Sekání notebooku

Ahoj, mám notebook Acer aspire 5560, proc.: amd Quad-core 1.6Ghz s turbem na 2.3Ghz, graf.: Amd radeon HD 6520g 512MB, 4Gb ram, windows 7 64 bit.

Po zapnuti v klidu bezi, ale cca po 3 minutach se sekne a nejde nic dělat. Začalo to včera večer, ještě odpoledne jsem na nem pracoval a nebyl problém. Je uplne jedno jestli zapnu internet, dokumenty nebo nezapnu vůbec nic a nechám ho běžet na ploše, ale po tech 3 minutach se zasekne a nejde nic, akorát jezdit myší, ale nic nereaguje a musí se vypnout na tvrdo. Mam pod nim i chladič, takže si nemyslím že jde o přehřívání. Zkusil bych ho procistit nebo něco takového, ale nedá se to stihnout během těch 3 minut. Budu rád za každou radu, děkuji

Zkus to zapnout v nouzovém režimu..

Instaloval / stahoval/ aktualizoval jsi něco ?

AntiVir používáš jaký ?

Mám eset nod 32, stahoval sem pouze písničky jinak nic, ani aktualizace. V nouzovém režimu to bezi zatím v pohodě a neseka se to.

Tak to tam bude nějaký bordel, pročisti to v něm ..

Zkus adwcleaner, junkware removal tool, malwarebytes antimalware, ...atd..

Případné nálezy v nich smaž ..
Popřípadě nabootuj kaspersky - návod :
Rescuedisk.kaspersky
Stáhnout

http://rescuedisk.kaspersky-labs.com/rescuedisk/updatable/kav_rescue_10.iso

Soubor .iso vypal na CD v tomto programu: Active ISO Burner

http://www.slunecnice.cz/sw/active-iso-burner/

Při startu windows drž klávesu Delete a dostaneš se do BIOSu. V něm , na záložce BOOT, změň boot na prvním místě na CD/DVD. Potvrď změnu (Save and Exit).

Po restartu se na chvíli objeví BIOS a poté černá obrazovka ,nahoře s textem:

Boot z CD/DVD pokračujte libovolnou klávesou- nějakou hned stiskni.

Pak se již nabootuje Kaspersky Rescue Disk. V tomto programu můžeš odstranit viry, spyware nebo jiný nebezpečný a škodlivý software.

Měl by si vybrat myslím tu druhou možnost od shora, pak vybrat :

All peripherialls ( to je všechny disky- oddíly), flešky, mechaniky, MBR atd.

Při pokračování trvá někdy dlouho černá obrazovka , vydrž , program stále pracuje.

http://www.softpedia.com/get/Antivirus/Kaspersky-Rescue-Disk.shtml

http://www.softpedia.com/get/Antivirus/Kaspersky-Rescue-Disk.shtml

Děkuji mockrát, zkusím postupně vše co jsi mi poradil. Dám ještě vědět, kdyby to náhodou nezabralo

OK, kdyby jsi si nevěděl s něčím rady, dej vědět..

Tak jsem udělal vše, co si mi poradil. Našlo to několik desítek virů, který jsem smazal nebo hodil do karantény. Pak ale klasicky zapnu notas a po chvíli znovu zamrzne a nedá se nic dělat. Permanentně svítí kontrolka pevného disku, že pořád pracuje..měl by jsi nějáké další rady prosím?

Asi tam toho bude povíc ..

Zkus tohle (stáhni, nainstaluj, spusť a dej sem kopii textu z toho výsledného logu :

http://sourceforge.net/projects/hjt/files/2.0.4/HijackThis.exe/download

-------------------------------

A ještě zkus znovu spustit ten adwcleaner a nemaž to jen sem dej taky obsah toho reportu - logu ..

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:37:23, on 12.11.2014

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v11.0 (11.00.9600.17344)

FIREFOX: 33.0.3 (x86 cs)

Boot mode: Safe mode with network support

Running processes:

C:Program Files (x86)Mozilla Firefoxfirefox.exe

C:UsersCheaterDownloadsHijackThis.exe

R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.seznam.cz/

R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141

R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141

R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =

R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch =

R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Local Page = C:WindowsSysWOW64blank.htm

R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =

R3 - URLSearchHook: SimilarWeb - {74198672-5F7D-4FE9-A611-4AC1D5A66A15} - C:Program Files (x86)SimilarWebSimilarWeb.dll

R3 - URLSearchHook: (no name) - - (no file)

F2 - REG:system.ini: UserInit=userinit.exe,

O2 - BHO: E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:Program Files (x86)Epson SoftwareE-Web Printewps_tb.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:Program Files (x86)Microsoft OfficeOffice12GrooveShellExtensions.dll

O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program Files (x86)Javajre1.8.0_25binssv.dll

O2 - BHO: ArcPluginIEBHO - {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} - C:Program Files (x86)Perfect World EntertainmentArcPluginsArcPluginIE.dll

O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:Program Files (x86)Bluetooth SuiteIEPlugIn.dll

O2 - BHO: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program Files (x86)Common FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:Program Files (x86)SkypeToolbarsInternet ExplorerSkypeIEPlugin.dll

O2 - BHO: QUICKfind BHO Object - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:PROGRA~2IDMQUICKF~1PlugInsIEHelp.dll

O2 - BHO: Vizuální záložky - {C93F72A2-2162-4BBA-A07A-F13663C297A6} - C:Program Files (x86)YandexYandexBarIEfastdial.dll

O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:Program Files (x86)MicrosoftBingBarBingExt.dll" (file missing)

O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:Program Files (x86)Javajre1.8.0_25binjp2ssv.dll

O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:Program Files (x86)MicrosoftBingBarBingExt.dll" (file missing)

O3 - Toolbar: Yandex.Bar - {91397D20-1446-11D4-8AF4-0040CA1127B6} - C:Program Files (x86)YandexYandexBarIEyndbar.dll

