NTB plný havěti

[papperwing]

Dobrý den,

před pár dny mi windows defender zahlási, že mám v pc malware. Po odkliknutí clean, to bylo do konce dne v pořádku. Nyní se zdá, že mám nootebook plný havěti, jako reklamná addony a WD neustále hlásí nějaké trojské koně. Mohl bych poprosit o pomoc s vyčištěním?

Zde príkládám RSIT:

Logfile of random's system information tool 1.10 (written by random/random)
Run by jakub_000 at 2015-08-04 07:35:30
Microsoft Windows 8 Pro
System drive C: has 21 GB (7%) free of 300 GB
Total RAM: 4030 MB (61% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:35:38, on 4. 8. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.17377)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\jakub_000.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkID= ... M%3DIE8SRC
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O4 - HKLM\..\Run: [EaseUS EPM tray] C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.5\bin\EpmNews.exe
O4 - HKLM\..\Run: [EaseUS EPM Tray Agent] "C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.5\bin\TrayPopupE\TrayTipAgentE.exe"
O4 - HKCU\..\Run: [EADM] "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Google Update] "C:\Users\jakub_000\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Dropbox Update] "C:\Users\jakub_000\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files (x86)\CCleaner\CCleaner64.exe" /MONITOR
O4 - Startup: Dropbox.lnk = jakub_000\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: EvernoteClipper.lnk = C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
O8 - Extra context menu item: Clip bookmark - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=0
O8 - Extra context menu item: Clip image - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=4
O8 - Extra context menu item: Clip selection - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=3
O8 - Extra context menu item: Clip this page - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=1
O8 - Extra context menu item: New note - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\NewNote.html
O8 - Extra context menu item: Nová poznámka - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\NewNote.html
O8 - Extra context menu item: Oříznout tuto stránku - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1
O8 - Extra context menu item: Vystřihnout obrázek - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=4
O8 - Extra context menu item: Vystřihnout URL - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0
O8 - Extra context menu item: Výběr oříznutí - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html (file missing)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs:
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Unknown owner - C:\windows\system32\AdminService.exe (file missing)
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: @%ProgramFiles%\Windows Identity Foundation\v3.5\c2wtsres.dll,-1000 (c2wts) - Unknown owner - C:\Program Files (x86)\Windows Identity Foundation\v3.5\c2wtshost.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8678 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
winlogon.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
"dwm.exe"
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\windows\system32\rundll32.exe" "c:\Program Files (x86)\SegmentReliever\SegmentReliever.dll",serv
"C:\windows\system32\rundll32.exe" "c:\Program Files (x86)\SegmentReliever\SegmentReliever.dll",serv
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\windows\system32\AdminService.exe
dashost.exe {8c7b86ae-3ea1-488c-bb89d4714c32847a}
C:\windows\SysWOW64\PnkBstrA.exe
"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
C:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
"C:\Program Files\Windows Defender\MsMpEng.exe"
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-3e7c0caf-9490-487f-af62-7465e08b7abf -SystemEventPortName:HostProcess-a8c7eea9-11c8-4f38-be00-4d68828de9d7 -IoCancelEventPortName:HostProcess-e2edb4e2-310f-4fcb-a996-f3e3d5fa18d5 -NonStateChangingEventPortName:HostProcess-660d6f91-70fe-43f7-a0cf-ab3525dbacfc -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:91b3ba25-f057-472c-a25f-68ffa1d4758a -DeviceGroupId:WudfDefaultDevicePool
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\windows\system32\SearchIndexer.exe /Embedding
taskhost.exe
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
taskhostex.exe
C:\windows\Explorer.EXE
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server
C:\Windows\System32\RuntimeBroker.exe -Embedding
taskhost.exe $(Arg0)

"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files (x86)\CCleaner\CCleaner.exe" /MONITOR /uac
C:\windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\windows\system32\wbem\wmiprvse.exe
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\windows\system32\SearchFilterHost.exe" 0 568 572 580 65536 576
"C:\Users\jakub_000\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\windows\tasks\DropboxUpdateTaskUserS-1-5-21-164938143-4175652460-2459810496-1001Core.job - C:\Users\jakub_000\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c
C:\windows\tasks\DropboxUpdateTaskUserS-1-5-21-164938143-4175652460-2459810496-1001UA.job - C:\Users\jakub_000\AppData\Local\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-164938143-4175652460-2459810496-1001Core.job - C:\Users\jakub_000\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-164938143-4175652460-2459810496-1001UA.job - C:\Users\jakub_000\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\jakub_000\AppData\Roaming\Mozilla\Firefox\Profiles\0zrrz33f.default-1423126443143

prefs.js - "browser.startup.homepage" - "about:home"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.209 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=2.1.7]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.21.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\windows\SysWOW64\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.6]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.209 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.31.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.31.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll


