Prosím o kontrolu (vytížení RAM)

slama · Příspěvekod **slama** » 04 led 2015 11:26

Zdravim,
pří nečinosti PC je vytížení RAMek kolem 1,2GB ze 4GB, což mi příjde dost.
Proto prosím o kontrolu logu.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:18:19, on 4.1.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17496)

FIREFOX: 34.0 (x86 cs)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
C:\Users\slama\AppData\Local\AskPartnerNetwork\Toolbar\Updater\IDC\IdcLdr.exe
C:\Users\slama\AppData\Local\VNT\vntldr.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_235.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_235.exe
C:\Users\slama\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.garena.com/portal/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ApnTBMon] "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
O4 - HKLM\..\Run: [VNT] "C:\Program Files (x86)\VNT\vntldr.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Secunia PSI Tray.lnk = C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Ask Update Service (APNMCP) - APN LLC. - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\PSIA.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8341 bytes

Reklama

Příspěvekod **Orcus** » 04 led 2015 18:57

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.

===================================================

Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

===================================================

Stáhni AdwCleaner (by Xplode)

Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

===================================================

Stáhni si Malwarebytes' Anti-Malware
- Při instalaci odeber zatržítko u „Povolit bezplatnou zkušební verzi Malwarebytes' Anti-Malware Premium“
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a klikni na Skenovat nyní a
- po proběhnutí programu se ti objeví hláška vpravo dole tak klikni na b] Kopírovat do schránky [/b]a a vlož sem celý log.

- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).

Pokud budou problémy , spusť v nouz. režimu.

slama · Příspěvekod **slama** » 04 led 2015 21:17

# AdwCleaner v4.106 - Report created 04/01/2015 at 21:12:16
# Updated 21/12/2014 by Xplode
# Database : 2015-01-03.1 [Live]
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : slama - SLAMA-PC
# Running from : C:\Users\slama\Desktop\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****

Service Found : APNMCP
Service Found : ProtectMonitor
Service Found : Skype C2C Service

***** [ Files / Folders ] *****

File Found : C:\Users\slama\AppData\Roaming\Mozilla\Firefox\Profiles\4ps2ubvl.default\user.js
File Found : C:\Users\slama\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\user.js
File Found : C:\Users\slama\AppData\Roaming\Mozilla\Firefox\Profiles\v1e5srai.default\user.js
File Found : C:\Windows\SpeedItup Free Setup Log.txt
Folder Found : C:\Program Files (x86)\Ask.com
Folder Found : C:\Program Files (x86)\AskPartnerNetwork
Folder Found : C:\Program Files (x86)\SpeedItup Free
Folder Found : C:\Program Files (x86)\VNT
Folder Found : C:\Program Files\PCDApp
Folder Found : C:\ProgramData\apn
Folder Found : C:\ProgramData\AskPartnerNetwork
Folder Found : C:\ProgramData\Babylon
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedItup Free
Folder Found : C:\Users\slama\AppData\Local\AskPartnerNetwork
Folder Found : C:\Users\slama\AppData\Local\CrashRpt
Folder Found : C:\Users\slama\AppData\Local\Temp\apn
Folder Found : C:\Users\slama\AppData\Local\VNT
Folder Found : C:\Users\slama\AppData\LocalLow\AskToolbar
Folder Found : C:\Users\slama\AppData\Roaming\Babylon
Folder Found : C:\Users\slama\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserProtect
Folder Found : C:\Users\slama\AppData\Roaming\Mozilla\Firefox\Profiles\v1e5srai.default\Extensions\toolbar@ask.com
Folder Found : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
Folder Found : C:\Windows\SpeedItup Free

***** [ Scheduled Tasks ] *****

Task Found : BrowserProtect
Task Found : Scheduled Update for Ask Toolbar

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Found : HKCU\Software\5de8d8abd38ee48
Key Found : HKCU\Software\APN
Key Found : HKCU\Software\AppDataLow\Software\AskToolbar
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\AppDataLow\Software\Smartbar
Key Found : HKCU\Software\Ask.com
Key Found : HKCU\Software\AskPartnerNetwork
Key Found : HKCU\Software\AskToolbar
Key Found : HKCU\Software\Classes\pokki
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\InstalledBrowserExtensions
Key Found : HKCU\Software\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.superfish.com
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Found : HKCU\Software\StartSearch
Key Found : HKCU\Software\Webplayer
Key Found : [x64] HKCU\Software\APN
Key Found : [x64] HKCU\Software\Ask.com
Key Found : [x64] HKCU\Software\AskPartnerNetwork
Key Found : [x64] HKCU\Software\AskToolbar
Key Found : [x64] HKCU\Software\Conduit
Key Found : [x64] HKCU\Software\InstalledBrowserExtensions
Key Found : [x64] HKCU\Software\StartSearch
Key Found : [x64] HKCU\Software\Webplayer
Key Found : HKLM\SOFTWARE\5de8d8abd38ee48
Key Found : HKLM\SOFTWARE\APN
Key Found : HKLM\SOFTWARE\AskPartnerNetwork
Key Found : HKLM\SOFTWARE\AskToolbar
Key Found : HKLM\SOFTWARE\Babylon
Key Found : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Found : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Found : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Found : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Found : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Found : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Found : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Found : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Found : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{99E29823-2F67-41C3-8AA5-6425097A771F}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Found : HKLM\SOFTWARE\Conduit
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaahaeginbdcckocjkhbciadcafnep
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaahlfahldnilidgnlikdckbfehhca
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{12C1F3F5-4FB2-4191-A1FD-CA464E6823C0}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6FA9C2C7-B82C-4944-B077-E1D8EA9E2B3D}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{730C3A0D-8C88-468A-B617-7E9913DD6ABC}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AA267627-1EF3-4619-A982-8B57C636CA73}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C11CE4D0-9C73-491D-A95C-23C0B7BBD490}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller
Key Found : HKLM\SOFTWARE\Solvusoft
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{32C53681-8E69-4659-8320-7422685BD486}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Found : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaahaeginbdcckocjkhbciadcafnep
Key Found : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaahlfahldnilidgnlikdckbfehhca
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Found : HKCU\Software\Mozilla\Firefox\Extensions [{0F827075-B026-42F3-885D-98981EE7B1AE}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [VNT]

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17496

-\\ Mozilla Firefox v34.0 (x86 cs)

-\\ Google Chrome v39.0.2171.95

[C:\Users\slama\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://www.search.ask.com/web?p2=%5EB7N ... trgb=CR&q={searchTerms}

*************************

AdwCleaner[R0].txt - [11995 octets] - [04/01/2015 21:12:16]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [12056 octets] ##########

slama · Příspěvekod **slama** » 04 led 2015 21:53

Programem Malwarebytes' Anti-Malware jsem scanoval PC už dopoledne a našel mi toho poměrně dost. Všechno sem smazal, ale log je v historii, tak ho sem vložim.