O3 - Toolbar: Anonymous Browsing - {866D0E2C-8CCE-4AAE-B9F4-59F245945691} - C:Program Files (x86)Anonymous BrowsingAAABBar.dll

O3 - Toolbar: SimilarWeb - {74198672-5F7D-4FE9-A611-4AC1D5A66A15} - C:Program Files (x86)SimilarWebSimilarWeb.dll

O3 - Toolbar: E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:Program Files (x86)Epson SoftwareE-Web Printewps_tb.dll

O4 - HKLM..Run: [BackupManagerTray] "C:Program Files (x86)NTIAcer Backup ManagerBackupManagerTray.exe" -h -k

O4 - HKLM..Run: [SuiteTray] "C:Program Files (x86)EgisTec MyWinLockerSuitex86SuiteTray.exe"

O4 - HKLM..Run: [EgisTecPMMUpdate] "C:Program Files (x86)EgisTec IPSPmmUpdate.exe"

O4 - HKLM..Run: [EgisUpdate] "C:Program Files (x86)EgisTec IPSEgisUpdate.exe" -d

O4 - HKLM..Run: [StartCCC] "C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCLIStart.exe" MSRun

O4 - HKLM..Run: [Dolby Advanced Audio v2] "Colby PCEE4pcee4.exe" -autostart

O4 - HKLM..Run: [LManager] C:Program Files (x86)Launch ManagerLManager.exe

O4 - HKLM..Run: [GrooveMonitor] "C:Program Files (x86)Microsoft OfficeOffice12GrooveMonitor.exe"

O4 - HKLM..Run: [WinampAgent] "C:Program Files (x86)Winampwinampa.exe"

O4 - HKLM..Run: [SwitchBoard] C:Program Files (x86)Common FilesAdobeSwitchBoardSwitchBoard.exe

O4 - HKLM..Run: [AdobeCS5ServiceManager] "C:Program Files (x86)Common FilesAdobeCS5ServiceManagerCS5ServiceManager.exe" -launchedbylogin

O4 - HKLM..Run: [YouCam Service] "C:Program Files (x86)CyberLinkYouCamYouCamService.exe" /s

O4 - HKLM..Run: [EEventManager] "C:Program Files (x86)Epson SoftwareEvent ManagerEEventManager.exe"

O4 - HKLM..Run: [seznam-listicka-distribuce] "C:Program Files (x86)Seznam.czdistributionszninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate

O4 - HKLM..Run: [Adobe ARM] "C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe"

O4 - HKLM..Run: [MSStp] C:Windowsinfmsstp.vbe

O4 - HKLM..Run: [mncnycyfoSrv] C:Windowssystem32mncnycyfo.vbe

O4 - HKLM..Run: [SunJavaUpdateSched] "C:Program Files (x86)Common FilesJavaJava Updatejusched.exe"

O4 - HKCU..Run: [ISUSPM] "C:Program Files (x86)Common FilesInstallShieldUpdateServiceISUSPM.exe" -scheduler

O4 - HKCU..Run: [Pando Media Booster] C:Program Files (x86)Pando NetworksMedia BoosterPMB.exe

O4 - HKCU..Run: [WebcamMaxAutoRun] "C:Program Files (x86)WebcamMaxwcmmon.exe" -a

O4 - HKCU..Run: [DAEMON Tools Lite] "C:Program Files (x86)DAEMON Tools LiteDTLite.exe" -autorun

O4 - HKCU..Run: [GarenaPlus] "C:Program Files (x86)Garena PlusGarenaMessenger.exe" -autolaunch

O4 - HKCU..Run: [cz.seznam.software.autoupdate] "C:Users

O4 - HKCU..Run: [cz.seznam.software.autoupdate] "C:UsersCheaterAppDataRoamingSeznam.czszninstall.exe" -c

O4 - HKCU..Run: [cz.seznam.software.szndesktop] "C:UsersCheaterAppDataRoamingSeznam.czbinwszndesktop.exe" -q

O4 - HKCU..Run: [EPLTargetP0000000000000001] C:Windowssystem32spoolDRIVERSx643E_IATIILE.EXE /EPT "EPLTargetP0000000000000001" /M "XP-205 207 Series"

O4 - HKCU..Run: [EPLTargetP0000000000000000] C:Windowssystem32spoolDRIVERSx643E_IATIILE.EXE /EPT "EPLTargetP0000000000000000" /M "XP-205 207 Series"

O4 - HKUSS-1-5-19..Run: [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUSS-1-5-19..RunOnce: [mctadmin] C:WindowsSystem32mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUSS-1-5-20..Run: [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUSS-1-5-20..RunOnce: [mctadmin] C:WindowsSystem32mctadmin.exe (User 'NETWORK SERVICE')

O4 - HKUSS-1-5-18..RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')

O4 - HKUS.DEFAULT..RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')

O4 - Startup: MultiSkypeLauncher.lnk = C:Program Files (x86)MultiSkypeLauncherMultiSkypeLauncher.exe

O4 - Startup: Registrace Need for Speed™ Undercover.lnk = C:Program Files (x86)EA GAMESNeed for Speed UndercoverSupportEAregister.exe

O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:PROGRA~2MICROS~4Office12EXCEL.EXE/3000

O8 - Extra context menu item: Free YouTube to MP3 Converter - C:UsersCheaterAppDataRoamingDVDVideoSoftIEHelpersfreeyoutubetomp3converter.htm

O9 - Extra button: @C:Program Files (x86)Windows LiveWriterWindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:Program Files (x86)Windows LiveWriterWriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:Program Files (x86)Windows LiveWriterWindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:Program Files (x86)Windows LiveWriterWriterBrowserExtension.dll

O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:PROGRA~2MICROS~4Office12ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:PROGRA~2MICROS~4Office12ONBttnIE.dll