C:\Users\jakub_000\AppData\Roaming\Mozilla\Firefox\Profiles\0zrrz33f.default-1423126443143\extensions\
joegwkjnmeca_nof@idmdm_nbukdbhg.org
M@IBrBse.edu

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2013-11-07 171992]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2013-11-07 399832]
"Persistence"=C:\windows\system32\igfxpers.exe [2013-11-07 442328]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"EADM"=C:\Program Files (x86)\Origin\Origin.exe [2014-12-26 3618648]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2015-06-04 2892992]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-03-14 3672640]
"Google Update"=C:\Users\jakub_000\AppData\Local\Google\Update\GoogleUpdate.exe [2013-08-12 116648]
"Dropbox Update"=C:\Users\jakub_000\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-24 134512]
"CCleaner Monitoring"=C:\Program Files (x86)\CCleaner\CCleaner64.exe [2015-07-17 8418584]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"EaseUS EPM tray"=C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.5\bin\EpmNews.exe [2015-04-14 2089056]
"EaseUS EPM Tray Agent"=C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.5\bin\TrayPopupE\TrayTipAgentE.exe [2014-11-18 255072]

C:\Users\jakub_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\jakub_000\AppData\Roaming\Dropbox\bin\Dropbox.exe
EvernoteClipper.lnk - C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2013-11-07 442880]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-08-04 07:35:30 ----D---- C:\rsit
2015-08-03 22:19:17 ----D---- C:\Program Files (x86)\MyDeAlBox
2015-08-03 22:19:03 ----D---- C:\Program Files (x86)\MyDeAAlBBox
2015-08-03 22:18:46 ----D---- C:\Program Files (x86)\MyDealBoxx
2015-08-03 22:18:42 ----A---- C:\Program Files (x86)\prefs.js
2015-08-03 22:18:29 ----D---- C:\Program Files (x86)\Viewport Resizer
2015-07-30 09:42:46 ----D---- C:\Program Files (x86)\MyuProicueCuut
2015-07-30 09:42:34 ----D---- C:\Program Files (x86)\PDF Converter Start
2015-07-30 09:42:17 ----D---- C:\Program Files (x86)\MyPriceCuute
2015-07-30 09:41:57 ----D---- C:\Program Files (x86)\MyPriceeCut
2015-07-28 21:25:40 ----HD---- C:\windows\msdownld.tmp
2015-07-27 16:43:07 ----D---- C:\Program Files (x86)\Heroes of the Storm
2015-07-21 08:35:53 ----A---- C:\windows\SYSWOW64\atmlib.dll
2015-07-21 08:35:53 ----A---- C:\windows\SYSWOW64\atmfd.dll
2015-07-21 08:35:53 ----A---- C:\windows\system32\atmlib.dll
2015-07-21 08:35:53 ----A---- C:\windows\system32\atmfd.dll
2015-07-19 15:56:05 ----D---- C:\Users\jakub_000\AppData\Roaming\Steam
2015-07-15 15:18:31 ----A---- C:\windows\system32\kerberos.dll
2015-07-15 15:18:30 ----A---- C:\windows\SYSWOW64\kerberos.dll
2015-07-15 15:18:30 ----A---- C:\windows\system32\rpcrt4.dll
2015-07-15 15:18:29 ----A---- C:\windows\SYSWOW64\msv1_0.dll
2015-07-15 15:18:29 ----A---- C:\windows\system32\msv1_0.dll
2015-07-15 15:18:29 ----A---- C:\windows\system32\drivers\mrxsmb20.sys
2015-07-15 15:18:28 ----A---- C:\windows\system32\drivers\mrxsmb10.sys
2015-07-15 15:18:28 ----A---- C:\windows\system32\drivers\ksecpkg.sys
2015-07-15 15:18:27 ----A---- C:\windows\SYSWOW64\rpcrt4.dll
2015-07-15 15:18:27 ----A---- C:\windows\system32\SHCore.dll
2015-07-15 15:18:26 ----A---- C:\windows\SYSWOW64\SHCore.dll
2015-07-15 15:18:08 ----A---- C:\windows\system32\drivers\mrxsmb.sys
2015-07-15 15:17:37 ----A---- C:\windows\SYSWOW64\jscript9.dll