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 4.1.2015
Scan Time: 10:23:37
Logfile: anti.txt
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2015.01.04.06
Rootkit Database: v2014.12.30.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: slama

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 387265
Time Elapsed: 17 min, 41 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 65
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\APPID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}, Quarantined, [e1850fe47019f73f0ee93ddb43c05da3],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}, Quarantined, [e1850fe47019f73f0ee93ddb43c05da3],
PUP.Optional.FreeHDSport.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{11111111-1111-1111-1111-110311531136}, Quarantined, [b5b102f1c5c4a195a6bb41d724dfea16],
PUP.Optional.FreeHDSport.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{22222222-2222-2222-2222-220322532236}, Quarantined, [b5b102f1c5c4a195a6bb41d724dfea16],
PUP.Optional.FreeHDSport.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{44444444-4444-4444-4444-440344534436}, Quarantined, [b5b102f1c5c4a195a6bb41d724dfea16],
PUP.Optional.FreeHDSport.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{55555555-5555-5555-5555-550355535536}, Quarantined, [b5b102f1c5c4a195a6bb41d724dfea16],
PUP.Optional.FreeHDSport.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{66666666-6666-6666-6666-660366536636}, Quarantined, [b5b102f1c5c4a195a6bb41d724dfea16],
PUP.Optional.FreeHDSport.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{55555555-5555-5555-5555-550355535536}, Quarantined, [b5b102f1c5c4a195a6bb41d724dfea16],
PUP.Optional.FreeHDSport.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{66666666-6666-6666-6666-660366536636}, Quarantined, [b5b102f1c5c4a195a6bb41d724dfea16],
PUP.Optional.FreeHDSport.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{44444444-4444-4444-4444-440344534436}, Quarantined, [b5b102f1c5c4a195a6bb41d724dfea16],
PUP.Optional.FreeHDSport.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0035336.Sandbox.1, Quarantined, [b5b102f1c5c4a195a6bb41d724dfea16],
PUP.Optional.FreeHDSport.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0035336.Sandbox, Quarantined, [b5b102f1c5c4a195a6bb41d724dfea16],
PUP.Optional.FreeHDSport.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CrossriderApp0035336.Sandbox, Quarantined, [b5b102f1c5c4a195a6bb41d724dfea16],
PUP.Optional.FreeHDSport.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CrossriderApp0035336.Sandbox.1, Quarantined, [b5b102f1c5c4a195a6bb41d724dfea16],
PUP.Optional.FreeHDSport.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0035336.BHO.1, Quarantined, [b5b102f1c5c4a195a6bb41d724dfea16],
PUP.Optional.FreeHDSport.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{11111111-1111-1111-1111-110311531136}, Quarantined, [b5b102f1c5c4a195a6bb41d724dfea16],
PUP.Optional.FreeHDSport.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0035336.BHO, Quarantined, [b5b102f1c5c4a195a6bb41d724dfea16],
PUP.Optional.FreeHDSport.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CrossriderApp0035336.BHO, Quarantined, [b5b102f1c5c4a195a6bb41d724dfea16],
PUP.Optional.FreeHDSport.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CrossriderApp0035336.BHO.1, Quarantined, [b5b102f1c5c4a195a6bb41d724dfea16],
PUP.Optional.FreeHDSport.A, HKU\S-1-5-21-2062399966-243628696-2044685924-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{11111111-1111-1111-1111-110311531136}, Quarantined, [b5b102f1c5c4a195a6bb41d724dfea16],
PUP.Optional.FreeHDSport.A, HKU\S-1-5-21-2062399966-243628696-2044685924-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{11111111-1111-1111-1111-110311531136}, Quarantined, [b5b102f1c5c4a195a6bb41d724dfea16],
PUP.Optional.FreeHDSport.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{11111111-1111-1111-1111-110311531136}, Quarantined, [b5b102f1c5c4a195a6bb41d724dfea16],
PUP.Optional.Outbrowse, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{6D4506CE-F855-4657-AA38-DB6B1F733982}, Quarantined, [a7bf5c97a4e5e6502a57bc60e2212fd1],
PUP.Optional.Outbrowse, HKLM\SOFTWARE\CLASSES\TYPELIB\{03771AEF-400D-4A13-B712-25878EC4A3F5}, Quarantined, [a7bf5c97a4e5e6502a57bc60e2212fd1],
PUP.Optional.Outbrowse, HKLM\SOFTWARE\CLASSES\INTERFACE\{3408AC0D-510E-4808-8F7B-6B70B1F88534}, Quarantined, [a7bf5c97a4e5e6502a57bc60e2212fd1],
PUP.Optional.Outbrowse, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{3408AC0D-510E-4808-8F7B-6B70B1F88534}, Quarantined, [a7bf5c97a4e5e6502a57bc60e2212fd1],
PUP.Optional.Outbrowse, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{03771AEF-400D-4A13-B712-25878EC4A3F5}, Quarantined, [a7bf5c97a4e5e6502a57bc60e2212fd1],
PUP.Optional.Babylon.A, HKU\S-1-5-21-2062399966-243628696-2044685924-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}, Quarantined, [0264e40f6e1b04322b60617e11f10bf5],
PUP.Optional.Babylon.A, HKU\S-1-5-21-2062399966-243628696-2044685924-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}, Quarantined, [0264e40f6e1b04322b60617e11f10bf5],
PUP.Optional.HulaToo.A, HKU\S-1-5-21-2062399966-243628696-2044685924-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{AB65CAF0-FC3B-40F8-8B88-6D096A48F659}, Quarantined, [21457f746c1d47ef74fd9c406b97ed13],
PUP.Optional.HulaToo.A, HKU\S-1-5-21-2062399966-243628696-2044685924-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{AB65CAF0-FC3B-40F8-8B88-6D096A48F659}, Quarantined, [21457f746c1d47ef74fd9c406b97ed13],
PUP.Optional.HulaToo.A, HKU\S-1-5-21-2062399966-243628696-2044685924-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{AB65CAF0-FC3B-40F8-8B88-6D096A48F659}, Quarantined, [21457f746c1d47ef74fd9c406b97ed13],
PUP.Optional.HulaToo.A, HKU\S-1-5-21-2062399966-243628696-2044685924-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{AB65CAF0-FC3B-40F8-8B88-6D096A48F659}, Quarantined, [21457f746c1d47ef74fd9c406b97ed13],
PUP.Optional.Amonetize, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}, Quarantined, [4a1c29cab2d746f0a0f424af1de417e9],
PUP.Optional.Sanbreel.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\{b2db3058-74ee-4ace-bcd8-8cd0fbe3a4f6}Gw64, Quarantined, [1254da19741503332f6126576b98d52b],
PUP.Optional.WebPlayer.A, HKU\S-1-5-21-2062399966-243628696-2044685924-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\FLV Player, Quarantined, [6501c82b92f7fd397448720e788bce32],
PUP.Optional.WebPlayer.A, HKU\S-1-5-21-2062399966-243628696-2044685924-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\FLV Player, Quarantined, [6501c82b92f7fd397448720e788bce32],
PUP.Optional.FreeHDSport.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\FreeHDSport TV, Quarantined, [4d192cc76e1bf046290508b631d31ce4],
PUP.Optional.Sanbreel.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\{3f538614-b636-4023-9ec2-564ada4b07b3}w64, Quarantined, [53134da661283402502f2cb0966ed927],
PUP.Optional.Sanbreel.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\{b2db3058-74ee-4ace-bcd8-8cd0fbe3a4f6}w64, Quarantined, [f96d1cd7bbcea88e047b5c805aaad828],
PUP.Optional.SpeedChecker.A, HKLM\SOFTWARE\Speedchecker Limited, Quarantined, [45216b8890f969cd6d15a4c1f40f41bf],
PUP.Optional.DataMangr.A, HKLM\SOFTWARE\WOW6432NODE\DataMngr, Quarantined, [eb7b06edf8911620eb732664bc47e11f],
PUP.Optional.FreeHDSportTV.A, HKLM\SOFTWARE\WOW6432NODE\FreeHDSport TV, Quarantined, [5f0744af71185adcdcf38df87b88a45c],
PUP.Optional.SweetIM.A, HKLM\SOFTWARE\WOW6432NODE\SweetIM, Quarantined, [b1b549aa3653cd696732432151b2ff01],
PUP.Optional.FreeHDSport.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\nbdbmopeebalgaeghmjoegpkngglikgn, Quarantined, [b5b11ed54c3dbf7753de2896a262e917],
PUP.Optional.SettingsProtector.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\pgafcinpmmpklohkojmllohdhomoefph, Quarantined, [afb7bb38424744f2cb74df8661a244bc],
PUP.Optional.KeepMySearch.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\CLASSES\keepmysearch, Quarantined, [c2a4a74cf29767cf9c7784e3dc277d83],
PUP.Optional.1ClickDownload.A, HKU\S-1-5-21-2062399966-243628696-2044685924-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\1ClickDownload, Quarantined, [d3939a598cfd3afcd653d8e6a361a55b],
PUP.Optional.BabylonToolBar.A, HKU\S-1-5-21-2062399966-243628696-2044685924-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\BabylonToolbar, Quarantined, [88de797aed9c280e7ffb457bed17d030],
PUP.Optional.DataMngr.A, HKU\S-1-5-21-2062399966-243628696-2044685924-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DataMngr, Quarantined, [6cfa71823c4df3432494714bae5658a8],
PUP.Optional.DataMngr.A, HKU\S-1-5-21-2062399966-243628696-2044685924-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DataMngr_Toolbar, Quarantined, [d78ff7fc4e3b0c2a0cab7a42df25f30d],
PUP.Optional.Ividi.A, HKU\S-1-5-21-2062399966-243628696-2044685924-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\iVIDI Plugin, Quarantined, [de8801f2cabff5416eaa25824eb58d73],
PUP.Optional.Softonic.A, HKU\S-1-5-21-2062399966-243628696-2044685924-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Softonic, Quarantined, [2b3b945fef9a6fc738f8d393828105fb],
PUP.Optional.Somoto.A, HKU\S-1-5-21-2062399966-243628696-2044685924-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Somoto, Quarantined, [82e4f6fd53366dc901804b28d033758b],
PUP.Optional.SweetIM.A, HKU\S-1-5-21-2062399966-243628696-2044685924-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SweetIM, Quarantined, [cf976093f09922149afed78de023fd03],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2062399966-243628696-2044685924-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, Quarantined, [1d4943b0f792082e1ceda829778d36ca],
PUP.Optional.FreeHDSportTV.A, HKU\S-1-5-21-2062399966-243628696-2044685924-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\FreeHDSport TV, Quarantined, [0165a84b98f19f977c55454020e3e41c],
PUP.Optional.FilesFrog.A, HKU\S-1-5-21-2062399966-243628696-2044685924-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\BI, Quarantined, [570f21d222673303be8a6b5784800bf5],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2062399966-243628696-2044685924-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\installdaddy, Quarantined, [88de9162bbce66d004bde2db8282f60a],
PUP.Optional.BProtector.A, HKU\S-1-5-21-2062399966-243628696-2044685924-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\bProtectSettings, Quarantined, [e086bb383059dc5a8579a01fe61ed729],
PUP.Optional.Somoto.A, HKU\S-1-5-21-2062399966-243628696-2044685924-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOMOTO\SDP, Quarantined, [bda9c52e9ced162090ec348d7391d927],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2062399966-243628696-2044685924-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, Quarantined, [ce9848abe6a385b142c70dc4d4302dd3],
PUP.Optional.FreeHDSportTV.A, HKU\S-1-5-21-2062399966-243628696-2044685924-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\FreeHDSport TV, Quarantined, [84e28a6995f47fb70fc2b3d2dd2637c9],
PUP.Optional.BProtector.A, HKU\S-1-5-21-2062399966-243628696-2044685924-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\bProtectSettings, Quarantined, [a3c3fcf79aefdf576f8fcff05ea656aa],
PUP.Optional.FilesFrog.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\FilesFrog Update Checker, Quarantined, [da8c6e8576138da955b1f83cec1715eb],