O9 - Extra button: SimilarWeb - {5D06ED6E-DA78-4486-A246-B131A2C39807} - C:Program Files (x86)SimilarWebSimilarWeb.dll

O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:Program Files (x86)Bluetooth SuiteIEPlugIn.dll

O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:Program Files (x86)Bluetooth SuiteIEPlugIn.dll

O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:Program Files (x86)SkypeToolbarsInternet ExplorerSkypeIEPlugin.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:PROGRA~2MICROS~4Office12REFIEBAR.DLL

O10 - Unknown file in Winsock LSP: c:program files (x86)common filesmicrosoft sharedwindows livewlidnsp.dll

O10 - Unknown file in Winsock LSP: c:program files (x86)common filesmicrosoft sharedwindows livewlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O15 - Trusted Zone: *.clonewarsadventures.com

O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:Program Files (x86)Microsoft OfficeOffice12GrooveSystemServices.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:PROGRA~2COMMON~1SkypeSKYPE4~1.DLL

O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:Program Files (x86)SkypeToolbarsInternet ExplorerSkypeIEPlugin.dll

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:Program Files (x86)Windows LivePhoto GalleryAlbumDownloadProtocolHandler.dll

O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:Program Files (x86)Common FilesABBYYFineReaderSprint9.00LicensingNetworkLicenseServer.exe

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:WindowsSysWOW64MacromedFlashFlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%system32Alg.exe,-112 (ALG) - Unknown owner - C:WindowsSystem32alg.exe (file missing)

O23 - Service: AMD External Events Utility - Unknown owner - C:Windowssystem32atiesrxx.exe (file missing)

O23 - Service: Arc Service (ArcService) - Perfect World Entertainment Inc - C:Program Files (x86)Perfect World EntertainmentArcArcService.exe

O23 - Service: AtherosSvc - Atheros Commnucations - C:Program Files (x86)Bluetooth Suiteadminservice.exe

O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:Program Files (x86)Launch Managerdsiwmis.exe

O23 - Service: @%SystemRoot%system32efssvc.dll,-100 (EFS) - Unknown owner - C:WindowsSystem32lsass.exe (file missing)

O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:Program Files (x86)Common FilesEgisTecServicesEgisTicketService.exe

O23 - Service: ESET Service (ekrn) - ESET - C:Program FilesESETESET NOD32 Antivirusx86ekrn.exe

O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:Program FilesAcerAcer ePower ManagementePowerSvc.exe

O23 - Service: EpsonBidirectionalService - SEIKO EPSON CORPORATION - C:Program Files (x86)Common FilesEPSONEBAPIeEBSVC.exe

O23 - Service: EpsonCustomerResearchParticipation - SEIKO EPSON CORPORATION - C:Program FilesEPSONEpsonCustomerResearchParticipationEPCP

O23 - Service: EpsonCustomerResearchParticipation - SEIKO EPSON CORPORATION - C:Program FilesEPSONEpsonCustomerResearchParticipationEPCP.exe

O23 - Service: Epson Scanner Service (EpsonScanSvc) - Unknown owner - C:Windowssystem32EscSvc64.exe (file missing)

O23 - Service: @%systemroot%system32fxsresm.dll,-118 (Fax) - Unknown owner - C:Windowssystem32fxssvc.exe (file missing)

O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:Program Files (x86)Common FilesMacrovision SharedFLEXnet PublisherFNPLicensingService.exe

O23 - Service: GREGService - Acer Incorporated - C:Program Files (x86)AcerRegistrationGREGsvc.exe

O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:Program Files (x86)GoogleUpdateGoogleUpdate.exe

O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:Program Files (x86)GoogleUpdateGoogleUpdate.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:Program Files (x86)Common FilesInstallShieldDriver11Intel 32IDriverT.exe

O23 - Service: @%SystemRoot%system32ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:Windowssystem32IEEtwCollector.exe (file missing)

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:Windowssystem32lsass.exe (file missing)

O23 - Service: Live Updater Service - Acer Incorporated - C:Program FilesAcerAcer UpdaterUpdaterService.exe

O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:Program Files (x86)Malwarebytes Anti-Malwarembamscheduler.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:Program Files (x86)Malwarebytes Anti-Malwarembamservice.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:Program Files (x86)Mozilla Maintenance Servicemaintenanceservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:WindowsSystem32msdtc.exe (file missing)

O23 - Service: Nero BackItUp Scheduler 4.0 - Unknown owner - C:Program Files (x86)Common FilesNeroNero BackItUp 4NBService.exe (file missing)

O23 - Service: @%SystemRoot%System32netlogon.dll,-102 (Netlogon) - Unknown owner - C:Windowssystem32lsass.exe (file missing)

O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:Windowssystem32GameMon.des.exe (file missing)

O23 - Service: NTI IScheduleSvc - NTI Corporation - C:Program Files (x86)NTIAcer Backup ManagerIScheduleSvc.exe

O23 - Service: PandoraService (PanService) - Unknown owner - C:Program Files (x86)PANDORA.TVPanServicePandoraService.exe (file missing)

O23 - Service: @%systemroot%system32psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:Windowssystem32lsass.exe (file missing)

O23 - Service: @%systemroot%system32Locator.exe,-2 (RpcLocator) - Unknown owner - C:Windowssystem32locator.exe (file missing)

O23 - Service: @%SystemRoot%system32samsrv.dll,-1 (SamSs) - Unknown owner - C:Windowssystem32lsass.exe (file missing)

O23 - Service: @%SystemRoot%system32snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:WindowsSystem32snmptrap.exe (file missing)

O23 - Service: @%systemroot%system32spoolsv.exe,-1 (Spooler) - Unknown owner - C:WindowsSystem32spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%system32sppsvc.exe,-101 (sppsvc) - Unknown owner - C:Windowssystem32sppsvc.exe (file missing)