2015-07-15 15:17:37 ----A---- C:\windows\system32\jscript9.dll
2015-07-15 15:17:25 ----A---- C:\windows\system32\mshtml.dll
2015-07-15 15:17:23 ----A---- C:\windows\SYSWOW64\mshtml.dll
2015-07-15 15:17:02 ----A---- C:\windows\system32\ieframe.dll
2015-07-15 15:16:59 ----A---- C:\windows\SYSWOW64\ieframe.dll
2015-07-15 15:16:58 ----A---- C:\windows\system32\wininet.dll
2015-07-15 15:16:58 ----A---- C:\windows\system32\urlmon.dll
2015-07-15 15:16:58 ----A---- C:\windows\system32\iertutil.dll
2015-07-15 15:16:57 ----A---- C:\windows\SYSWOW64\urlmon.dll
2015-07-15 15:16:57 ----A---- C:\windows\SYSWOW64\iertutil.dll
2015-07-15 15:16:56 ----A---- C:\windows\SYSWOW64\vbscript.dll
2015-07-15 15:16:56 ----A---- C:\windows\system32\vbscript.dll
2015-07-15 15:16:56 ----A---- C:\windows\system32\msfeeds.dll
2015-07-15 15:16:55 ----A---- C:\windows\SYSWOW64\wininet.dll
2015-07-15 15:16:55 ----A---- C:\windows\SYSWOW64\inetcomm.dll
2015-07-15 15:16:53 ----A---- C:\windows\system32\inetcomm.dll
2015-07-15 15:16:52 ----A---- C:\windows\system32\dxtrans.dll
2015-07-15 15:16:51 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2015-07-15 15:16:51 ----A---- C:\windows\SYSWOW64\iedkcs32.dll
2015-07-15 15:16:51 ----A---- C:\windows\system32\iedkcs32.dll
2015-07-15 15:16:50 ----A---- C:\windows\SYSWOW64\jscript.dll
2015-07-15 15:16:50 ----A---- C:\windows\SYSWOW64\dxtrans.dll
2015-07-15 15:16:50 ----A---- C:\windows\system32\jscript.dll
2015-07-15 15:16:49 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2015-07-15 15:16:49 ----A---- C:\windows\SYSWOW64\dxtmsft.dll
2015-07-15 15:16:49 ----A---- C:\windows\system32\mshtmled.dll
2015-07-15 15:15:44 ----A---- C:\windows\SYSWOW64\ole32.dll
2015-07-15 15:15:44 ----A---- C:\windows\system32\ole32.dll
2015-07-15 15:15:43 ----A---- C:\windows\system32\sppobjs.dll
2015-07-15 15:15:41 ----A---- C:\windows\system32\rdpcorets.dll
2015-07-15 15:15:37 ----A---- C:\windows\system32\twinui.dll
2015-07-15 15:15:36 ----A---- C:\windows\SYSWOW64\twinui.dll
2015-07-15 15:15:34 ----A---- C:\windows\SYSWOW64\msi.dll
2015-07-15 15:15:34 ----A---- C:\windows\system32\msi.dll
2015-07-15 15:15:34 ----A---- C:\windows\system32\authui.dll
2015-07-15 15:15:33 ----A---- C:\windows\SYSWOW64\msiexec.exe
2015-07-15 15:15:33 ----A---- C:\windows\SYSWOW64\authui.dll
2015-07-15 15:15:33 ----A---- C:\windows\system32\msiexec.exe
2015-07-15 15:15:24 ----A---- C:\windows\system32\gdi32.dll
2015-07-15 15:15:23 ----A---- C:\windows\SYSWOW64\gdi32.dll
2015-07-15 15:15:22 ----A---- C:\windows\system32\generaltel.dll
2015-07-15 15:15:22 ----A---- C:\windows\system32\appraiser.dll
2015-07-15 15:15:21 ----A---- C:\windows\system32\invagent.dll
2015-07-15 15:15:21 ----A---- C:\windows\system32\devinv.dll
2015-07-15 15:15:21 ----A---- C:\windows\system32\CompatTelRunner.exe
2015-07-15 15:15:21 ----A---- C:\windows\system32\aeinv.dll
2015-07-15 15:15:20 ----A---- C:\windows\system32\aepdu.dll
2015-07-15 15:15:20 ----A---- C:\windows\system32\acmigration.dll
2015-07-15 15:15:14 ----A---- C:\windows\system32\win32k.sys
2015-07-14 22:56:30 ----D---- C:\Program Files (x86)\Fantastic Worry
2015-07-10 16:16:54 ----D---- C:\Program Files (x86)\Autofill IRCTC Tatkal FormPlugin Extension
2015-07-10 16:16:52 ----D---- C:\ProgramData\7660240785980396194
2015-07-08 16:04:22 ----D---- C:\Program Files (x86)\SegmentReliever
2015-07-07 21:17:25 ----D---- C:\Program Files (x86)\Mozilla Firefox