Registry Values: 6
PUP.Optional.FilesFrog.A, HKU\S-1-5-21-2062399966-243628696-2044685924-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\BI|ui_path_filesfrog, HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FilesFrog Update Checker, Quarantined, [570f21d222673303be8a6b5784800bf5]
PUP.BProtector, HKU\S-1-5-21-2062399966-243628696-2044685924-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|bProtector Start Page, http://www.delta-search.com/?affID=1198 ... 4F6A080308, Quarantined, [69fd21d2c4c5b1853b7e9824d33129d7]
PUP.BProtector, HKU\S-1-5-21-2062399966-243628696-2044685924-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|bProtectorDefaultScope, {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}, Quarantined, [2a3cf3003a4fcd696a505963f31131cf]
PUP.Optional.Somoto.A, HKU\S-1-5-21-2062399966-243628696-2044685924-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOMOTO\SDP|affid, daemontoolslite, Quarantined, [bda9c52e9ced162090ec348d7391d927]
PUP.BProtector, HKU\S-1-5-21-2062399966-243628696-2044685924-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|bProtector Start Page, http://www.delta-search.com/?affID=1198 ... 4F6A080308, Quarantined, [b6b0fdf64a3f989ec5f4e2daa55f7d83]
PUP.BProtector, HKU\S-1-5-21-2062399966-243628696-2044685924-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|bProtectorDefaultScope, {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}, Quarantined, [8bdbe80b8cfd30067347e0dcf1137e82]

Registry Data: 0
(No malicious items detected)

