7][x] -> Found
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Found
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Found
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Found
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Found

¤¤¤ Tasks : 1 ¤¤¤
[Suspicious.Path] \\MdmUpdateTaskMachineCore -- "C:\Users\Bobo\AppData\Roaming\SpaceEngineers\Caches\mdm" (overbtc12.) -> Found

¤¤¤ Files : 2 ¤¤¤
[Suspicious.Path][File] 526962672680771234s.lnk -- C:\Users\Bobo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\526962672680771234s.lnk [LNK@] C:\ProgramData\{4b427e72-f194-364b-4b42-27e72f19f9cb}\526962672680771234s.exe --startup=1 -> Found
[Suspicious.Path][File] Download PC Torrents - KickassTorrents.lnk -- C:\Users\Bobo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Download PC Torrents - KickassTorrents.lnk [LNK@] C:\ProgramData\{07a31bd7-2088-55d1-07a3-31bd72086f5c}\Download PC Torrents - KickassTorrents.exe --startup=1 -> Found

¤¤¤ Hosts File : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: ST1000DM003-1CH162 +++++
--- User ---
[MBR] 19b1f35a2c6aa20e8b9f3d0ea4816cd3
[BSP] 64fcb7b3e63aea0a9a82e00c1fc5f7b1 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 953767 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: Samsung G3 Station USB Device +++++
--- User ---
[MBR] 5eb5fe2e60700db79b268412e702c829
[BSP] 4676fcf32a02f59e857c2384624d9810 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 16 | Size: 1400532 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] EXTEN-LBA (0xf) [VISIBLE] Offset (sectors): 2868290480 | Size: 30266 MB
User = LL1 ... OK
Error reading LL2 MBR! ([32] The request is not supported. )

Příspěvekod **jerabina** » 24 kvě 2015 09:46

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB (kromě myši s klávesnice) nebo externí disky z počítače před spuštěním tohoto programu.
Spusť znovu RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Pak klikni na "Prohledat " ,po jeho skončení:
- V záložkách (Registry , Tasks , Web Browser apod.) vše zatrhni (dej zatržítka)
(musíš dát myší zatržítko do toho čtverečku vlevo od registru ap.)
- Klikni na "Smazat"
- Počkej, dokud Status box nezobrazí " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

Vypni antivir
Stáhni
Zoek.exe

a uloz si ho na plochu.
Zavři všechny ostatní programy , okna i prohlížeče.
Spusť Zoek.exe ( u win vista , win7, 8 klikni na něj pravým a vyber : „Spustit jako správce“
- pozor , náběh programu může trvat déle.

Do okna programu vlož skript níže:

Kód: Vybrat vše

autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts;

klikni na Run Script
Program provede sken , opravu, sken i oprava může trvat i více minut ,je třeba posečkat do konce. Do okna neklikej!
Program nabídne restart , potvrď .

Po restartu se může nějaký čas ukázat pouze černá plocha , to je normální. Je třeba počkat až se vytvoří log. Ten si můžeš uložit třeba do dokumentů , jinak se sám ukládá do:
C:\zoek-results.log
Zkopíruj sem celý obsah toho logu.

Vlož nový log z HJT + informuj o problémech.

mimi973 · Příspěvekod **mimi973** » 25 kvě 2015 20:33

Zoek:
Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by Bobo on po 25.05.2015 at 17:11:38,41.
Microsoft Windows 8.1 Pro 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Bobo\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

25.5.2015 17:13:38 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\Focus Home Interactive deleted successfully
C:\PROGRA~2\InstallJammer Registry deleted successfully
C:\PROGRA~2\Origin Games deleted successfully
C:\PROGRA~2\Rockstar Games deleted successfully
C:\Program Files\Rockstar Games deleted successfully
C:\PROGRA~3\ALM deleted successfully
C:\Users\Bobo\AppData\Local\VirtualStore deleted successfully
C:\Users\bobo_2\AppData\Local\VirtualStore deleted successfully