======List of files/folders modified in the last 1 month======

2015-08-04 07:35:38 ----D---- C:\windows\Prefetch
2015-08-04 07:35:37 ----D---- C:\Program Files\trend micro
2015-08-04 07:34:04 ----D---- C:\Users\jakub_000\AppData\Roaming\vlc
2015-08-04 07:16:16 ----D---- C:\windows\Temp
2015-08-04 07:05:56 ----D---- C:\windows\Inf
2015-08-04 01:35:06 ----D---- C:\windows\Microsoft.NET
2015-08-04 01:33:08 ----D---- C:\windows\system32\sru
2015-08-03 22:28:38 ----D---- C:\windows\system32\Drivers
2015-08-03 22:22:28 ----RD---- C:\Program Files (x86)
2015-08-03 21:19:15 ----D---- C:\windows\AUInstallAgent
2015-08-03 21:18:35 ----HD---- C:\Program Files\WindowsApps
2015-07-30 09:28:28 ----D---- C:\ProgramData\Unity
2015-07-28 22:55:54 ----D---- C:\Users\jakub_000\AppData\Roaming\uTorrent
2015-07-28 21:25:50 ----D---- C:\windows\SYSWOW64\directx
2015-07-28 21:25:40 ----D---- C:\Windows
2015-07-28 21:25:37 ----D---- C:\windows\Logs
2015-07-28 08:02:48 ----D---- C:\Users\jakub_000\AppData\Roaming\Dropbox
2015-07-28 07:31:19 ----D---- C:\windows\system32\config
2015-07-27 23:47:24 ----D---- C:\Program Files (x86)\Hearthstone
2015-07-27 16:49:54 ----D---- C:\ProgramData\Blizzard Entertainment
2015-07-27 16:43:52 ----RD---- C:\windows\System32
2015-07-27 16:43:52 ----A---- C:\windows\system32\PerfStringBackup.INI
2015-07-27 16:39:40 ----D---- C:\Program Files (x86)\Battle.net
2015-07-27 03:46:14 ----D---- C:\windows\WinSxS
2015-07-27 03:40:33 ----D---- C:\windows\system32\catroot2
2015-07-26 13:11:27 ----SHD---- C:\System Volume Information
2015-07-24 17:49:59 ----D---- C:\Program Files (x86)\Steam
2015-07-23 13:46:11 ----D---- C:\windows\debug
2015-07-23 13:37:40 ----D---- C:\windows\SoftwareDistribution
2015-07-23 13:05:01 ----D---- C:\Users\jakub_000\AppData\Roaming\DAEMON Tools Lite
2015-07-23 13:04:54 ----D---- C:\Users\jakub_000\AppData\Roaming\TS3Client
2015-07-23 13:03:11 ----D---- C:\windows\Panther
2015-07-23 13:01:31 ----D---- C:\windows\system32\Tasks
2015-07-23 13:01:28 ----D---- C:\Program Files (x86)\CCleaner
2015-07-21 20:51:29 ----D---- C:\windows\SysWOW64
2015-07-21 12:50:14 ----D---- C:\ProgramData\Package Cache
2015-07-21 08:31:19 ----D---- C:\windows\CbsTemp
2015-07-17 10:55:40 ----D---- C:\Users\jakub_000\AppData\Roaming\Skype
2015-07-16 19:10:46 ----D---- C:\windows\rescache
2015-07-16 08:59:46 ----D---- C:\Program Files\Internet Explorer
2015-07-16 08:59:46 ----D---- C:\Program Files (x86)\Internet Explorer
2015-07-16 08:59:35 ----RD---- C:\windows\ToastData
2015-07-16 08:59:29 ----SD---- C:\windows\system32\CompatTel
2015-07-16 08:59:28 ----D---- C:\windows\system32\wbem
2015-07-16 08:59:28 ----D---- C:\windows\system32\appraiser
2015-07-16 08:59:27 ----D---- C:\windows\apppatch
2015-07-15 21:10:02 ----SHD---- C:\windows\Installer
2015-07-15 20:51:18 ----D---- C:\windows\Tasks
2015-07-15 16:33:19 ----D---- C:\windows\system32\MRT
2015-07-13 23:22:23 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
2015-07-10 16:16:52 ----HD---- C:\ProgramData
2015-07-09 15:06:49 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-06 08:11:06 ----D---- C:\windows\system32\catroot
2015-07-06 07:58:32 ----RSD---- C:\windows\assembly
2015-07-05 12:08:23 ----N---- C:\windows\system32\MpSigStub.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 dtsoftbus01;@oem8.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\windows\System32\drivers\dtsoftbus01.sys [2013-05-01 283200]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\windows\system32\DRIVERS\vwififlt.sys [2012-07-26 64000]
R3 athr;@netathrx.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athrx.sys [2012-06-02 2935808]
R3 BtFilter;BtFilter; C:\windows\system32\DRIVERS\btfilter.sys [2012-02-10 294000]