Folders: 16
PUP.Optional.OffersWizard.A, C:\Program Files (x86)\Common Files\Config, Quarantined, [74f235be3158b5813101eb95af54738d],
PUP.Optional.WebPlayer.A, C:\Users\slama\AppData\Local\WebPlayer, Quarantined, [6501c82b92f7fd397448720e788bce32],
PUP.Optional.WebPlayer.A, C:\Users\slama\AppData\Local\WebPlayer\FLV Player, Quarantined, [6501c82b92f7fd397448720e788bce32],
PUP.Optional.WebPlayer.A, C:\Users\slama\AppData\Local\WebPlayer\FLV Player\icons, Quarantined, [6501c82b92f7fd397448720e788bce32],
PUP.Optional.WebPlayer.A, C:\Users\slama\AppData\Local\WebPlayer\FLV Player\scripts, Quarantined, [6501c82b92f7fd397448720e788bce32],
PUP.Optional.WebPlayer.A, C:\Users\slama\AppData\Local\WebPlayer\FLV Player\scripts\kango, Quarantined, [6501c82b92f7fd397448720e788bce32],
PUP.Optional.WebPlayer.A, C:\Users\slama\AppData\Local\WebPlayer\FLV Player\scripts\web_player, Quarantined, [6501c82b92f7fd397448720e788bce32],
PUP.Optional.FreeHDSport.A, C:\Program Files (x86)\FreeHDSport TV, Quarantined, [4d192cc76e1bf046290508b631d31ce4],
PUP.Optional.FreeHDSport.A, C:\Program Files (x86)\FreeHDSport.TV, Quarantined, [93d35f945c2d2d092d02a31b54b022de],
PUP.Optional.OpenCandy, C:\Users\slama\AppData\Roaming\OpenCandy, Quarantined, [d492e60db7d273c3885cb77551b2fe02],
PUP.Optional.OpenCandy, C:\Users\slama\AppData\Roaming\OpenCandy\15FBFE4AB138445DAA533FAF1F4C1BB8, Quarantined, [d492e60db7d273c3885cb77551b2fe02],
PUP.Optional.OpenCandy, C:\Users\slama\AppData\Roaming\OpenCandy\E488C68BB5354B1D9039A532CB08281B, Quarantined, [d492e60db7d273c3885cb77551b2fe02],
PUP.Optional.OpenCandy, C:\Users\slama\AppData\Roaming\OpenCandy\EB419D9C0AC1474FA3B320257DFE80F2, Quarantined, [d492e60db7d273c3885cb77551b2fe02],
PUP.Optional.OpenCandy, C:\Users\slama\AppData\Roaming\OpenCandy\OpenCandy_E488C68BB5354B1D9039A532CB08281B, Quarantined, [d492e60db7d273c3885cb77551b2fe02],
PUP.Optional.FilesFrog.A, C:\Users\slama\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker, Quarantined, [67ffa25113760d2924146cc1d52eed13],
PUP.Optional.FilesFrog.A, C:\Program Files (x86)\FilesFrog Update Checker, Quarantined, [da8c6e8576138da955b1f83cec1715eb],

