Vir URL:Mail - kaatsha

[kaatsha]

Dobrý den,
mám dost podobný problém. Dle předchozí rady jsem stáhla AdwCleaner a po proskanování a vyčištění mi to vyjelo toto (po restartování PC, ale Avast opět nahlásil vir):
# AdwCleaner v3.211 - Report created 29/05/2014 at 21:57:02
# Updated 26/05/2014 by Xplode
# Operating System : Windows 8.1 (64 bits)
# Username : Kateřina Ulrichová - KAATSHA
# Running from : E:\adwcleaner_3.211.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : iSafeKrnl
Service Deleted : iSafeNetFilter
[#] Service Deleted : iSafeService

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Flash Player Pro
Folder Deleted : C:\Program Files (x86)\Flash Player Pro
[!] Folder Deleted : C:\Program Files (x86)\iSafe
Folder Deleted : C:\Program Files (x86)\BS_Player_ControlBar
Folder Deleted : C:\Users\KATEIN~1\AppData\Local\Temp\BS_Player_ControlBar
Folder Deleted : C:\Users\Kateřina Ulrichová\AppData\LocalLow\BS_Player_ControlBar
Folder Deleted : C:\Users\Kateřina Ulrichová\AppData\Roaming\eCyber
Folder Deleted : C:\Users\Kateřina Ulrichová\AppData\Roaming\iSafe
Folder Deleted : C:\Users\Kateřina Ulrichová\Documents\Flash Player Pro

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT1750559
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{055DD326-956C-4827-9467-A172509E81B3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{055DD326-956C-4827-9467-A172509E81B3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{784524F8-DADF-4C96-B9D3-F6251DF59373}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8B72A06-A2B6-4E4D-BE78-D36807765631}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}
Key Deleted : HKCU\Software\V9
Key Deleted : HKCU\Software\AppDataLow\Software
Key Deleted : HKLM\Software\iSafe
Key Deleted : HKLM\Software\BS_Player_ControlBar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\iSafe

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17037


-\\ Google Chrome v35.0.1916.114

[ File : C:\Users\Kateřina Ulrichová\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Startup_urls] : hxxp://isearch.babylon.com/?affID=120348&babsrc=HP_ss&mntrId=de2a9181000000000000dca971423c4b
Deleted [Extension] : pljcgbedjplidkdjahbaalanadmjfgop

*************************

AdwCleaner[R0].txt - [4375 octets] - [29/05/2014 21:53:57]
AdwCleaner[S0].txt - [4228 octets] - [29/05/2014 21:57:02]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4288 octets] ##########

Předem moc díky za jakoukoliv radu!

[vyosek]

Zdravim

Tema jsem Vam oddelil, at se nam to neplete

Dejte prosim log z FRST http://forum.viry.cz/viewtopic.php?f=13&t=133100

[kaatsha]

Zdravím, jela jsem podle rad z předchozího tématu a projela jsem počítač programem Malwarebytes Anti-Malware - našel 12 hrozeb, které jsem přesunula do truhly a zdá se být vše v pořádku. Avast mi už žádný problém nehlásí, programy se mi stahují normálně, stejně jako se v pořádku zobrazují webové adresy.

Myslíte, že je vše opravu zažehnáno? Nebo mám pro jistotu vyjet log z FRST?

Děkuji, Katka

[vyosek]

Nejlepe, kdyz mi date log z MBAM, at vim co mazal

A FRST pak tez dejte, mrknem na nejake pripadne zbytecnosti a zbytky