Odinstalace Vipre internet security Vyřešeno

[bbdra]

Po odinstalování softwaru mi zůstaly některé soubory a nastavení stále v mém počítači, má to za následek to, že nemohu nainstalovat nový AV. Prosím o pomoc.

Tady je návod jak na to: https://threattrack.freshdesk.com/suppo ... 1000070702

[Reklama]

[bbdra]

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:12:27, on 11. 3. 2016
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)


Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\IObit\Advanced SystemCare\ASCService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Comodo\Chromodo\chromodo_updater.exe
C:\Program Files\NETGATE\FortKnox Personal Firewall\FortKnox.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS\system32\KaraokeSer.exe
C:\Program Files\Google\Update\1.3.29.5\GoogleCrashHandler.exe
C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\IObit\IObit Uninstaller\UninstallMonitor.exe
C:\Program Files\Skype\Phone\skype.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Documents and Settings\1234\Plocha\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: (no name) - {963C8283-AE7F-4AA6-9B3B-847A8FC62C5E} - (no file)
O2 - BHO: Advanced SystemCare Surfing Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~1\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {A924C17A-5E94-4E02-BED5-49720BA6F7FA} - (no file)
O4 - HKLM\..\Run: [ProductUpdater] C:\Program Files\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
O4 - HKLM\..\Run: [NvBackend] "C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet
O4 - HKLM\..\Run: [Malwarebytes Anti-Exploit] C:\Program Files\Malwarebytes Anti-Exploit\mbae.exe
O4 - HKLM\..\Run: [FortKnoxPersonalFirewall] "C:\Program Files\NETGATE\FortKnox Personal Firewall\FortKnoxGUI.exe"
O4 - HKLM\..\Run: [SBAMTray] "C:\Program Files\VIPRE\SBAMTray.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKCU\..\Run: [Advanced SystemCare 9] "C:\Program Files\IObit\Advanced SystemCare\ASCTray.exe" /auto
O4 - HKCU\..\Run: [SpyEmergency] C:\Program Files\NETGATE\Spy Emergency\SpyEmergency.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O18 - Protocol: vipresg - {47BE2E5B-703B-444F-ABD3-05717D2191C6} - (no file)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 9 (AdvancedSystemCareService9) - IObit - C:\Program Files\IObit\Advanced SystemCare\ASCService.exe
O23 - Service: COMODO Chromodo Update Service (ChromodoUpdater) - Comodo - C:\Program Files\Comodo\Chromodo\chromodo_updater.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: FortKnox Personal Firewall (fortknox) - NETGATE Technologies s.r.o. - C:\Program Files\NETGATE\FortKnox Personal Firewall\FortKnox.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: VIA Karaoke digital mixer Service (KaraokeService) - VIA Technologies, Inc. - C:\WINDOWS\system32\KaraokeSer.exe
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: AntiMalware (SBAMSvc) - Unknown owner - C:\Program Files\VIPRE\SBAMSvc.exe (file missing)
O23 - Service: Spy Emergency Health Check (SpyEmrgHealth) - Unknown owner - C:\Program Files\NETGATE\Spy Emergency\SpyEmergencyHealth.exe (file missing)

--
End of file - 6997 bytes

[jerabina]

Odinstaluj

Kód: Vybrat vše

Advanced SystemCare 9
SpyEmergency 
FortKnoxPersonalFirewall

a nech si jen Comodo.

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.

===================================================

Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

===================================================

Stáhni AdwCleaner (by Xplode)

Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

===================================================

Stáhni si Malwarebytes' Anti-Malware
- Při instalaci odeber zatržítko u „Povolit bezplatnou zkušební verzi Malwarebytes' Anti-Malware Premium“
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a klikni na Skenovat nyní a
- po proběhnutí programu se ti objeví hláška vpravo dole tak klikni na Kopírovat do schránky a a vlož sem celý log.

- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).

Pokud budou problémy , spusť v nouz. režimu.

[bbdra]

SpyEmergency je odinstalovaný....
Advanced SystemCare 9 a FortKnoxPersonalFirewall bych si prozatím ponechal, pokud to nevadí? Občas se mi stane, že když jdu do některého účtu, tak mi nenaběhne explorer a jediný co je zaplý je monitoring od Advanced SystemCare 9. Pomocí něj dám sken a v průběhu skenu se explorer rozjede...