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== Deleting Files \ Folders ======================

C:\PROGRA~2\Focus Home Interactive not found
C:\PROGRA~2\InstallJammer Registry not found
C:\PROGRA~2\Origin Games not found
C:\PROGRA~2\Rockstar Games not found
C:\PROGRA~2\Mortal Kombat X Premium Edition deleted
C:\PROGRA~3\Package Cache deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
"C:\Users\Bobo\AppData\Local\{7997D25F-1D89-4212-8813-F405E39A8568}" deleted

==== Fake Chromium Profiles Check ======================

Fake profile C:\Users\bobo_2\AppData\Local\Google\Chrome deleted

==== Chromium Look ======================

HD for YouTube™ - Bobo\AppData\Local\Google\Chrome\User Data\Default\Extensions\akjbfncbadcmnkopckegnmjgihagponf
AdBlock - Bobo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
Bookmark Manager - Bobo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik
Hľadať v Google - Bobo\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfpjmkngecpnnajkmdhplmeoelenkpgk
Universe - Bobo\AppData\Local\Google\Chrome\User Data\Default\Extensions\oecmlnmneeeeiccpcohlffnipjhngmdk

==== Chromium Startpages ======================

C:\Users\Bobo\AppData\Local\Google\Chrome\User Data\Default\Preferences
.com/service/update2/crx","version":"8.1"},"page_ordinal":"n","path":"pjkljhegncpnkpknbcohdijeoejaedia\\8.1_0","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":true,"was_installed_by_oem":false}}},"google":{"services":{"last_username":"bojcukm007@gmail.com","username":"bojcukm007@gmail.com"}},"homepage":"http://www.google.com/","homepage_is_newtabpage":true,"pinned_tabs":[],"protection":{"macs":{"browser":{"show_home_button":"5713C4AA73B7183149EA0A4834DDB58482FE29CEDE919DAE93711D9AA5FFEFC1"},"default_search_provider":{"keyword":"2850781977F0FA607F83D3E982E07062BBFB56B68D4C51733C808C8DD3BF2989","name":"91EEA62CBA499573A9994ADBF9BB763BCEB73A310FF2613670A046BE8548F19F","search_url":"E243F7004054F51F17D45D0AC9B8D3AD54085F552C9D62A6F180A589AE9D3E75"},"default_search_provider_data":{"template_url_data":"E4A4715CE6954B90CF6A9EFEFCA671ACAE05A090D8961C3855BE368191FADE03"},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":"45CB16F28E56C55ACFDF11414C0FB5D42AABA7838135AE60A276677C38B0923F","akjbfncbadcmnkopckegnmjgihagponf":"7A0A6A26244CD2BA942139AFF5576AB45892C7EA28226B3F70AB92A7288CE106","aohghmighlieiainnegkcijnfilokake":"8B344E86621EDECB47A98C34A2AA8EB198A71EDBB4A836FE815EFE118B87CCA8","apdfllckaahabafndbhieahigkjlhalf":"7C04F292D7FAD979CAB48A8F3A986D80915C7EA346EC8162449B22FB4061163E","bepbmhgboaologfdajaanbcjmnhjmhfn":"94E4570473FD840733DA42BD6039DF7998A956E2575B952A8D85048483C55C12","blpcfgokakmgnkcojhhkbfbldkacnbeo":"79790AC618FFE67720F808022C8691E0890500D14E98092F8A01F19578F2CF07","cmedhionkhpnakcndndgjdbohmhepckk":"32B8BB24ADE635C1F797963878E2B273029F6C8A88166EC6C242E7BF41E41A18","coobgpohoikkiipiblmjeljniedjpjpf":"6283271C72F17B5C320A966C39315752AC24D5B99AA043D81042358DE3D491DE","eemcgdkfndhakfknompkggombfjjjeno":"E3EE036EA4DA2A760A9859EE1678CB0AA558D1C6F02CCE66D244BA7DEFB9EA59","ennkphjdgehloodpbhlhldgbnhmacadg":"C08065CED6C474FCF74FC3B6D3CF8916A2EA8FCD8A210F658E6C3E226482069E","gbchcmhmhahfdphkhkmpfmihenigjmpp":"0AAEBE21F7616639BC988683F6AA3E12C2357A1FC152441F561F7F5D8C33DC54","gfdkimpbcpahaombhbimeihdjnejgicl":"EB7764DC5579F69ED6FDF4702A60A20BBCD7429DC528FE1EF7D2779F51450490","gighmmpiobklfepjocnamgkkbiglidom":"7B7A03B2DD378