Files: 67
PUP.Optional.FreeHDSport.A, C:\Program Files (x86)\FreeHDSport TV\FreeHDSport TV-bho.dll, Quarantined, [b5b102f1c5c4a195a6bb41d724dfea16],
PUP.Optional.FilesFrog.A, C:\Program Files (x86)\FilesFrog Update Checker\update_checker.exe, Quarantined, [87df0ee57811bd79aecc7ba855ab8d73],
PUP.Optional.FreeHDSportTV.A, C:\Program Files (x86)\FreeHDSport TV\FreeHDSport TV-bg.exe, Quarantined, [b7afa053aadf42f414f499f439c86997],
PUP.Optional.FreeHDSportTV.A, C:\Program Files (x86)\FreeHDSport TV\FreeHDSport TV-buttonutil.exe, Quarantined, [93d3a152a4e543f30206612cbd44a060],
PUP.Optional.FreeHDSportTV.A, C:\Program Files (x86)\FreeHDSport TV\FreeHDSport TV-buttonutil64.exe, Quarantined, [ef771dd60287122422e6eda0a65ba957],
PUP.Optional.FreeHDSportTV.A, C:\Program Files (x86)\FreeHDSport TV\FreeHDSport TV-codedownloader.exe, Quarantined, [3036856e375238fe3ace503d758ca25e],
PUP.Optional.FreeHDSportTV.A, C:\Program Files (x86)\FreeHDSport TV\FreeHDSport TV-enabler.exe, Quarantined, [8dd915deff8a999d8f79246914ed1ee2],
PUP.Optional.CrossRider, C:\Program Files (x86)\FreeHDSport TV\FreeHDSport TV-helper.exe, Quarantined, [9ec8b340f891ed49519db197f70a6f91],
PUP.Optional.FreeHDSportTV.A, C:\Program Files (x86)\FreeHDSport TV\FreeHDSport TV-updater.exe, Quarantined, [fb6b28cb7b0ecd691aeefd908d74b44c],
PUP.Optional.FreeHDSportTV.A, C:\Program Files (x86)\FreeHDSport TV\utils.exe, Quarantined, [2145ef042e5b83b3a7613657cf32a759],
PUP.Optional.CrossRider, C:\Program Files (x86)\FreeHDSport.TV\f2aextsetup.exe, Quarantined, [095dee05c3c62115cea0fd4536cb619f],
PUP.Optional.CrossRider, C:\Program Files (x86)\FreeHDSport.TV\freehdsporttvIE.exe, Quarantined, [f67082715633a6908ce2b989956cb34d],
Trojan.Agent, C:\Users\slama\AppData\Local\Temp\drvinst-1.exe, Quarantined, [3234a053dcad40f61993f95d2cd4a060],
PUP.Optional.Amonetize, C:\Users\slama\AppData\Local\Temp\drvinst-2.exe, Quarantined, [ea7c787b5732d660ac91db836c94936d],
PUP.Optional.PayByAds.A, C:\Users\slama\AppData\Local\Temp\res.dll, Quarantined, [bfa7fbf8cfbaac8a43954179fb0acd33],
PUP.Optional.Amonetize, C:\Users\slama\AppData\Local\Temp\upd80315.exe, Quarantined, [174f4ca7bdccc4724f45e8eb18e9dc24],
Riskware.BitcoinMiner, C:\Windows\Temp\dgen.exe, Quarantined, [254151a29fea50e68b687ce598695ca4],
PUP.Optional.Softonic, C:\Users\slama\Downloads\SoftonicDownloader_for_garena.exe, Quarantined, [9cca688b15747bbb4b6586d4fc04af51],
PUP.Optional.Amonetize, C:\Users\slama\AppData\Local\28922\a867.exe, Quarantined, [4a1c29cab2d746f0a0f424af1de417e9],
PUP.Optional.Somoto.A, C:\Users\slama\AppData\Local\Application Data\Bundled software uninstaller\bi_client.exe, Quarantined, [5313f9fa9bee5dd9b55fd95f4db423dd],
PUP.Optional.InstallD.A, C:\Windows\SysWOW64\installd.exe, Quarantined, [3b2b8073f0998caa47b0245843c07a86],
PUP.Optional.Sanbreel.A, C:\Windows\System32\drivers\{b2db3058-74ee-4ace-bcd8-8cd0fbe3a4f6}Gw64.sys, Quarantined, [1254da19741503332f6126576b98d52b],
PUP.Optional.OffersWizard.A, C:\Program Files (x86)\Common Files\Config\ver.xml, Quarantined, [74f235be3158b5813101eb95af54738d],
PUP.Optional.OffersWizard.A, C:\Program Files (x86)\Common Files\Config\uninstinethnfd.exe, Quarantined, [74f235be3158b5813101eb95af54738d],
PUP.Optional.WebPlayer.A, C:\Users\slama\AppData\Local\WebPlayer\installer.js, Quarantined, [6501c82b92f7fd397448720e788bce32],
PUP.Optional.WebPlayer.A, C:\Users\slama\AppData\Local\WebPlayer\common.js, Quarantined, [6501c82b92f7fd397448720e788bce32],
PUP.Optional.WebPlayer.A, C:\Users\slama\AppData\Local\WebPlayer\Uninstall.exe, Quarantined, [6501c82b92f7fd397448720e788bce32],
PUP.Optional.WebPlayer.A, C:\Users\slama\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe, Quarantined, [6501c82b92f7fd397448720e788bce32],
PUP.Optional.WebPlayer.A, C:\Users\slama\AppData\Local\WebPlayer\FLV Player\icons\main.ico, Quarantined, [6501c82b92f7fd397448720e788bce32],
PUP.Optional.WebPlayer.A, C:\Users\slama\AppData\Local\WebPlayer\FLV Player\icons\shortcut.ico, Quarantined, [6501c82b92f7fd397448720e788bce32],
PUP.Optional.WebPlayer.A, C:\Users\slama\AppData\Local\WebPlayer\FLV Player\icons\tray.ico, Quarantined, [6501c82b92f7fd397448720e788bce32],
PUP.Optional.WebPlayer.A, C:\Users\slama\AppData\Local\WebPlayer\FLV Player\scripts\config.xml, Quarantined, [6501c82b92f7fd397448720e788bce32],
PUP.Optional.WebPlayer.A, C:\Users\slama\AppData\Local\WebPlayer\FLV Player\scripts\default_config.json, Quarantined, [6501c82b92f7fd397448720e788bce32],
PUP.Optional.WebPlayer.A, C:\Users\slama\AppData\Local\WebPlayer\FLV Player\scripts\main.js, Quarantined, [6501c82b92f7fd397448720e788bce32],
PUP.Optional.WebPlayer.A, C:\Users\slama\AppData\Local\WebPlayer\FLV Player\scripts\stub.html, Quarantined, [6501c82b92f7fd397448720e788bce32],
PUP.Optional.WebPlayer.A, C:\Users\slama\AppData\Local\WebPlayer\FLV Player\scripts\kango\event_listener.js, Quarantined, [6501c82b92f7fd397448720e788bce32],
PUP.Optional.WebPlayer.A, C:\Users\slama\AppData\Local\WebPlayer\FLV Player\scripts\kango\initialize.js, Quarantined, [6501c82b92f7fd397448720e788bce32],
PUP.Optional.WebPlayer.A, C:\Users\slama\AppData\Local\WebPlayer\FLV Player\scripts\kango\io.js, Quarantined, [6501c82b92f7fd397448720e788bce32],
PUP.Optional.WebPlayer.A, C:\Users\slama\AppData\Local\WebPlayer\FLV Player\scripts\kango\json.js, Quarantined, [6501c82b92f7fd397448720e788bce32],
PUP.Optional.WebPlayer.A, C:\Users\slama\AppData\Local\WebPlayer\FLV Player\scripts\kango\jsonstorage.js, Quarantined, [6501c82b92f7fd397448720e788bce32],
PUP.Optional.WebPlayer.A, C:\Users\slama\AppData\Local\WebPlayer\FLV Player\scripts\kango\storage.js, Quarantined, [6501c82b92f7fd397448720e788bce32],
PUP.Optional.WebPlayer.A, C:\Users\slama\AppData\Local\WebPlayer\FLV Player\scripts\kango\utils.js, Quarantined, [6501c82b92f7fd397448720e788bce32],
PUP.Optional.WebPlayer.A, C:\Users\slama\AppData\Local\WebPlayer\FLV Player\scripts\kango\xhr.js, Quarantined, [6501c82b92f7fd397448720e788bce32],
PUP.Optional.WebPlayer.A, C:\Users\slama\AppData\Local\WebPlayer\FLV Player\scripts\web_player\initialize.js, Quarantined, [6501c82b92f7fd397448720e788bce32],
PUP.Optional.WebPlayer.A, C:\Users\slama\AppData\Local\WebPlayer\FLV Player\scripts\web_player\web_player.js, Quarantined, [6501c82b92f7fd397448720e788bce32],
PUP.SoftwareUpdater.A, C:\Windows\System32\Tasks\AmiUpdXp, Quarantined, [74f2856ef693c670d997ec98679c9b65],
PUP.Software.Updater, C:\Windows\Tasks\AmiUpdXp.job, Quarantined, [72f4b53eb2d793a3ec485955ba4922de],
PUP.Optional.FreeHDSport.A, C:\Program Files (x86)\FreeHDSport TV\background.html, Quarantined, [4d192cc76e1bf046290508b631d31ce4],
PUP.Optional.FreeHDSport.A, C:\Program Files (x86)\FreeHDSport TV\FreeHDSport TV-buttonutil.dll, Quarantined, [4d192cc76e1bf046290508b631d31ce4],
PUP.Optional.FreeHDSport.A, C:\Program Files (x86)\FreeHDSport TV\FreeHDSport TV-buttonutil64.dll, Quarantined, [4d192cc76e1bf046290508b631d31ce4],
PUP.Optional.FreeHDSport.A, C:\Program Files (x86)\FreeHDSport TV\FreeHDSport TV.ico, Quarantined, [4d192cc76e1bf046290508b631d31ce4],
PUP.Optional.FreeHDSport.A, C:\Program Files (x86)\FreeHDSport TV\Installer.log, Quarantined, [4d192cc76e1bf046290508b631d31ce4],
PUP.Optional.FreeHDSport.A, C:\Program Files (x86)\FreeHDSport TV\Uninstall.exe, Quarantined, [4d192cc76e1bf046290508b631d31ce4],
PUP.Optional.FreeHDSport.A, C:\Program Files (x86)\FreeHDSport.TV\freehdsporttv10.crx, Quarantined, [93d35f945c2d2d092d02a31b54b022de],
PUP.Optional.FreeHDSport.A, C:\Windows\Tasks\FreeHDSport TV-codedownloader.job, Quarantined, [dd8929cac7c28ea81719b30b9e669b65],
PUP.Optional.FreeHDSport.A, C:\Windows\Tasks\FreeHDSport TV-enabler.job, Quarantined, [0b5b49aa76139b9b072900be52b2639d],
PUP.Optional.FreeHDSport.A, C:\Windows\Tasks\FreeHDSport TV-updater.job, Quarantined, [93d3ae45fe8b6ec8c868aa14f212da26],
PUP.Optional.BProtector.A, C:\Users\slama\AppData\Local\Google\Chrome\User Data\Default\bprotector web data, Quarantined, [e482cd2699f07fb7d22d7847de26b848],
PUP.Optional.BProtector.A, C:\Users\slama\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences, Quarantined, [ca9c60936f1abb7b60a08937d52f1ee2],
PUP.Optional.Sanbreel.A, C:\Windows\System32\drivers\{3f538614-b636-4023-9ec2-564ada4b07b3}w64.sys, Quarantined, [53134da661283402502f2cb0966ed927],
PUP.Optional.Sanbreel.A, C:\Windows\System32\drivers\{b2db3058-74ee-4ace-bcd8-8cd0fbe3a4f6}w64.sys, Quarantined, [f96d1cd7bbcea88e047b5c805aaad828],
PUP.Optional.OpenCandy, C:\Users\slama\AppData\Roaming\OpenCandy\15FBFE4AB138445DAA533FAF1F4C1BB8\avg_tuht_stf_cs_2014_206_CZ.exe, Quarantined, [d492e60db7d273c3885cb77551b2fe02],
PUP.Optional.OpenCandy, C:\Users\slama\AppData\Roaming\OpenCandy\E488C68BB5354B1D9039A532CB08281B\version512e990dafdb7.exe, Quarantined, [d492e60db7d273c3885cb77551b2fe02],
PUP.Optional.OpenCandy, C:\Users\slama\AppData\Roaming\OpenCandy\EB419D9C0AC1474FA3B320257DFE80F2\TuneUpUtilities2013-2200329_cs-CZ.exe, Quarantined, [d492e60db7d273c3885cb77551b2fe02],
PUP.Optional.FilesFrog.A, C:\Users\slama\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker\Check for Updates.lnk, Quarantined, [67ffa25113760d2924146cc1d52eed13],
PUP.Optional.FilesFrog.A, C:\Users\slama\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker\Uninstall.lnk, Quarantined, [67ffa25113760d2924146cc1d52eed13],
PUP.Optional.FilesFrog.A, C:\Program Files (x86)\FilesFrog Update Checker\uninstall.exe, Quarantined, [da8c6e8576138da955b1f83cec1715eb],