O23 - Service: Steam Client Service - Valve Corporation - C:Program Files (x86)Common FilesSteamSteamService.exe

O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:Program Files (x86)Common FilesAdobeSwitchBoardSwitchBoard.exe

O23 - Service: @%SystemRoot%system32ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:Windowssystem32UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%system32vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:Windowssystem32lsass.exe (file missing)

O23 - Service: @%SystemRoot%system32vds.exe,-100 (vds) - Unknown owner - C:WindowsSystem32vds.exe (file missing)

O23 - Service: @%systemroot%system32vssvc.exe,-102 (VSS) - Unknown owner - C:Windowssystem32vssvc.exe (file missing)

O23 - Service: @%SystemRoot%system32WatWatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:Windowssystem32WatWatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%system32wbengine.exe,-104 (wbengine) - Unknown owner - C:Windowssystem32wbengine.exe (file missing)

O23 - Service: @%Systemroot%system32wbemwmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:Windowssystem32wbemWmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%Windows Media Playerwmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:Program Files (x86)Windows Media Playerwmpnetwk.exe (file missing)

--
End of file - 16607 bytes

# AdwCleaner v4.101 - Report created 12/11/2014 at 14:45:00

# Updated 09/11/2014 by Xplode
# Database : 2014-11-11.2 [Live]

# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

# Username : Cheater - CHEATER-PC

# Running from : C:UsersCheaterDownloadsadwcleaner_4.101.exe

# Option : Scan

• **** [ Services ] *****
• **** [ Files / Folders ] *****
• **** [ Scheduled Tasks ] *****
• **** [ Shortcuts ] *****
• **** [ Registry ] *****

Value Found : HKCUSoftwareMicrosoftInternet ExplorerMain [ICQ Search]

• **** [ Browsers ] *****

- Internet Explorer v11.0.9600.17344
- Mozilla Firefox v33.0.3 (x86 cs)
- Google Chrome v34.0.1847.116
- Chromium v
- Comodo Dragon v

• ************************

AdwCleaner[R0].txt - [35737 octets] - [10/11/2014 19:53:45]

AdwCleaner[R1].txt - [1126 octets] - [10/11/2014 22:51:35]

AdwCleaner[R2].txt - [904 octets] - [12/11/2014 14:45:00]

AdwCleaner[S0].txt - [36601 octets] - [10/11/2014 19:56:17]

########## EOF - C:AdwCleanerAdwCleaner[R2].txt - [1024 octets] ##########

Hmm to je zaneřáděný :

pro začátek fixni v tom hijackrhisu tohle:

R3 - URLSearchHook: (no name) - - (no file)

O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:Program Files (x86)MicrosoftBingBarBingExt.dll" (file missing)

O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:Program Files (x86)MicrosoftBingBarBingExt.dll" (file missing)

Visitor's assessment Analyzerdetails

O3 - Toolbar: Yandex.Bar - {91397D20-1446-11D4-8AF4-0040CA1127B6} - C:Program Files (x86)YandexYandexBarIEyndbar.dll

O4 - HKUSS-1-5-19..Run: [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUSS-1-5-19..RunOnce: [mctadmin] C:WindowsSystem32mctadmin.exe (User 'LOCAL SERVICE')

O10 - Unknown file in Winsock LSP: c:program files (x86)common filesmicrosoft sharedwindows livewlidnsp.dll

O10 - Unknown file in Winsock LSP: c:program files (x86)common filesmicrosoft sharedwindows livewlidnsp.dll

------------------------------------------------------------

Pak
stáhni si RogueKiller
pro 64bit :

http://www.sur-la-toile.com/RogueKiller/RogueKillerX64.exe

na svojí plochu.

- Zavři všechny ostatní programy a prohlížeče.

- Pro OS win7 spusť program RogueKiller.exe jako správce.

- počkej až skončí Prescan -vyhledávání škodlivých procesů.

- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.

- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.

Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

Hotovo, zde je report:

RogueKiller V10.0.5.0 (x64) [Nov 11 2014] by Adlice Software

mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com

Webová stránka : http://www.adlice.com/softwares/roguekiller/

Blog : http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Spuštěno : Nouzový režim s podporou sítě
Uživatel : Cheater [Práva správce]

Mód : Prohledat -- Datum : 11/12/2014 15:17:10

¤¤¤ Procesy : 0 ¤¤¤
¤¤¤ Registry : 21 ¤¤¤

[Suspicious.Path] (X64) HKEY_USERSS-1-5-21-139292476-2330306999-2777936681-1000SoftwareMicrosoftWindowsCurrentVersionRun | cz.seznam.software.autoupdate : "C:UsersCheaterAppDataRoamingSeznam.czszninstall.exe" -c -> Nalezeno

[Suspicious.Path] (X64) HKEY_USERSS-1-5-21-139292476-2330306999-2777936681-1000SoftwareMicrosoftWindowsCurrentVersionRun | cz.seznam.software.szndesktop : "C:UsersCheaterAppDataRoamingSeznam.czbinwszndesktop.exe" -q -> Nalezeno

[Suspicious.Path] (X86) HKEY_USERSS-1-5-21-139292476-2330306999-2777936681-1000SoftwareMicrosoftWindowsCurrentVersionRun | cz.seznam.software.autoupdate : "C:UsersCheaterAppDataRoamingSeznam.czszninstall.exe" -c -> Nalezeno

[Suspicious.Path] (X86) HKEY_USERSS-1-5-21-139292476-2330306999-2777936681-1000SoftwareMicrosoftWindowsCurrentVersionRun | cz.seznam.software.szndesktop : "C:UsersCheaterAppDataRoamingSeznam.czbinwszndesktop.exe" -q -> Nalezeno

[PUM.HomePage] (X64) HKEY_USERSS-1-5-21-139292476-2330306999-2777936681-1000SoftwareMicrosoftInternet ExplorerMain | Start Page : http://www.seznam.cz/ -> Nalezeno