A1EA6A58A590ADC4E99C20E0A7B334EBDD24A8323C4AE89E355","gmlllbghnfkpflemihljekbapjopfjik":"EA64D1A2D227F6273A69FA8BF0995B59A3EA474F9F5C19C84563F313BB065AD7","hekhdfjankbhklfkjmnmnefcacndeoll":"A02F03D1D5BAE9ED049FC49B0466D7457240626991BFF7187B8637B0F0C64478","ifphbghhodpimajnjejgjlfcjmnnkhci":"0910D45C9AC4E38C9DC7B847FBCC62E6786C4CC002CC346446C8C8528BBBCCA9","kmendfapggjehodndflmmgagdbamhnfd":"9466B40371E81A302EC2E9E178C20D78B8BB4845C15C237BE6DD1542FFC9FC7F","mfehgcgbbipciphmccgaenjidiccnmng":"41C7589EAD2A1471BB7F52B1CFDC81926BCCA78AEBAAAADA07FE3ED37DB33403","mfffpogegjflfpflabcdkioaeobkgjik":"BE2BCEDEDA6B94E5DC604340AA4F855BB734A6656CE9F91AF0AFFEF8AD9C302F","mfpjmkngecpnnajkmdhplmeoelenkpgk":"8A58304890D299338D665F5EC0B925959FE739223F8B30353C704AD54D651E7F","mgndgikekgjfcpckkfioiadnlibdjbkf":"C8E2ACADA3529DC2A5B5FBB1A37775314D490AF8F8E69370401B20B01EF86495","mhjfbmdgcfjbbpaeojofohoefgiehjai":"07D7FCBA67571A10EB5C01A31EEABDF990BB910AC8313CD7F5A5D312E5207B42","neajdppkdcdipfabeoofebfddakdcjhd":"894E8F7C644EC648FE724365C007A1ECAB386DB3319D4FF7760C9DE9EA8C7292","nkeimhogjdpnpccoofpliimaahmaaome":"C41B55280AA78331CEB20E40222BDD08DEEF78BE3D7D632F689462F20C75238B","nmmhkkegccagdldgiimedpiccmgmieda":"962254931D683C02B4391AAFC29DC31A29601C78CDD889F365B8944E6D7B4442","npfkoakaabdallkcdbpkkhfilkkngakh":"47C9E433F4E9C1B7C4B0FC05835F42C33DE43A3B97E2DE35E43202C061C8A915","oecmlnmneeeeiccpcohlffnipjhngmdk":"7D88A61FF347C7581034502ED58684A47FBC3BF39A4839D1481233B371F1E4A4","oehpjpccmlcalbenfhnacjeocbjdonic":"FFDD17C95D948CD997A3A4A8B83C6879CB54F38FD84E57AF3350FB63F1C9438C","pjkljhegncpnkpknbcohdijeoejaedia":"11E7F0FB6E2E4329457290F33DE8C236033734EA907F76E0BE69C26B5905E24B"}},"google":{"services":{"last_username":"F849F373A30F5A4904ADDC7E05935C4BDD0C5A825FBC733208838AEDB75332D3","username":"8757C46817CC5EF332B004653B2223A721BF2C01EE00C5DAC195C71E11AB1027"}},"homepage":"E563192EFB964783FA8E1F72329A463F9D00C790B782F4ACCC86C4B10D8F7604","homepage_is_newtabpage":"2ED0E17463F6AE1F0D84DA81E685D034F3A332D71A34B3F97931D94358D2F895","pinned_tabs":"7FB31DDD04276419A5F0FD2B285B7FB82D48BC63FE450E2156664CE756A66B76","prefs":{"preference_reset_time":"BB9E1DB13399D4349572B473F04C6702FAC5D7197DD00F8EF08D000033A6C9D3"},"profile":{"reset_prompt_memento":"98A21C26621624B031CAB7C6A9365D3D9358F903A9FA7AD1F13854135FA076AC"},"safebrowsing":{"incidents_sent":"9A3D7FEB7EAADAE1BC91E05AD2350F32B0DC907E510964255BF402A0D3778ADF"},"search_provider_overrides":"1D8B6E0C0B7EB3C78362893DB52152F05E185D54622E45260CEE28B159A96F07","session":{"restore_on_startup":"12AC6EF4B38C7B41FC52A8D8BD4A427338A98E794BFAD7511D0C899CA1C8391F","startup_urls":"5485D7A21484CEDADE443E182D091D7554852DD9E0969D82CF04C0B13977893A"},"software_reporter":{"prompt_reason":"AA6A2CA5AAFECE50ACD9BE28D3CA1B767D5218C44420E80E2DDF697092605F78","prompt_seed":"5C441A4133003D0567CE43AD413A04E11AE763061432EFAD60F2A36392C90EB7","prompt_version":"9A59E7D8DE136D1BC87A899E6CCD1017B3C874F96B68414D0FFAAA685800C140"},"sync":{"remaining_rollback_tries":"F7498C93AADE14DEAB3EFF59A47A25A8FD7A3B45A9C38277C993B036E09CC23C"}},"super_mac":"40E3908F83423C0484620A6CBD8DD264DA1AD637C24BBC33BBEF6A738F2FFE98"},"session":{"restore_on_startup":4,"startup_urls":["https://www.facebook.com/","http://147.32.8.168/","http://gmet.edupage.org/","http://www.yahoo.com/","http://www.youtube.com/","http://eune.leagueoflegends.com/cs"]},"sync":{"remaining_rollback_tries":0}}