V prvé řadě bych se chtěl zbavit toho prokletýho Viperu, pokud by to šlo. Brání mi instalovat KAV(nemusel by správně fungovat).

[bbdra]

Logy ze včerejška:

# AdwCleaner v5.101 - Logfile created 10/03/2016 at 22:09:31
# Updated 07/03/2016 by Xplode
# Database : 2016-03-08.1 [Server]
# Operating system : Microsoft Windows XP Service Pack 3 (x86)
# Username : 1234 - BBDRA-4E56AF2B9
# Running from : C:\Documents and Settings\1234\Plocha\adwcleaner_5.101.exe
# Option : Clean
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****


***** [ Files ] *****


***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PokerStars.net

***** [ Web browsers ] *****


*************************

:: "Tracing" keys removed
:: Winsock settings cleared

*************************

C:\Program Files\AdwCleaner\AdwCleaner[C1].txt - [818 bytes] - [10/03/2016 22:09:31]
C:\Program Files\AdwCleaner\AdwCleaner[S1].txt - [901 bytes] - [10/03/2016 22:06:26]
C:\Program Files\AdwCleaner\AdwCleaner[S2].txt - [987 bytes] - [10/03/2016 22:08:36]

########## EOF - C:\Program Files\AdwCleaner\AdwCleaner[C1].txt - [1076 bytes] ##########




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.3 (02.09.2016)
Operating System: Microsoft Windows XP x86
Ran by 1234 (Administrator) on źt 10. 03. 2016 at 22:07:37,93
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 18

Successfully deleted: C:\Documents and Settings\1234\Data aplikacˇ\productdata (Folder)
Successfully deleted: C:\WINDOWS\System32\grouppolicy\adm (Folder)
Successfully deleted: C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\0EUUDK7M (Temporary Internet Files Folder)
Successfully deleted: C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\0JWF4Z0P (Temporary Internet Files Folder)
Successfully deleted: C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\0RD45SHZ (Temporary Internet Files Folder)
Successfully deleted: C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\1MRUJHXB (Temporary Internet Files Folder)
Successfully deleted: C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\M5UDE9AH (Temporary Internet Files Folder)
Successfully deleted: C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\QLGBCVWX (Temporary Internet Files Folder)
Successfully deleted: C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\U78RSN0D (Temporary Internet Files Folder)
Successfully deleted: C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\XF5G0TJO (Temporary Internet Files Folder)
Successfully deleted: C:\WINDOWS\System32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\0EUUDK7M (Temporary Internet Files Folder)
Successfully deleted: C:\WINDOWS\System32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\0JWF4Z0P (Temporary Internet Files Folder)
Successfully deleted: C:\WINDOWS\System32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\0RD45SHZ (Temporary Internet Files Folder)
Successfully deleted: C:\WINDOWS\System32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\1MRUJHXB (Temporary Internet Files Folder)
Successfully deleted: C:\WINDOWS\System32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\M5UDE9AH (Temporary Internet Files Folder)
Successfully deleted: C:\WINDOWS\System32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\QLGBCVWX (Temporary Internet Files Folder)
Successfully deleted: C:\WINDOWS\System32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\U78RSN0D (Temporary Internet Files Folder)
Successfully deleted: C:\WINDOWS\System32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\XF5G0TJO (Temporary Internet Files Folder)



Registry: 0





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on źt 10. 03. 2016 at 22:08:01,59
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[bbdra]

Scan Log:

00:23:57.718 Start Scan
00:27:18.375 Found Possible Rootkit File Hidden File C:\Documents and Settings\All Users\Data aplikací\VIPRE\FW History\FWIDS{8EDFD6F2-8153-40FA-9FA0-E9E00A1F104D}.xml
00:27:18.406 Found Possible Rootkit File Hidden File C:\Documents and Settings\All Users\Data aplikací\VIPRE\FW History\FWIDS{94C7C3FB-630C-4D8A-B64E-4E2AB08E446B}.xml
00:27:18.406 Found Possible Rootkit File Hidden File C:\Documents and Settings\All Users\Data aplikací\VIPRE\FW History\FWIDS{9CD118CA-6D7E-43BD-9B04-A48EC632CC1F}.xml
00:27:18.421 Found Possible Rootkit File Hidden File C:\Documents and Settings\All Users\Data aplikací\VIPRE\FW History\FWIDS{9FAC61F3-F787-43D5-B05B-334F180ADA2F}.xml
00:27:18.750 Found Possible Rootkit File Hidden File C:\Documents and Settings\All Users\Data aplikací\VIPRE\FW History\FWIDS{A1EA44E9-9CF7-4AE9-A0E6-9142B5BBEAA7}.xml
00:27:19.031 Found Possible Rootkit File Hidden File C:\Documents and Settings\All Users\Data aplikací\VIPRE\FW History\FWIDS{A9586AC3-7FBB-41A7-A8D5-0A3E86D984FA}.xml
00:27:19.265 Found Possible Rootkit File Hidden File C:\Documents and Settings\All Users\Data aplikací\VIPRE\FW History\FWIDS{D810FE9B-0E52-460C-870D-31A90E01B0F6}.xml
00:27:19.281 Found Possible Rootkit File Hidden File C:\Documents and Settings\All Users\Data aplikací\VIPRE\FW History\FWIDS{FA8E7379-44F6-4362-B47D-80224F0BB333}.xml
00:27:19.312 Found Possible Rootkit File Hidden File C:\Documents and Settings\All Users\Data aplikací\VIPRE\FW History\FWIDS{FB8964B5-2011-4787-A5A5-31F47477DD13}.xml
00:27:19.359 Found Possible Rootkit File Hidden File C:\Documents and Settings\All Users\Data aplikací\VIPRE\FW History\FWIDS{53D137FA-9204-4425-A45D-A7590732B038}.xml
00:27:19.375 Found Possible Rootkit File Hidden File C:\Documents and Settings\All Users\Data aplikací\VIPRE\FW History\FWIDS{54E99D25-91EE-448A-A104-B8ABC391E9B1}.xml
00:27:19.375 Found Possible Rootkit File Hidden File C:\Documents and Settings\All Users\Data aplikací\VIPRE\FW History\FWIDS{585C30C0-CD82-4E9E-921A-F6ED63B8DF9F}.xml
00:27:19.421 Found Possible Rootkit File Hidden File C:\Documents and Settings\All Users\Data aplikací\VIPRE\FW History\FWIDS{C36F1FBF-1EC0-45E6-8496-3CE23505AAC0}.xml
00:27:19.421 Found Possible Rootkit File Hidden File C:\Documents and Settings\All Users\Data aplikací\VIPRE\FW History\FWIDS{C5A8D810-E3DC-480D-A54F-5B4C505012F7}.xml
00:27:19.453 Found Possible Rootkit File Hidden File C:\Documents and Settings\All Users\Data aplikací\VIPRE\FW History\FWIDS{C8345BD8-0EBB-46CF-B5C5-1838DB7604A7}.xml
00:27:19.468 Found Possible Rootkit File Hidden File C:\Documents and Settings\All Users\Data aplikací\VIPRE\FW History\FWIDS{CD515210-C0A9-41A1-BA71-7986609D2A2E}.xml
00:27:20.015 Found Possible Rootkit File Hidden File C:\Documents and Settings\All Users\Data aplikací\VIPRE\FW History\FWIDS{02B4B432-B10E-4979-BCE0-141C63738D51}.xml
00:27:20.046 Found Possible Rootkit File Hidden File C:\Documents and Settings\All Users\Data aplikací\VIPRE\FW History\FWIDS{0971C2EA-F3EA-4126-8931-49FCA0826508}.xml
00:27:20.078 Found Possible Rootkit File Hidden File C:\Documents and Settings\All Users\Data aplikací\VIPRE\FW History\FWIDS{0DB7BDA5-FAC6-4A66-BDD1-FA15DEDC74FC}.xml
00:27:20.250 Found Possible Rootkit File Hidden File C:\Documents and Settings\All Users\Data aplikací\VIPRE\FW History\FWIDS{104D5A66-A4D2-40F0-95E1-55111A8CF11D}.xml
00:27:20.296 Found Possible Rootkit File Hidden File C:\Documents and Settings\All Users\Data aplikací\VIPRE\FW History\FWIDS{4297FB62-1CC1-4C25-8EC5-68EFB6618537}.xml
00:27:20.328 Found Possible Rootkit File Hidden File C:\Documents and Settings\All Users\Data aplikací\VIPRE\FW History\FWIDS{5E1B8DEF-30BE-4125-B496-18C523CD2BA2}.xml
00:27:20.390 Found Possible Rootkit File Hidden File C:\Documents and Settings\All Users\Data aplikací\VIPRE\FW History\FWIDS{88AF59A9-6AAA-42C3-8067-F29C8F9058C8}.xml
00:27:20.390 Found Possible Rootkit File Hidden File C:\Documents and Settings\All Users\Data aplikací\VIPRE\FW History\FWIDS{AB377136-15CD-46F1-AE26-5322C24B68CA}.xml
00:27:20.406 Found Possible Rootkit File Hidden File C:\Documents and Settings\All Users\Data aplikací\VIPRE\FW History\FWIDS{BEF5D822-7E9F-4406-A810-3D0DC58B2E68}.xml
00:27:20.421 Found Possible Rootkit File Hidden File C:\Documents and Settings\All Users\Data aplikací\VIPRE\FW History\FWIDS{D64776E6-1178-474A-8EB9-D198F4CABD08}.xml