[PUM.HomePage] (X86) HKEY_USERSS-1-5-21-139292476-2330306999-2777936681-1000SoftwareMicrosoftInternet ExplorerMain | Start Page : http://www.seznam.cz/ -> Nalezeno

[PUM.Dns] (X64) HKEY_LOCAL_MACHINESystemCurrentControlSetServicesTcpipParameters | DhcpNameServer : 213.46.172.36 213.46.172.37 [CZECH REPUBLIC (CZ)][CZECH REPUBLIC (CZ)] -> Nalezeno

[PUM.Dns] (X64) HKEY_LOCAL_MACHINESystemControlSet001ServicesTcpipParameters | DhcpNameServer : 213.46.172.36 213.46.172.37 [CZECH REPUBLIC (CZ)][CZECH REPUBLIC (CZ)] -> Nalezeno

[PUM.Dns] (X64) HKEY_LOCAL_MACHINESystemControlSet002ServicesTcpipParameters | DhcpNameServer : 213.46.172.36 213.46.172.37 [CZECH REPUBLIC (CZ)][CZECH REPUBLIC (CZ)] -> Nalezeno

[PUM.Dns] (X64) HKEY_LOCAL_MACHINESystemCurrentControlSetServicesTcpipParametersInterfaces{0BB70712-E775-4496-B35B-4EFEDF8D4136} | DhcpNameServer : 213.46.172.36 213.46.172.37 [CZECH REPUBLIC (CZ)][CZECH REPUBLIC (CZ)] -> Nalezeno

[PUM.Dns] (X64) HKEY_LOCAL_MACHINESystemCurrentControlSetServicesTcpipParametersInterfaces{CE765B86-9D75-4CED-A60D-78961BC203E4} | DhcpNameServer : 213.46.172.36 213.46.172.37 [CZECH REPUBLIC (CZ)][CZECH REPUBLIC (CZ)] -> Nalezeno

[PUM.Dns] (X64) HKEY_LOCAL_MACHINESystemControlSet001ServicesTcpipParametersInterfaces{0BB70712-E775-4496-B35B-4EFEDF8D4136} | DhcpNameServer : 213.46.172.36 213.46.172.37 [CZECH REPUBLIC (CZ)][CZECH REPUBLIC (CZ)] -> Nalezeno

[PUM.Dns] (X64) HKEY_LOCAL_MACHINESystemControlSet001ServicesTcpipParametersInterfaces{CE765B86-9D75-4CED-A60D-78961BC203E4} | DhcpNameServer : 213.46.172.36 213.46.172.37 [CZECH REPUBLIC (CZ)][CZECH REPUBLIC (CZ)] -> Nalezeno

[PUM.Dns] (X64) HKEY_LOCAL_MACHINESystemControlSet002ServicesTcpipParametersInterfaces{0BB70712-E775-4496-B35B-4EFEDF8D4136} | DhcpNameServer : 213.46.172.36 213.46.172.37 [CZECH REPUBLIC (CZ)][CZECH REPUBLIC (CZ)] -> Nalezeno

[PUM.Dns] (X64) HKEY_LOCAL_MACHINESystemControlSet002ServicesTcpipParametersInterfaces{CE765B86-9D75-4CED-A60D-78961BC203E4} | DhcpNameServer : 213.46.172.36 213.46.172.37 [CZECH REPUBLIC (CZ)][CZECH REPUBLIC (CZ)] -> Nalezeno

[PUM.StartMenu] (X64) HKEY_USERSS-1-5-21-139292476-2330306999-2777936681-1000SoftwareMicrosoftWindowsCurrentVersionExplorerAdvanced | Start_TrackProgs : 0 -> Nalezeno

[PUM.StartMenu] (X86) HKEY_USERSS-1-5-21-139292476-2330306999-2777936681-1000SoftwareMicrosoftWindowsCurrentVersionExplorerAdvanced | Start_TrackProgs : 0 -> Nalezeno

[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionExplorerHideDesktopIconsNewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nalezeno

[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionExplorerHideDesktopIconsNewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Nalezeno

[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionExplorerHideDesktopIconsNewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nalezeno

[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionExplorerHideDesktopIconsNewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Nalezeno