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
"Old Start Page"="http://www.google.com"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
"Old Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02"

==== Reset Google Chrome ======================

C:\Users\Bobo\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Bobo\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Bobo\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Bobo\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Bobo\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Bobo\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Bobo\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\Bobo\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Bobo\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=2370 folders=262 36052504375 bytes)

==== Empty Temp Folders ======================

C:\Users\Bobo\AppData\Local\Temp will be emptied at reboot
C:\Users\bobo_2\AppData\Local\Temp emptied successfully
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\Bobo\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on po 25.05.2015 at 20:26:16,74 ======================

Příspěvekod **Orcus** » 25 kvě 2015 23:09

Logy nedávej do spoileru. Díky.

HJT log je kde? Info o problémech také nevidím.

mimi973 · Příspěvekod **mimi973** » 26 kvě 2015 12:33

Prečo nedávať logy do spoileru ? Appky sa už nevypínajú, no problém tu je a to že ked vypnem normálne pc, tak mi ostane svietit myš :shock:

Vypnutý pc:

https://dl-web.dropbox.com/get/Camera%20Uploads/2015-05-24%2022.40.59.jpg?_subject_uid=196428788&w=AACxyBk1zd1pMd7zc8FdgvzZ5Gq48x8hqCUQpfH5Ju_PAA

Zapnutý pc:

https://dl-web.dropbox.com/get/Camera%20Uploads/2015-05-24%2022.41.10.jpg?_subject_uid=196428788&w=AABI6uocHEDrqtelE7uzeQD3IhSFL-9v9sSv1uTd8Jqiow

Myš je, SteelSeries SENSEI a vlastne zbytok zostavy mám dole pod čiarou v popise.