Physical Sectors: 0
(No malicious items detected)

(end)

Příspěvekod **Orcus** » 05 led 2015 09:33

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
Klikni na „ Smazat“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.

====================================================

Stáhni si Junkware Removal Tool

na svojí plochu.
Deaktivuj si svůj antivirový program.
Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

====================================================

Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

slama · Příspěvekod **slama** » 05 led 2015 12:03

# AdwCleaner v4.106 - Report created 05/01/2015 at 11:59:15
# Updated 21/12/2014 by Xplode
# Database : 2015-01-03.1 [Live]
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : slama - SLAMA-PC
# Running from : C:\Users\slama\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : APNMCP
[#] Service Deleted : ProtectMonitor
[#] Service Deleted : Skype C2C Service

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\AskPartnerNetwork
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedItup Free
Folder Deleted : C:\Program Files (x86)\Ask.com
Folder Deleted : C:\Program Files (x86)\AskPartnerNetwork
Folder Deleted : C:\Program Files (x86)\SpeedItup Free
Folder Deleted : C:\Program Files (x86)\VNT
Folder Deleted : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
Folder Deleted : C:\Windows\SpeedItup Free
Folder Deleted : C:\Users\slama\AppData\Local\Temp\apn
Folder Deleted : C:\Program Files\PCDApp
Folder Deleted : C:\Users\slama\AppData\Local\AskPartnerNetwork
Folder Deleted : C:\Users\slama\AppData\Local\VNT
Folder Deleted : C:\Users\slama\AppData\Local\CrashRpt
Folder Deleted : C:\Users\slama\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\slama\AppData\Roaming\Babylon
Folder Deleted : C:\Users\slama\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserProtect
Folder Deleted : C:\Users\slama\AppData\Roaming\Mozilla\Firefox\Profiles\v1e5srai.default\Extensions\toolbar@ask.com
Folder Deleted : C:\Users\slama\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaahaeginbdcckocjkhbciadcafnep
File Deleted : C:\Windows\SpeedItup Free Setup Log.txt
File Deleted : C:\Users\slama\AppData\Roaming\Mozilla\Firefox\Profiles\4ps2ubvl.default\user.js
File Deleted : C:\Users\slama\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\user.js
File Deleted : C:\Users\slama\AppData\Roaming\Mozilla\Firefox\Profiles\v1e5srai.default\user.js

***** [ Scheduled Tasks ] *****

Task Deleted : BrowserProtect
Task Deleted : Scheduled Update for Ask Toolbar

***** [ Shortcuts ] *****

Shortcut Disinfected : C:\Users\slama\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FLV Player\Uninstall.lnk

***** [ Registry ] *****

Value Deleted : HKCU\Software\Mozilla\Firefox\Extensions [{0F827075-B026-42F3-885D-98981EE7B1AE}]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaahaeginbdcckocjkhbciadcafnep
Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaahaeginbdcckocjkhbciadcafnep
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaahlfahldnilidgnlikdckbfehhca
Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaahlfahldnilidgnlikdckbfehhca
Key Deleted : HKCU\Software\Classes\pokki
Key Deleted : HKCU\Software\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.superfish.com
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [VNT]
Key Deleted : HKCU\Software\5de8d8abd38ee48
Key Deleted : HKLM\SOFTWARE\5de8d8abd38ee48
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{99E29823-2F67-41C3-8AA5-6425097A771F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{12C1F3F5-4FB2-4191-A1FD-CA464E6823C0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6FA9C2C7-B82C-4944-B077-E1D8EA9E2B3D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{730C3A0D-8C88-468A-B617-7E9913DD6ABC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AA267627-1EF3-4619-A982-8B57C636CA73}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C11CE4D0-9C73-491D-A95C-23C0B7BBD490}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{32C53681-8E69-4659-8320-7422685BD486}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\APN
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\AskPartnerNetwork
Key Deleted : HKCU\Software\AskToolbar
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\StartSearch
Key Deleted : HKCU\Software\Webplayer
Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\SOFTWARE\APN
Key Deleted : HKLM\SOFTWARE\AskPartnerNetwork
Key Deleted : HKLM\SOFTWARE\AskToolbar
Key Deleted : HKLM\SOFTWARE\Babylon
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\Solvusoft
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17496

-\\ Mozilla Firefox v34.0 (x86 cs)

-\\ Google Chrome v39.0.2171.95

[C:\Users\slama\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.search.ask.com/web?p2=%5EB7N ... trgb=CR&q={searchTerms}