R3 BthEnum;@tdibth.inf,%BthEnum.DisplayName%;Bluetooth Enumerator Service; C:\windows\System32\drivers\BthEnum.sys [2013-01-09 51712]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2012-07-26 119808]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\windows\System32\Drivers\BTHUSB.sys [2013-01-09 74752]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2013-11-07 5363200]
R3 MEIx64;@oem5.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\windows\System32\drivers\HECIx64.sys [2010-10-19 56344]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\System32\drivers\rfcomm.sys [2013-03-01 156672]
R3 RTL8168;@netrt630x64.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\windows\system32\DRIVERS\Rt630x64.sys [2012-06-02 589824]
R3 SensorsSimulatorDriver;@oem21.inf,%WudfSensorsSimulatorDriverDisplayName%;UMDF Reflector service for SensorsSimulatorDriver; C:\windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 198656]
R3 SNP2UVC;@oem4.inf,%SERVICE_DISPLAY_NAME%;USB2.0 PC Camera (SNP2UVC); C:\windows\system32\DRIVERS\snp2uvc.sys [2012-11-28 1866080]
R3 SynTP;@oem11.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2013-10-30 549104]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\windows\system32\DRIVERS\vwifimp.sys [2012-07-26 17920]
S3 amdkmdag;amdkmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2012-07-26 11926528]
S3 amdkmdap;amdkmdap; C:\windows\system32\DRIVERS\atikmpag.sys [2012-06-29 360448]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\windows\System32\Drivers\BTHport.sys [2013-03-01 1175040]
S3 dg_ssudbus;@oem15.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 epmntdrv;epmntdrv; \??\C:\windows\syswow64\epmntdrv.sys [2014-11-18 14944]
S3 EuGdiDrv;EuGdiDrv; \??\C:\windows\syswow64\EuGdiDrv.sys [2014-11-18 10208]
S3 hamachi;LogMeIn Hamachi Virtual Miniport); C:\windows\system32\DRIVERS\Hamdrv.sys [2013-07-03 46136]
S3 ssudmdm;@oem16.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\windows\System32\Drivers\usbvideo.sys [2013-07-06 210560]
S3 WinUsb;@wpdmtp.inf,%WinUsb.SvcDesc%;WinUsb; C:\windows\System32\drivers\WinUsb.sys [2012-07-26 57344]
S3 WSDPrintDevice;@WSDPrint.Inf,%WSDPrintDevice.SVCDESC%;WSD Print Support; C:\windows\System32\drivers\WSDPrint.sys [2012-07-26 21504]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-07-07 82128]
R2 AtherosSvc;AtherosSvc; C:\windows\system32\AdminService.exe [2012-02-02 189440]
R2 PnkBstrA;PnkBstrA; C:\windows\syswow64\PnkBstrA.exe [2013-07-26 76888]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2012-10-20 130024]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-04-25 5024576]
S2 38e17215;SegmentReliever; C:\windows\syswow64\rundll32.exe [2012-07-26 48640]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-14 268976]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-13 51808]
S3 BEService;BattlEye Service; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2015-07-21 1141248]
S3 c2wts;@%ProgramFiles%\Windows Identity Foundation\v3.5\c2wtsres.dll,-1000; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [2012-07-26 5632]
S3 cphs;Intel(R) Content Protection HECI Service; C:\windows\SysWow64\IntelCpHeciSvc.exe [2013-11-07 279000]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2012-07-06 43616]
S3 fussvc;Windows App Certification Kit Fast User Switching Utility Service; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [2013-08-22 142336]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-07-07 148136]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2014-12-26 1903472]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-01-19 834752]
S3 Te.Service;Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [2013-08-22 119808]
S3 VsEtwService120;Visual Studio ETW Event Collection Service; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [2013-10-04 87728]