¤¤¤ Úlohy : 0 ¤¤¤
¤¤¤ Soubory : 0 ¤¤¤
¤¤¤ Soubor HOSTS : 21 ¤¤¤

[C:WindowsSystem32driversetchosts] 127.0.0.1 activate.adobe.com

[C:WindowsSystem32driversetchosts] 127.0.0.1 practivate.adobe.com

[C:WindowsSystem32driversetchosts] 127.0.0.1 ereg.adobe.com

[C:WindowsSystem32driversetchosts] 127.0.0.1 activate.wip3.adobe.com

[C:WindowsSystem32driversetchosts] 127.0.0.1 wip3.adobe.com

[C:WindowsSystem32driversetchosts] 127.0.0.1 3dns-3.adobe.com

[C:WindowsSystem32driversetchosts] 127.0.0.1 3dns-2.adobe.com

[C:WindowsSystem32driversetchosts] 127.0.0.1 adobe-dns.adobe.com

[C:WindowsSystem32driversetchosts] 127.0.0.1 adobe-dns-2.adobe.com

[C:WindowsSystem32driversetchosts] 127.0.0.1 adobe-dns-3.adobe.com

[C:WindowsSystem32driversetchosts] 127.0.0.1 ereg.wip3.adobe.com

[C:WindowsSystem32driversetchosts] 127.0.0.1 activate-sea.adobe.com

[C:WindowsSystem32driversetchosts] 127.0.0.1 wwis-dubc1-vip60.adobe.com

[C:WindowsSystem32driversetchosts] 127.0.0.1

[C:WindowsSystem32driversetchosts] 127.0.0.1 adobe.activate.com

[C:WindowsSystem32driversetchosts] 127.0.0.1 adobeereg.com

[C:WindowsSystem32driversetchosts] 127.0.0.1 www.adobeereg.com

[C:WindowsSystem32driversetchosts] 127.0.0.1 wwis-dubc1-vip60.adobe.com

[C:WindowsSystem32driversetchosts] 127.0.0.1 125.252.224.90

[C:WindowsSystem32driversetchosts] 127.0.0.1 125.252.224.91

[C:WindowsSystem32driversetchosts] 127.0.0.1 hl2rcv.adobe.com

¤¤¤ Antirootkit : 0 (Driver: Nenahrán [0xc000035f]) ¤¤¤

¤¤¤ Webové prohlížeče : 1 ¤¤¤

[PUM.HomePage][FIREFX:Config] 23p9c3os.default-1399303423694 : user_pref("browser.startup.homepage", "http://www.seznam.cz/"); -> Nalezeno

¤¤¤ Kontrola MBR : ¤¤¤

+++++ PhysicalDrive0: TOSHIBA MK7559GSXP SATA Disk Device +++++

--- User ---
[MBR] ccd6c7e3a3c90e660e83fa11b0e30263

[BSP] 4ae219594e2362c2c6b63ead0f41b9c4 : HP MBR Code

Partition table:

0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 14500 MB

1 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 29698048 | Size: 100 MB

2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 29902848 | Size: 700802 MB

User = LL1 ... OK
User = LL2 ... OK

Ok, tak a teď zavři všechny programy a prohlížeče.

Deaktivuj antivir a firewall.

Odpoj všechny USB nebo externí disky z počítače před spuštěním tohoto programu.

Spusť RogueKiller ( Pro Windows 7, klepni pravým a vyber "Spustit jako správce".

- Počkej, až Prescan dokončí práci...

- Počkej, dokud status okno zobrazuje "Prohledat "

- V záložkách (Registry , Tasks , Web Browser apod.) vše zatrhni (dej zatržítka).

- Klikni na "Smazat"

- Počkej, dokud Status box zobrazuje " Mazání dokončeno "

- Klikni na "Zpráva" a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.

- Zavři RogueKiller

Je to tak správně?

RogueKiller V10.0.5.0 (x64) [Nov 11 2014] by Adlice Software

mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com

Webová stránka : http://www.adlice.com/softwares/roguekiller/

Blog : http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Spuštěno : Nouzový režim s podporou sítě
Uživatel : Cheater [Práva správce]

Mód : Smazat -- Datum : 11/12/2014 20:29:48

¤¤¤ Procesy : 0 ¤¤¤
¤¤¤ Registry : 17 ¤¤¤

[PUM.HomePage] (X64) HKEY_USERSS-1-5-21-139292476-2330306999-2777936681-1000SoftwareMicrosoftInternet ExplorerMain | Start Page : http://go.microsoft.com/fwlink/p/?LinkId=255141 -> Nahrazeno (http://go.microsoft.com/fwlink/p/?LinkId=255141)

[PUM.HomePage] (X86) HKEY_USERSS-1-5-21-139292476-2330306999-2777936681-1000SoftwareMicrosoftInternet ExplorerMain | Start Page : http://go.microsoft.com/fwlink/p/?LinkId=255141 -> Nahrazeno (http://go.microsoft.com/fwlink/p/?LinkId=255141)

[PUM.Dns] (X64) HKEY_LOCAL_MACHINESystemCurrentControlSetServicesTcpipParameters | DhcpNameServer : [CZECH REPUBLIC (CZ)][CZECH REPUBLIC (CZ)] -> Nahrazeno ()

[PUM.Dns] (X64) HKEY_LOCAL_MACHINESystemControlSet001ServicesTcpipParameters | DhcpNameServer : [CZECH REPUBLIC (CZ)][CZECH REPUBLIC (CZ)] -> Nahrazeno ()

[PUM.Dns] (X64) HKEY_LOCAL_MACHINESystemControlSet002ServicesTcpipParameters | DhcpNameServer : [CZECH REPUBLIC (CZ)][CZECH REPUBLIC (CZ)] -> Nahrazeno ()

[PUM.Dns] (X64) HKEY_LOCAL_MACHINESystemCurrentControlSetServicesTcpipParametersInterfaces{0BB70712-E775-4496-B35B-4EFEDF8D4136} | DhcpNameServer : [CZECH REPUBLIC (CZ)][CZECH REPUBLIC (CZ)] -> Nahrazeno ()

[PUM.Dns] (X64) HKEY_LOCAL_MACHINESystemCurrentControlSetServicesTcpipParametersInterfaces{CE765B86-9D75-4CED-A60D-78961BC203E4} | DhcpNameServer : [CZECH REPUBLIC (CZ)][CZECH REPUBLIC (CZ)] -> Nahrazeno ()

[PUM.Dns] (X64) HKEY_LOCAL_MACHINESystemControlSet001ServicesTcpipParametersInterfaces{0BB70712-E775-4496-B35B-4EFEDF8D4136} | DhcpNameServer : [CZECH REPUBLIC (CZ)][CZECH REPUBLIC (CZ)] -> Nahrazeno ()

[PUM.Dns] (X64) HKEY_LOCAL_MACHINESystemControlSet001ServicesTcpipParametersInterfaces{CE765B86-9D75-4CED-A60D-78961BC203E4} | DhcpNameServer : [CZECH REPUBLIC (CZ)][CZECH REPUBLIC (CZ)] -> Nahrazeno ()

[PUM.Dns] (X64) HKEY_LOCAL_MACHINESystemControlSet002ServicesTcpipParametersInterfaces{0BB70712-E775-4496-B35B-4EFEDF8D4136} | DhcpNameServer : [CZECH REPUBLIC (CZ)][CZECH REPUBLIC (CZ)] -> Nahrazeno ()