*************************

AdwCleaner[R0].txt - [12301 octets] - [04/01/2015 21:12:16]
AdwCleaner[R1].txt - [12483 octets] - [05/01/2015 11:57:40]
AdwCleaner[S0].txt - [12233 octets] - [05/01/2015 11:59:15]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [12294 octets] ##########

slama · Příspěvekod **slama** » 05 led 2015 12:10

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.1 (12.28.2014:1)
OS: Windows 7 Professional x64
Ran by slama on po 05.01.2015 at 12:05:42,83
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

Successfully deleted: [Registry Key] "hkey_current_user\software\microsoft\internet explorer\low rights\elevationpolicy\{a5aa24ea-11b8-4113-95ae-9ed71deaf12a}"
Successfully deleted: [Registry Key] "hkey_local_machine\software\classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9"

~~~ Files

Successfully deleted: [File] "C:\Windows\wininit.ini"

~~~ Folders

~~~ FireFox

Emptied folder: C:\Users\slama\AppData\Roaming\mozilla\firefox\profiles\4ps2ubvl.default\minidumps [98 files]

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on po 05.01.2015 at 12:08:54,25
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

slama · Příspěvekod **slama** » 05 led 2015 12:17

RogueKiller V10.1.1.0 (x64) [Dec 23 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno : Normální režim
Uživatel : slama [Práva správce]
Mód : Prohledat -- Datum : 01/05/2015 12:15:26

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 10 ¤¤¤
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-2062399966-243628696-2044685924-1000\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.garena.com/portal/ -> Nalezeno
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-2062399966-243628696-2044685924-1000\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.garena.com/portal/ -> Nalezeno
[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Nalezeno
[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Nalezeno
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-2062399966-243628696-2044685924-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Nalezeno
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-2062399966-243628696-2044685924-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Nalezeno
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nalezeno
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Nalezeno
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nalezeno
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Nalezeno

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: ST500DM002-1BD142 ATA Device +++++
--- User ---
[MBR] 30bc1f16ebcd96593394e5f2d6c3558c
[BSP] 11515f4c2b5dbf34f7c906c8b8ab2301 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 200000 MB
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 409806848 | Size: 276838 MB
User = LL1 ... OK
User = LL2 ... OK

Příspěvekod **jaro3** » 05 led 2015 18:46

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB (kromě myši s klávesnice) nebo externí disky z počítače před spuštěním tohoto programu.
Spusť znovu RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Pak klikni na "Prohledat " ,po jeho skončení:

- V záložkách (Registry , Tasks , Web Browser apod.) vše zatrhni (dej zatržítka)
(musíš dát myší zatržítko do toho čtverečku vlevo od registru ap.)

- Klikni na "Smazat"
- Počkej, dokud Status box nezobrazí " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

Vypni antivir
Stáhni
Zoek.exe

a uloz si ho na plochu.
Zavři všechny ostatní programy , okna i prohlížeče.
Spusť Zoek.exe ( u win vista , win7, 8 klikni na něj pravým a vyber : „Spustit jako správce“
- pozor , náběh programu může trvat déle.

Do okna programu vlož skript níže:

Kód: Vybrat vše

autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts;

klikni na Run Script
Program provede sken , opravu, sken i oprava může trvat i více minut ,je třeba posečkat do konce. Do okna neklikej!
Program nabídne restart , potvrď .

Po restartu se může nějaký čas ukázat pouze černá plocha , to je normální. Je třeba počkat až se vytvoří log. Ten si můžeš uložit třeba do dokumentů , jinak se sám ukládá do:
C:\zoek-results.log
Zkopíruj sem celý obsah toho logu.

slama · Příspěvekod **slama** » 06 led 2015 01:32

RogueKiller V10.1.1.0 (x64) [Dec 23 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno : Normální režim
Uživatel : slama [Práva správce]
Mód : Smazat -- Datum : 01/06/2015 01:31:46

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 10 ¤¤¤
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-2062399966-243628696-2044685924-1000\Software\Microsoft\Internet Explorer\Main | Start Page : http://go.microsoft.com/fwlink/p/?LinkId=255141 -> Nahrazeno (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-2062399966-243628696-2044685924-1000\Software\Microsoft\Internet Explorer\Main | Start Page : http://go.microsoft.com/fwlink/p/?LinkId=255141 -> Nahrazeno (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 2 -> Nahrazeno (2)
[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 2 -> Nahrazeno (2)
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-2062399966-243628696-2044685924-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 1 -> Nahrazeno (1)
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-2062399966-243628696-2044685924-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 1 -> Nahrazeno (1)
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 0 -> Nahrazeno (0)
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 0 -> Nahrazeno (0)
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 0 -> Nahrazeno (0)
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 0 -> Nahrazeno (0)

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤

¤¤¤ Webové prohlížeče : 1 ¤¤¤
[FIREFX:Addon] 4ps2ubvl.default : Adblock Plus [{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}] -> Smazáno

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: ST500DM002-1BD142 ATA Device +++++
--- User ---
[MBR] 30bc1f16ebcd96593394e5f2d6c3558c
[BSP] 11515f4c2b5dbf34f7c906c8b8ab2301 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 200000 MB
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 409806848 | Size: 276838 MB
User = LL1 ... OK
User = LL2 ... OK

============================================
RKreport_SCN_01052015_121526.log - RKreport_SCN_01062015_012202.log - RKreport_SCN_01062015_012212.log - RKreport_SCN_01062015_012359.log
RKreport_SCN_01062015_012928.log - RKreport_DEL_01062015_013134.log

slama · Příspěvekod **slama** » 06 led 2015 01:52

Zoek.exe v5.0.0.0 Updated 31-12-2014
Tool run by slama on Łt 06.01.2015 at 1:35:58,45.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\slama\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

6.1.2015 1:36:44 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\dumps deleted successfully
C:\PROGRA~2\MSXML 4.0 deleted successfully
C:\PROGRA~2\Seznam.cz deleted successfully
C:\PROGRA~2\Unigine deleted successfully
C:\PROGRA~2\COMMON~1\Autodesk Shared deleted successfully
C:\Program Files\ATI Technologies deleted successfully
C:\PROGRA~3\DassaultSystemes deleted successfully
C:\Users\slama\AppData\Roaming\BitTorrent deleted successfully
C:\Users\slama\AppData\Roaming\DassaultSystemes deleted successfully
C:\Users\slama\AppData\Roaming\Publish Providers deleted successfully
C:\Users\slama\AppData\Roaming\Wiane deleted successfully
C:\Users\slama\AppData\Roaming\Wycemi deleted successfully
C:\Users\slama\AppData\Local\DassaultSystemes deleted successfully
C:\Users\slama\AppData\Local\GHISLER deleted successfully
C:\Users\slama\AppData\Local\Secunia PSI deleted successfully
C:\Users\slama\AppData\Local\VirtualStore deleted successfully
C:\Users\slama\AppData\Local\WarThunder deleted successfully