00:27:20.437 Found Possible Rootkit File Hidden File C:\Documents and Settings\All Users\Data aplikací\VIPRE\FW History\FWIDS{DF2B9805-690A-4423-8F0E-208175FCC32E}.xml
00:27:20.515 Found Possible Rootkit File Hidden File C:\Documents and Settings\All Users\Data aplikací\VIPRE\FW History\FWIDS{ECB15D97-BA1C-4053-B3B5-E72DF0D330C7}.xml
00:27:20.531 Found Possible Rootkit File Hidden File C:\Documents and Settings\All Users\Data aplikací\VIPRE\FW History\FWIDS{F3A3AFD9-9966-4029-AA07-A5E94E0DFD80}.xml
00:27:20.593 Found Possible Rootkit File Hidden File C:\Documents and Settings\All Users\Data aplikací\VIPRE\FW History\FWIDS{AE08E3CD-B6E4-44F2-B939-286CB896A823}.xml
00:27:20.625 Found Possible Rootkit File Hidden File C:\Documents and Settings\All Users\Data aplikací\VIPRE\FW History\FWIDS{AEF7384E-76F5-4ABD-B788-8393745CB02C}.xml
00:27:20.656 Found Possible Rootkit File Hidden File C:\Documents and Settings\All Users\Data aplikací\VIPRE\FW History\FWIDS{B6E7FC75-C110-4DD2-92FB-74A4D0D3CB7C}.xml
00:27:20.703 Found Possible Rootkit File Hidden File C:\Documents and Settings\All Users\Data aplikací\VIPRE\FW History\FWIDS{BDC7723D-3212-47CC-BF7B-05786CEA6D8D}.xml
00:27:20.750 Found Possible Rootkit File Hidden File C:\Documents and Settings\All Users\Data aplikací\VIPRE\FW History\FWIDS{2331A69D-D99D-4EF6-A8F1-2D8AFA54E619}.xml
00:27:21.234 Found Possible Rootkit File Hidden File C:\Documents and Settings\All Users\Data aplikací\VIPRE\FW History\FWIDS{27D95FD4-AB16-4383-90FD-A1CE9D2B7EB4}.xml
00:27:21.296 Found Possible Rootkit File Hidden File C:\Documents and Settings\All Users\Data aplikací\VIPRE\FW History\FWIDS{30790B91-2EB6-4115-AAAB-875487B4D5C2}.xml
00:27:21.328 Found Possible Rootkit File Hidden File C:\Documents and Settings\All Users\Data aplikací\VIPRE\FW History\FWIDS{316FEF42-5760-4E22-87D9-4DFDE4FA5E3E}.xml
00:27:21.359 Found Possible Rootkit File Hidden File C:\Documents and Settings\All Users\Data aplikací\VIPRE\FW History\FWIDS{345BB46C-E6CE-49A8-B9B6-02DFB73D8C0D}.xml
00:27:21.421 Found Possible Rootkit File Hidden File C:\Documents and Settings\All Users\Data aplikací\VIPRE\FW History\FWIDS{3832E0BD-7797-4625-8F67-F2B70554A511}.xml
00:27:21.453 Found Possible Rootkit File Hidden File C:\Documents and Settings\All Users\Data aplikací\VIPRE\FW History\FWIDS{3F932C58-BC45-49E2-BE1E-FDBFCA267074}.xml
00:27:21.484 Found Possible Rootkit File Hidden File C:\Documents and Settings\All Users\Data aplikací\VIPRE\FW History\FWIDS{40231F5F-0CCF-4317-BF4B-62C1473DFF04}.xml
00:27:21.484 Found Possible Rootkit File Hidden File C:\Documents and Settings\All Users\Data aplikací\VIPRE\FW History\FWIDS{4139AE18-7BA7-4DFF-B013-FCDE852757BE}.xml
00:27:21.484 Found Possible Rootkit File Hidden File C:\Documents and Settings\All Users\Data aplikací\VIPRE\FW History\FWIDS{41DBE9BC-607A-4B71-93E7-5EC4AC0D2673}.xml
00:27:21.640 Found Possible Rootkit File Hidden File C:\Documents and Settings\All Users\Data aplikací\VIPRE\FW History\FWIDS{71286367-AD07-40D2-888D-0072E7445757}.xml
00:27:21.656 Found Possible Rootkit File Hidden File C:\Documents and Settings\All Users\Data aplikací\VIPRE\FW History\FWIDS{726D4803-7E85-49FF-A23B-72EC19C216E6}.xml
00:27:21.656 Found Possible Rootkit File Hidden File C:\Documents and Settings\All Users\Data aplikací\VIPRE\FW History\FWIDS{72A0D939-F58A-4C6A-B771-3802D6FBCE67}.xml
00:27:22.093 Found Possible Rootkit File Hidden File C:\Documents and Settings\All Users\Data aplikací\VIPRE\FW History\FWIDS{75E19D57-8ED2-4EFC-A4BD-8153593521F2}.xml
00:27:22.093 Found Possible Rootkit File Hidden File C:\Documents and Settings\All Users\Data aplikací\VIPRE\FW History\FWIDS{760662FB-4889-4A96-9D44-BB7304B6883D}.xml
00:27:22.109 Found Possible Rootkit File Hidden File C:\Documents and Settings\All Users\Data aplikací\VIPRE\FW History\FWIDS{783E46A0-ADE9-4898-ABFB-74829E848FEC}.xml
00:27:22.140 Found Possible Rootkit File Hidden File C:\Documents and Settings\All Users\Data aplikací\VIPRE\FW History\FWIDS{814D5030-5CA0-46A6-BC0D-01D8FFA21431}.xml
00:27:22.265 Found Possible Rootkit File Hidden File C:\Documents and Settings\All Users\Data aplikací\VIPRE\FW History\FWIDS{63BC0E15-2541-4736-B1C9-0B01BFBA45BF}.xml
00:29:50.906 Found gemius.pl Tracking Cookie C:\Documents and Settings\1234\Cookies\XVWD1MCE.txt
01:17:52.125 End Scan

