Prevence

[Márty84]

Odinstalujte MBAM.

Vypnete trvale Windows Defender.

Vidim, ze mate na plose i videa. Velikost plochy by nemela presahovat 200 - 300 MB! Brzdi to chod pc. Cili ji trosku uklidte a na plochu dejte jen zastupce. Jen pozor na obcasnou chybu, ze uzivatele maji na plose slozku, v ni dalsi a v ni dalsi a do te to schovaji. To je sice hezke, ale plochu to nezmensi, jen je to v jinem supliku




Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKU\S-1-5-21-1117010101-3544123735-585248775-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8358680 2015-06-01] (Piriform Ltd)
HKU\S-1-5-21-1117010101-3544123735-585248775-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [5583120 2015-02-27] (Disc Soft Ltd)

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-1117010101-3544123735-585248775-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch

FF Homepage: hxxp://www.msn.com/?pc=SKY2&ocid=SKY2DHP&osmkt=en-ww
FF Extension: Bing Search Engine - C:\Users\1\AppData\Roaming\Mozilla\Firefox\Profiles\rcp66st5.default\Extensions\bingsearch.full@microsoft.com [2015-03-18]

CHR HomePage: Profile 3 -> hxxp://www.msn.com/?pc=__PARAM__&ocid=_ ... smkt=en-us
CHR DefaultSearchURL: Profile 3 -> hxxp://www.bing.com/search?FORM=__PARAM ... PARAM__&q={searchTerms}
CHR DefaultSearchKeyword: Profile 3 -> bing.com

S3 catchme; \??\C:\ComboFix\catchme.sys [X]

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0530a81e8f96f.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0e1098cc07b55.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Hosts:
EmptyTemp:
Reboot:
End

Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.

[Horst_Fuchs]

Fix result of Farbar Recovery Scan Tool (x64) Version:10-09-2015 01
Ran by 1 (2015-09-11 10:52:01) Run:1
Running from C:\Users\1\Desktop
Loaded Profiles: 1 (Available Profiles: 1)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKU\S-1-5-21-1117010101-3544123735-585248775-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8358680 2015-06-01] (Piriform Ltd)
HKU\S-1-5-21-1117010101-3544123735-585248775-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [5583120 2015-02-27] (Disc Soft Ltd)

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-1117010101-3544123735-585248775-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch

FF Homepage: hxxp://www.msn.com/?pc=SKY2&ocid=SKY2DHP&osmkt=en-ww
FF Extension: Bing Search Engine - C:\Users\1\AppData\Roaming\Mozilla\Firefox\Profiles\rcp66st5.default\Extensions\bingsearch.full@microsoft.com [2015-03-18]

CHR HomePage: Profile 3 -> hxxp://www.msn.com/?pc=__PARAM__&ocid=_ ... smkt=en-us
CHR DefaultSearchURL: Profile 3 -> hxxp://www.bing.com/search?FORM=__PARAM ... PARAM__&q={searchTerms}
CHR DefaultSearchKeyword: Profile 3 -> bing.com

S3 catchme; \??\C:\ComboFix\catchme.sys [X]

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0530a81e8f96f.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0e1098cc07b55.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0 => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\GrooveMonitor => value removed successfully
HKU\S-1-5-21-1117010101-3544123735-585248775-1000\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Monitoring => value removed successfully
HKU\S-1-5-21-1117010101-3544123735-585248775-1000\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => value removed successfully
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Search Page => value removed successfully
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page => value removed successfully
HKU\S-1-5-21-1117010101-3544123735-585248775-1000\Software\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
Firefox "homepage" removed successfully
C:\Users\1\AppData\Roaming\Mozilla\Firefox\Profiles\rcp66st5.default\Extensions\bingsearch.full@microsoft.com => moved successfully
Chrome HomePage removed successfully
Chrome DefaultSearchURL removed successfully
Chrome DefaultSearchKeyword removed successfully
catchme => service removed successfully
C:\Windows\Tasks\Adobe Flash Player Updater.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0530a81e8f96f.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0e1098cc07b55.job => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
EmptyTemp: => 94.5 MB temporary data Removed.


The system needed a reboot..

==== End of Fixlog 10:52:37 ====

[Horst_Fuchs]

Zde je fixlog, ovšem mám dojem že se vytvořil dříve, než proběhl fix.
Po restartu na mě nový log nevyskočil.