LOG HJT:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:31:50, on 26.5.2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17416)

Boot mode: Normal

Running processes:
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\BloodyToneMaker\BloodyToneMaker\Bloody ToneMaker1.exe
C:\Program Files (x86)\KeyDominator1\KeyDominator1\KeyDominator1.exe
C:\PROGRA~2\PlaysTV\playstv.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Bobo\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Raptr] C:\PROGRA~2\Raptr\raptrstub.exe --startup
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [PlaysTV] "C:\Program Files (x86)\PlaysTV\playstv_launcher.exe" --startup
O4 - HKLM\..\Run: [AdobeCEPServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe" -launchedbylogin
O4 - HKCU\..\Run: [BloodyToneMaker] "C:\Program Files (x86)\BloodyToneMaker\BloodyToneMaker\Bloody ToneMaker1.exe" Minimum
O4 - HKCU\..\Run: [BloodyKeyboard] "C:\Program Files (x86)\KeyDominator1\KeyDominator1\KeyDominator1.exe" Minimum
O4 - HKCU\..\Run: [SteelSeries Engine] C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Bobo\Downloads\uTorrent.exe" /MINIMIZED
O4 - Global Startup: Canon LBP2900 Status Window.lnk = C:\Windows\System32\spool\drivers\x64\3\CNAB4LAD.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Garmin Device Interaction Service - Garmin Ltd. or its subsidiaries - C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9690 bytes

Příspěvekod **jerabina** » 26 kvě 2015 16:11

Ahoj, kolegům se lépe čtou logy, které jsou vloženy normálně. Respektuj je prosím.

Při startu počítače se ti tam spouštějí zbytečné aplikaci, které zpomalují jeho načtení, mám je povypínat? Jedná se o:
PlayTv, Steam, Daemon Tools Lite a uTorrent.

S tou myší je problém v tom, že většina základních desek má i po vypnutí napětí 5V, které vlastně slouží pro případné rychlé probuzení pomocí myši/klávesnice.
Tato funkce by se měl dát vypnout v BIOSu, v sekci Power Management.
Případně stačí počítač vypojit ze zásuvky/ze zadu na bedně ho vypnout ...

mimi973 · Příspěvekod **mimi973** » 26 kvě 2015 22:49

Môžeš povypínať všetky okrem PLAYSTV prosím. Vporiadku budem sem dávať logy normálne. A mohol by si nejak presnejšie popísať to vypnutie myšky cez ten BIOS prosím ? Ďakujem

Příspěvekod **jaro3** » 27 kvě 2015 10:05

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe,
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Bobo\Downloads\uTorrent.exe" /MINIMIZED

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB (kromě myši s klávesnice) nebo externí disky z počítače před spuštěním tohoto programu.
Spusť znovu RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Pak klikni na "Prohledat " ,po jeho skončení:

- V záložkách (Registry , Tasks , Web Browser apod.) vše zatrhni (dej zatržítka)
(musíš dát myší zatržítko do toho čtverečku vlevo od registru ap.)

- Klikni na "Smazat"
- Počkej, dokud Status box nezobrazí " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

LOG-Appky proste padajúú

LOG-Appky proste padajúú

Re: LOG-Appky proste padajúú

Re: LOG-Appky proste padajúú

Re: LOG-Appky proste padajúú

Re: LOG-Appky proste padajúú

Re: LOG-Appky proste padajúú

Re: LOG-Appky proste padajúú

Re: LOG-Appky proste padajúú

Re: LOG-Appky proste padajúú

Re: LOG-Appky proste padajúú

Re: LOG-Appky proste padajúú

Re: LOG-Appky proste padajúú

Kdo je online