[PUM.Dns] (X64) HKEY_LOCAL_MACHINESystemControlSet002ServicesTcpipParametersInterfaces{CE765B86-9D75-4CED-A60D-78961BC203E4} | DhcpNameServer : [CZECH REPUBLIC (CZ)][CZECH REPUBLIC (CZ)] -> Nahrazeno ()

[PUM.StartMenu] (X64) HKEY_USERSS-1-5-21-139292476-2330306999-2777936681-1000SoftwareMicrosoftWindowsCurrentVersionExplorerAdvanced | Start_TrackProgs : 1 -> Nahrazeno (1)

[PUM.StartMenu] (X86) HKEY_USERSS-1-5-21-139292476-2330306999-2777936681-1000SoftwareMicrosoftWindowsCurrentVersionExplorerAdvanced | Start_TrackProgs : 1 -> Nahrazeno (1)

[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionExplorerHideDesktopIconsNewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 0 -> Nahrazeno (0)

[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionExplorerHideDesktopIconsNewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 0 -> Nahrazeno (0)

[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionExplorerHideDesktopIconsNewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 0 -> Nahrazeno (0)

[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionExplorerHideDesktopIconsNewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 0 -> Nahrazeno (0)

¤¤¤ Úlohy : 0 ¤¤¤
¤¤¤ Soubory : 0 ¤¤¤
¤¤¤ Soubor HOSTS : 21 ¤¤¤

[C:WindowsSystem32driversetchosts] 127.0.0.1 activate.adobe.com

[C:WindowsSystem32driversetchosts] 127.0.0.1 practivate.adobe.com

[C:WindowsSystem32driversetchosts] 127.0.0.1 ereg.adobe.com

[C:WindowsSystem32driversetchosts] 127.0.0.1 activate.wip3.adobe.com

[C:WindowsSystem32driversetchosts] 127.0.0.1 wip3.adobe.com

[C:WindowsSystem32driversetchosts] 127.0.0.1 3dns-3.adobe.com

[C:WindowsSystem32driversetchosts] 127.0.0.1 3dns-2.adobe.com

[C:WindowsSystem32driversetchosts] 127.0.0.1 adobe-dns.adobe.com

[C:WindowsSystem32driversetchosts] 127.0.0.1 adobe-dns-2.adobe.com

[C:WindowsSystem32driversetchosts] 127.0.0.1 adobe-dns-3.adobe.com

[C:WindowsSystem32driversetchosts] 127.0.0.1 ereg.wip3.adobe.com

[C:WindowsSystem32driversetchosts] 127.0.0.1 activate-sea.adobe.com

[C:WindowsSystem32driversetchosts] 127.0.0.1 wwis-dubc1-vip60.adobe.com

[C:WindowsSystem32driversetchosts] 127.0.0.1 activate-sjc0.adobe.com

[C:WindowsSystem32driversetchosts] 127.0.0.1 adobe.activate.com

[C:WindowsSystem32driversetchosts] 127.0.0.1 adobeereg.com

[C:WindowsSystem32driversetchosts] 127.0.0.1 www.adobeereg.com

[C:WindowsSystem32driversetchosts] 127.0.0.1 wwis-dubc1-vip60.adobe.com

[C:WindowsSystem32driversetchosts] 127.0.0.1 125.252.224.90

[C:WindowsSystem32driversetchosts] 127.0.0.1 125.252.224.91

[C:WindowsSystem32driversetchosts] 127.0.0.1 hl2rcv.adobe.com

¤¤¤ Antirootkit : 0 (Driver: Nenahrán [0xc000035f]) ¤¤¤

¤¤¤ Webové prohlížeče : 1 ¤¤¤

[PUM.HomePage][FIREFX:Config] 23p9c3os.default-1399303423694 : user_pref("browser.startup.homepage", "http://www.seznam.cz/");

¤¤¤ Kontrola MBR : ¤¤¤

+++++ PhysicalDrive0: TOSHIBA MK7559GSXP SATA Disk Device +++++

--- User ---
[MBR] ccd6c7e3a3c90e660e83fa11b0e30263

[BSP] 4ae219594e2362c2c6b63ead0f41b9c4 : HP MBR Code

Partition table:

0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 14500 MB

1 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 29698048 | Size: 100 MB

2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 29902848 | Size: 700802 MB

User = LL1 ... OK
User = LL2 ... OK

============================================

RKreport_DEL_11122014_202126.log - RKreport_DEL_11122014_202133.log - RKreport_DEL_11122014_202138.log - RKreport_DEL_11122014_202141.log

RKreport_DEL_11122014_202145.log - RKreport_SCN_11122014_151710.log - RKreport_SCN_11122014_202119.log - RKreport_SCN_11122014_202846.log

RKreport_DEL_11122014_202921.log - RKreport_DEL_11122014_202932.log

Stáhni
Zoek.exe
http://hijackthis.nl/smeenk/
a ulož si to na plochu.

Zavři všechny programy, okna i prohlížeče.

Spusť Zoek.exe , u win7 klikni na něj pravým a vyber : „Spustit jako správce“

- pozor, náběh programu může trvat déle.

A do okna programu vlož tohle (skopíruj to a vlož):

autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts;
-----------------------------
Po té klikni na Run Script

Program provede sken, opravu, sken i oprava může trvat i déle, je třeba počkat do konce. Do okna neklikej!

Program nabídne restart , potvrď .

Po restartu se může nějaký čas ukázat pouze černá plocha , to je normální. Je třeba počkat až se vytvoří log. Ten si můžeš uložit třeba do dokumentů, jinak se sám ukládá do:

C:zoek-results.log
Zkopíruj sem celý obsah toho logu

Zoek.exe v5.0.0.0 Updated 11-November-2014

Tool run by Cheater on st 12.11.2014 at 21:10:34,32.

Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64

Running in: Safe Mode NETWORK Internet Access Detected

Launched: C:UsersCheaterDesktopzoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.

#

# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.

#

# This file contains the mappings of IP addresses to host names. Each

# entry should be kept on an individual line. The IP address should

# be placed in the first column followed by the corresponding host name.

# The IP address and the host name should be separated by at least one

# space.
#

# Additionally, comments (such as these) may be inserted on individual

# lines or following the machine name denoted by a '#' symbol.

#
# For example:
#

# 102.54.94.97 rhino.acme.com # source server

# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.

127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================

HKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCurrentVersionExtStats{8DCB7100-DF86-4384-8842-8FA844297B3F} deleted successfully

HKEY_USERSS-1-5-21-139292476-2330306999-2777936681-1000SoftwareMicrosoftWindowsCurrentVersionExtStats{8DCB7100-DF86-4384-8842-8FA844297B3F} deleted successfully

HKEY_USERSS-1-5-21-139292476-2330306999-2777936681-1000SoftwareMicrosoftWindowsCurrentVersionExtSettings{8DCB7100-DF86-4384-8842-8FA844297B3F} deleted successfully

HKEY_USERSS-1-5-21-139292476-2330306999-2777936681-1000SoftwareMicrosoftWindowsCurrentVersionExtStats{69e41099-fef0-4da5-84f6-d8351190a16d} deleted successfully

HKEY_USERSS-1-5-21-139292476-2330306999-2777936681-1000SoftwareMicrosoftWindowsCurrentVersionExtSettings{69e41099-fef0-4da5-84f6-d8351190a16d} deleted successfully

HKEY_USERSS-1-5-21-139292476-2330306999-2777936681-1000SoftwareMicrosoftWindowsCurrentVersionExtStats{ff4ccf29-6f76-430d-a667-a4662a859992} deleted successfully

HKEY_USERSS-1-5-21-139292476-2330306999-2777936681-1000SoftwareMicrosoftWindowsCurrentVersionExtSettings{ff4ccf29-6f76-430d-a667-a4662a859992} deleted successfully

HKEY_USERSS-1-5-21-139292476-2330306999-2777936681-1000SoftwareMicrosoftWindowsCurrentVersionExtStats{91dff0b7-3943-4da0-a991-3194aab5effe} deleted successfully

HKEY_USERSS-1-5-21-139292476-2330306999-2777936681-1000SoftwareMicrosoftWindowsCurrentVersionExtSettings{91dff0b7-3943-4da0-a991-3194aab5effe} deleted successfully

HKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCurrentVersionExtSettings{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully

HKEY_USERSS-1-5-21-139292476-2330306999-2777936681-1000SoftwareMicrosoftWindowsCurrentVersionExtSettings{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} deleted successfully

HKEY_USERSS-1-5-21-139292476-2330306999-2777936681-1000SoftwareMicrosoftWindowsCurrentVersionExtStats{D2CE3E00-F94A-4740-988E-03DC2F38C34F} deleted successfully

HKEY_USERSS-1-5-21-139292476-2330306999-2777936681-1000SoftwareMicrosoftWindowsCurrentVersionExtSettings{D2CE3E00-F94A-4740-988E-03DC2F38C34F} deleted successfully

HKEY_USERSS-1-5-21-139292476-2330306999-2777936681-1000SoftwareMicrosoftWindowsCurrentVersionExtSettings{32004B8A-44A9-43E7-84E9-808838809519} deleted successfully

HKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCurrentVersionExtStats{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} deleted successfully

HKEY_CLASSES_ROOTWow6432NodeCLSID{8DCB7100-DF86-4384-8842-8FA844297B3F} deleted successfully

HKEY_CLASSES_ROOTWow6432NodeCLSID{69e41099-fef0-4da5-84f6-d8351190a16d} deleted successfully

HKEY_CLASSES_ROOTWow6432NodeCLSID{ff4ccf29-6f76-430d-a667-a4662a859992} deleted successfully

HKEY_CLASSES_ROOTWow6432NodeCLSID{91dff0b7-3943-4da0-a991-3194aab5effe} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS.DEFAULTSoftwareMicrosoftInternet ExplorerApproved Extensions{8DCB7100-DF86-4384-8842-8FA844297B3F} deleted successfully

HKEY_USERSS-1-5-21-139292476-2330306999-2777936681-1000SoftwareMicrosoftInternet ExplorerToolbarWebBrowser{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully

HKEY_USERS.DEFAULTSoftwareMicrosoftInternet ExplorerApproved Extensions{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully

HKEY_USERS.DEFAULTSoftwareMicrosoftInternet ExplorerApproved Extensions{D2CE3E00-F94A-4740-988E-03DC2F38C34F} deleted successfully

HKEY_USERS.DEFAULTSoftwareMicrosoftInternet ExplorerApproved Extensions{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} deleted successfully

HKEY_USERSS-1-5-21-139292476-2330306999-2777936681-1000SoftwareMicrosoftInternet ExplorerToolbarWebBrowser{90B49673-5506-483E-B92B-CA0265BD9CA8} deleted successfully

==== Deleting Services ======================

==== FireFox Fix ======================

Deleted from C:UsersCheaterAppDataRoamingMozillaFirefoxProfiles23p9c3os.default-1399303423694prefs.js:

user_pref("browser.startup.homepage", "http://www.seznam.cz/");

Added to C:UsersCheaterAppDataRoamingMozillaFirefoxProfiles23p9c3os.default-1399303423694prefs.js:

user_pref("browser.startup.homepage", "http://www.google.com");

user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");

user_pref("browser.newtab.url", "http://www.google.com/");

user_pref("browser.search.defaultengine", "Google");

user_pref("browser.search.defaultenginename", "Google");

user_pref("browser.search.selectedEngine", "Google");

user_pref("browser.search.order.1", "Google");

user_pref("keyword.URL", "http://www.google.com/search?btnG=Go