Fix result of Farbar Recovery Scan Tool (x64) Version:10-09-2015 01
Ran by 1 (2015-09-11 11:07:19) Run:2
Running from C:\Users\1\Desktop
Loaded Profiles: 1 (Available Profiles: 1)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKU\S-1-5-21-1117010101-3544123735-585248775-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8358680 2015-06-01] (Piriform Ltd)
HKU\S-1-5-21-1117010101-3544123735-585248775-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [5583120 2015-02-27] (Disc Soft Ltd)

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-1117010101-3544123735-585248775-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch

FF Homepage: hxxp://www.msn.com/?pc=SKY2&ocid=SKY2DHP&osmkt=en-ww
FF Extension: Bing Search Engine - C:\Users\1\AppData\Roaming\Mozilla\Firefox\Profiles\rcp66st5.default\Extensions\bingsearch.full@microsoft.com [2015-03-18]

CHR HomePage: Profile 3 -> hxxp://www.msn.com/?pc=__PARAM__&ocid=_ ... smkt=en-us
CHR DefaultSearchURL: Profile 3 -> hxxp://www.bing.com/search?FORM=__PARAM ... PARAM__&q={searchTerms}
CHR DefaultSearchKeyword: Profile 3 -> bing.com

S3 catchme; \??\C:\ComboFix\catchme.sys [X]

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0530a81e8f96f.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0e1098cc07b55.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0 => value not found.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task => value not found.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\GrooveMonitor => value not found.
HKU\S-1-5-21-1117010101-3544123735-585248775-1000\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Monitoring => value not found.
HKU\S-1-5-21-1117010101-3544123735-585248775-1000\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => value not found.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Search Page => value not found.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page => value not found.
HKU\S-1-5-21-1117010101-3544123735-585248775-1000\Software\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
FF Homepage: hxxp://www.msn.com/?pc=SKY2&ocid=SKY2DHP&osmkt=en-ww => not found
C:\Users\1\AppData\Roaming\Mozilla\Firefox\Profiles\rcp66st5.default\Extensions\bingsearch.full@microsoft.com => not found.
Chrome HomePage => not found.
Chrome DefaultSearchURL => not found.
Chrome DefaultSearchKeyword => not found.
catchme => service not found.
C:\Windows\Tasks\Adobe Flash Player Updater.job => not found.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => not found.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0530a81e8f96f.job => not found.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0e1098cc07b55.job => not found.
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
EmptyTemp: => 21.1 MB temporary data Removed.


The system needed a reboot..

==== End of Fixlog 11:07:52 ====

[Márty84]

Podle logu to nakonec udelalo co melo


Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

DelFix https://toolslib.net/downloads/finish/2/

• Stahnete a spustte
• Ponechte zatrzitkou pouze u volby Remove disinfection tools
• Kliknete na Run

Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)

Defragmentujte disk(y) (SSD Disky ne!)
Stahnete program Defraggler https://www.piriform.com/defraggler/download/standard
Pri instalaci opet pozor na toolbar a dalsi nesmysly.
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.




Pak napiste, jak to s pc vypada.

[Horst_Fuchs]

# DelFix v1.011 - Logfile created 11/09/2015 at 20:52:52
# Updated 18/08/2015 by Xplode
# Username : 1 - 1-PC
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

~ Removing disinfection tools ...


########## - EOF - ##########

[Horst_Fuchs]

Ccleaner jsem použil a vše proběhlo v pořádku.
Defragmentoval jsem oba disky a vypadá to že také v pohodě, jen nevím proč se píše "fragmentováno 1%".
Ale to je asi normální.

[Márty84]

Defragmentoval jsem oba disky a vypadá to že také v pohodě, jen nevím proč se píše "fragmentováno 1%".

System s nekterymi soubory nedovoli programu hybat, napriklad s body obnovy. Takze to, ze to neni na 0% je opravdu normalni.


Pokud vse bezi jak ma, mame hotovo

[Horst_Fuchs]

Dobrý večer,
děkuji za vysvětlení.
Tím pádem je vše OK.
nicméně bych Vás rád požádal, zda byste ještě nemrknul na problém netbooku mé přítelkyně.
Je to už poměrně staroušek a nevím zda má cenu ho ještě zachraňovat.
Každopádně jsem mu nahrál nový OS a přesto že v něm ještě skoro nic není, procesor je vytížen na 100%.
A to mám otevřené cca. 2-3 stránky v chromu.
Mrknul byste prosím na to?

[Márty84]

Vyborne, to jsem rad

Na notas pritelkyne zalozte nove tema, 1 tema = 1 pc, jinak by v tom byl gulas. Pokud chcete, at na to kouknu primo ja, napiste do predmetu Pro Márty84, kolegove mi to nechaji. Jinak na to koukne ten, kdo bude mit prvni cas

Tady tedy

Mejte se