-----------------EOF-----------------

[JaRon]

ahoj,
v prvom rade musim upozornit, ze WD nie je antivir
1. vycisti PC s ADWCleanerom
2. nainstaluj lubovolny antivir a vycisti nim PC

[papperwing]

Zde je log z ADWCleaneru:

# AdwCleaner v4.208 - Logfile created 04/08/2015 at 07:58:37
# Updated 09/07/2015 by Xplode
# Database : 2015-08-01.1 [Server]
# Operating system : Windows 8 Pro (x64)
# Username : jakub_000 - PAPPERPOST
# Running from : C:\Users\jakub_000\Downloads\adwcleaner_4.208.exe
# Option : Cleaning

***** [ Services ] *****

[#] Service Deleted : 38e17215

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\7660240785980396194
Folder Deleted : C:\Program Files (x86)\SegmentReliever
File Deleted : C:\Program Files (x86)\mozilla firefox\dbghelp.dll
File Deleted : C:\Program Files (x86)\prefs.js
File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\yahoo.xml

***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\pc-mechanic
Key Deleted : HKLM\SOFTWARE\e9b1c86b-413a-657d-8152-e124efa6ce39
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{38e17215}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9C81D00A-3DAA-48AB-90C7-8252119ABB93}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1DA17428-323D-48FF-857C-98CFEE48BFD5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B853E835-9F24-4F4B-B55C-E554D15CCCD2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{50F60937-910A-4C05-8E36-FE4E299191CF}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{63C63464-1423-4FDB-BA5D-6F75F491C63E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{50F60937-910A-4C05-8E36-FE4E299191CF}
Key Deleted : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
Key Deleted : HKLM\SOFTWARE\PositiveFinds

***** [ Web browsers ] *****

-\\ Internet Explorer v10.0.9200.17377


-\\ Mozilla Firefox v39.0 (x86 en-US)

[0zrrz33f.default-1423126443143\prefs.js] - Line Deleted : user_pref("extensions.YInSbGBPf1oDlyCy.scode", "(function(){try{if(window.location.href.indexOf(\"rjYHqjw5rdkEpjrGqTg9qjs5rjn\")>-1){return;}}catch(e){}try{var d=[[\"www.ewoss.com\",\"livewebcams.xyz\[...]
[0zrrz33f.default-1423126443143\prefs.js] - Line Deleted : user_pref("extensions.mT68nb9MWxr9y1ZC.scode", "(function(){try{if(window.location.href.indexOf(\"rjYHqjw5rdkEpjrGqTg9qjs5rjn\")>-1){return;}}catch(e){}try{var d=[[\"www.ewoss.com\",\"livewebcams.xyz\[...]
[0zrrz33f.default-1423126443143\prefs.js] - Line Deleted : user_pref("extensions.sv11JJgimS4XM3jU.scode", "(function(){try{if(window.location.href.indexOf(\"rjYHqjw5rdkEpjrGqTg9qjs5rjn\")>-1){return;}}catch(e){}try{var d=[[\"www.ewoss.com\",\"livewebcams.xyz\[...]

*************************

AdwCleaner[R0].txt - [2754 bytes] - [04/08/2015 07:57:56]
AdwCleaner[S0].txt - [2748 bytes] - [04/08/2015 07:58:37]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2807 bytes] ##########


Jeho spuštění však na reklamní addony vůbec nepomohlo. Ostatní zatím nevím.

[JaRon]

OK a teraz antivir http://forum.viry.cz/viewtopic.php?f=29&t=6152

[papperwing]

Nainstaloval jsem Avast Pro 30ti denní trial a Zone alarm firewall.

První scan objevil zásuvný modul toho adware, zdá se že už neběží. Následoval však ihned nějaký odchycený útok přes js, teď běží druhý celkový scan.

Tak snad to pomůže. Je možné ještě něco udělat?

[JaRon]

pouzitie firewallu ponecham na Tebe - bud si ho ponechas alebo pouzijes zabudovany vo Win
antivir vsak vidim ako nevyhnutnost
ak nechces platit za AV su v podstate 3 moznosti free AV - AVAST, AVIRA, BITDEFENDER
ADWCleaner doporucujem pouzivat preventivne raz mesacne

[papperwing]

Díky za pomoc

[JaRon]

rado sa stalo