C:\Users\J8D6B~1\AppData\Local\EmieSiteList deleted successfully
C:\Users\J8D6B~1\AppData\Local\EmieUserList deleted successfully

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\spdfrmon deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\spdfrmon deleted successfully

==== FireFox Fix ======================

Deleted from C:\Users\slama\AppData\Roaming\Mozilla\Firefox\Profiles\4ps2ubvl.default\prefs.js:
user_pref("browser.newtab.url", "");
user_pref("keyword.URL", "");

Added to C:\Users\slama\AppData\Roaming\Mozilla\Firefox\Profiles\4ps2ubvl.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Deleted from C:\Users\slama\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js:

Added to C:\Users\slama\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Deleted from C:\Users\slama\AppData\Roaming\Mozilla\Firefox\Profiles\v1e5srai.default\prefs.js:

Added to C:\Users\slama\AppData\Roaming\Mozilla\Firefox\Profiles\v1e5srai.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\slama\AppData\Roaming\Mozilla\Firefox\Profiles\4ps2ubvl.default

user.js not found
---- Lines HulaToo removed from prefs.js ----
user_pref("extensions.HulaToo.asul", "1412666979850");
user_pref("extensions.HulaToo.aul", "1412666919159");
user_pref("extensions.HulaToo.irl", true);
user_pref("extensions.HulaToo.is", "amp5lmcz");
user_pref("extensions.HulaToo.ug", "13BAB20E-C476-4264-9F15-3BB3C09BA45D");
---- FireFox user.js and prefs.js backups ----

prefs_06.01.2015_0145_.backup

ProfilePath: C:\Users\slama\AppData\Roaming\Mozilla\Firefox\Profiles\extensions

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_06.01.2015_0145_.backup

ProfilePath: C:\Users\slama\AppData\Roaming\Mozilla\Firefox\Profiles\v1e5srai.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_06.01.2015_0145_.backup

==== Deleting Files \ Folders ======================

C:\PROGRA~2\SopCast deleted
C:\PokerStarsInstall.exe deleted
C:\Users\slama\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\SpeedItup Free.lnk deleted
C:\PROGRA~3\spds90.txt deleted
C:\PROGRA~3\Microsoft\Windows\Start Menu\SpeedItup Free.lnk deleted
C:\PROGRA~3\Microsoft\Windows\Start Menu\Programs\SpeedItup Free.lnk deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\slama\AppData\Local\Pokki deleted
C:\Users\slama\AppData\Local\cache deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\gpt.ini deleted
C:\Windows\SysWow64\searchplugins deleted
C:\Windows\SysWow64\Extensions deleted
"C:\Users\slama\AppData\Roaming\Arura\pooxv.gog" deleted
"C:\Users\slama\AppData\Roaming\Arura" deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\slama\AppData\Roaming\Mozilla\Firefox\Profiles\4ps2ubvl.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\slama\AppData\Roaming\Mozilla\Firefox\Profiles\extensions
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\slama\AppData\Roaming\Mozilla\Firefox\Profiles\v1e5srai.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions ======================

ExtDir: C:\Users\slama\AppData\Roaming\Mozilla\Firefox\Profiles\extensions
- FreeHDSport TV 3 - %ExtDir%\fhdp3@freehdsp.tv.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Skype Click to Call - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\slama\AppData\Roaming\Mozilla\Firefox\Profiles\4ps2ubvl.default
424899266BA430CCE5DDB6C1B4BE1B99 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll - Shockwave Flash
87132527E2256CF6683A18C4EB34DD3B - C:\Windows\system32\Wat\npWatWeb.dll - Windows Activation Technologies

==== Deleted Firefox Extensions ======================

C:\Users\slama\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\fhdp3@freehdsp.tv.xpi deleted

==== Chromium Look ======================

Google Chrome Version: 39.0.2171.95 (Up to date, latest Stable version: 39.0.2171.95)

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
aaaajabnoiehionljhjpclogplgillib - C:\ProgramData\AskPartnerNetwork\Toolbar\CME-V7\CRX\ToolbarCR.crx[]

Ask Toolbar - slama\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaajabnoiehionljhjpclogplgillib
HulaToo - slama\AppData\Local\Google\Chrome\User Data\Default\Extensions\hojpcnhghmamaompgncpjnjknhjjhjpm
Ask Toolbar - J8D6B~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaajabnoiehionljhjpclogplgillib

==== Chromium Fix ======================

C:\Users\J8D6B~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaajabnoiehionljhjpclogplgillib deleted successfully
C:\Users\slama\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaajabnoiehionljhjpclogplgillib deleted successfully
C:\Users\slama\AppData\Local\Google\Chrome\User Data\Default\Extensions\hojpcnhghmamaompgncpjnjknhjjhjpm deleted successfully
C:\Users\slama\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_hojpcnhghmamaompgncpjnjknhjjhjpm_0.localstorage deleted successfully
C:\Users\slama\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_hojpcnhghmamaompgncpjnjknhjjhjpm_0.localstorage-journal deleted successfully
C:\Users\slama\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hojpcnhghmamaompgncpjnjknhjjhjpm deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

==== Reset Google Chrome ======================

C:\Users\slama\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\J8D6B~1\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\slama\AppData\Local\Google\Chrome\User Data\Default\web data was reset successfully
C:\Users\J8D6B~1\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\aaaajabnoiehionljhjpclogplgillib deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\aaaajabnoiehionljhjpclogplgillib deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SpeeditupFree deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnTBMon deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnUpdater deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitComet deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FLV Player deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GarenaPlus deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SDP deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Seznam.chromeUpdatePref deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpeedItupFree deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorShield deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorUpdater deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\slama\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\slama\AppData\Local\Mozilla\Firefox\Profiles\4ps2ubvl.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\slama\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\J8D6B~1\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=931 folders=308 92000365 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\slama\AppData\Local\Temp will be emptied at reboot
C:\Users\J8D6B~1\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\slama\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\slama\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaajabnoiehionljhjpclogplgillib" not found

==== EOF on Łt 06.01.2015 at 1:50:28,76 ======================

Příspěvekod **jaro3** » 06 led 2015 10:17

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

Vlož nový log z HJT + info o problémech.

Prosím o kontrolu (vytížení RAM) Vyřešeno

Prosím o kontrolu (vytížení RAM)

Re: Prosím o kontrolu (vytížení RAM)

Re: Prosím o kontrolu (vytížení RAM)

Re: Prosím o kontrolu (vytížení RAM)

Re: Prosím o kontrolu (vytížení RAM)

Re: Prosím o kontrolu (vytížení RAM)

Re: Prosím o kontrolu (vytížení RAM)

Re: Prosím o kontrolu (vytížení RAM)

Re: Prosím o kontrolu (vytížení RAM)

Re: Prosím o kontrolu (vytížení RAM)

Re: Prosím o kontrolu (vytížení RAM)

Re: Prosím o kontrolu (vytížení RAM)

Kdo je online