Summary:
Scan Duration: 0:53:54.453
Threats Detected: 52

[bbdra]

Malwarebytes Anti-Malware (Пробная версия) 1.75.0.1100
www.malwarebytes.org

Версия базы данных: v2013.03.08.15

Windows XP Service Pack 3 x86 NTFS (Безопасный режим)
Internet Explorer 8.0.6001.18702
Administrator :: BBDRA-4E56AF2B9 [администратор]

Защитный модуль : Отключен

12.3.2016 3:38:33
mbam-log-2016-03-12 (03-38-33).txt

Тип сканирования: Полное сканирование (C:\|D:\|)
Опции сканирования включены: Память | Запуск | Реестр | Файловая система | Эвристика/Дополнительно | Эвристика/Шурикен | PUP | PUM
Опции сканирования отключены: P2P
Просканированные объекты: 168146
Времени прошло: 1 часов , 54 минут , 27 секунд

Обнаруженные процессы в памяти: 0
(Вредоносных программ не обнаружено)

Обнаруженные модули в памяти: 0
(Вредоносных программ не обнаружено)

Обнаруженные ключи в реестре: 0
(Вредоносных программ не обнаружено)

Обнаруженные параметры в реестре: 0
(Вредоносных программ не обнаружено)

Объекты реестра обнаружены: 0
(Вредоносных программ не обнаружено)

Обнаруженные папки: 0
(Вредоносных программ не обнаружено)

Обнаруженные файлы: 1
C:\Program Files\Image-Line\Shared\svctl32.dll (Trojan.Zlob) -> Помещено в карантин и успешно удалено.

(конец)

[jaro3]

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
klikni na „Prohledat-Scan“, po prohledání klikni na „ Cleaning (Vymazat)“

Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [C?].txt) , jeho obsah sem celý vlož.

Stáhni si Junkware Removal Tool by Thisisu
http://www.bleepingcomputer.com/downloa ... oval-tool/
na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

. spusť znovu Malwarebytes' Anti-Malware a dej Skenovat nyní
- po proběhnutí programu se ti objeví hláška tak klikni na „Vše do karantény(smazat vybrané)“ a na „Exportovat záznam“ a vyber „textový soubor“ , soubor nějak pojmenuj a někam ho ulož. Zkopíruj se celý obsah toho logu.

Stáhni si RogueKiller by Adlice Software
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“ , v okně na pak na „Open TXT“ a celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

[bbdra]

# AdwCleaner v5.101 - Logfile created 12/03/2016 at 22:35:27
# Updated 07/03/2016 by Xplode
# Database : 2016-03-08.1 [Server]
# Operating system : Microsoft Windows XP Service Pack 3 (x86)
# Username : 1234 - BBDRA-4E56AF2B9
# Running from : C:\Documents and Settings\1234\Plocha\adwcleaner_5.101.exe
# Option : Clean
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****


***** [ Files ] *****


***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}

***** [ Web browsers ] *****


*************************

:: "Tracing" keys removed
:: Winsock settings cleared

*************************

C:\Program Files\AdwCleaner\AdwCleaner[C1].txt - [1169 bytes] - [10/03/2016 22:09:31]
C:\Program Files\AdwCleaner\AdwCleaner[C2].txt - [1270 bytes] - [12/03/2016 22:35:27]
C:\Program Files\AdwCleaner\AdwCleaner[S1].txt - [901 bytes] - [10/03/2016 22:06:26]
C:\Program Files\AdwCleaner\AdwCleaner[S2].txt - [987 bytes] - [10/03/2016 22:08:36]
C:\Program Files\AdwCleaner\AdwCleaner[S3].txt - [1509 bytes] - [12/03/2016 22:33:37]

########## EOF - C:\Program Files\AdwCleaner\AdwCleaner[C2].txt - [1616 bytes] ##########

[bbdra]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.3 (02.09.2016)
Operating System: Microsoft Windows XP x86
Ran by 1234 (Administrator) on so 12. 03. 2016 at 22:41:17,90
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 9

Successfully deleted: C:\Documents and Settings\1234\Data aplikacˇ\productdata (Folder)
Successfully deleted: C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\3E8SYXOO (Temporary Internet Files Folder)
Successfully deleted: C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\HYDWOITK (Temporary Internet Files Folder)
Successfully deleted: C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\P10CW5FN (Temporary Internet Files Folder)
Successfully deleted: C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\RNZO1TCO (Temporary Internet Files Folder)
Successfully deleted: C:\WINDOWS\System32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\3E8SYXOO (Temporary Internet Files Folder)
Successfully deleted: C:\WINDOWS\System32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\HYDWOITK (Temporary Internet Files Folder)
Successfully deleted: C:\WINDOWS\System32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\P10CW5FN (Temporary Internet Files Folder)
Successfully deleted: C:\WINDOWS\System32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\RNZO1TCO (Temporary Internet Files Folder)



Registry: 0





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on so 12. 03. 2016 at 22:42:25,06
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[bbdra]

Malwarebytes Anti-Malware (PRO) 1.75.0.1100
www.malwarebytes.org

Database version: v2016.03.12.03

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
:: BBDRA-4E56AF2B9 [administrator]

Protection: Enabled

12. 3. 2016 23:03:39
mbam-log-2016-03-12 (23-03-39).txt

Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 169543
Time elapsed: 48 minute(s),

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

[Orcus]

Ještě log z RogueKilleru.