VIRY.CZ

Zkusíme ještě Zoek:

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize

autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;

Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.

Teď, když se pc sám restartoval po skenu Zoek, tak se to restartovalo strašně dlouhou dobu. Asi za 20 minut jsem přišla k pc a stále se to restartovalo, tak jsem musela pc vypnout. To taky asi není normální co?

Zoek.exe v5.0.0.1 Updated 25-October-2015
Tool run by Martina on ne 25. 10. 2015 at 17:31:34,97.
Microsoft Windows 8 6.2.9200 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Martina\Downloads\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

25. 10. 2015 18:31:17 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\Users\Administrator\AppData\Local\Comodo deleted successfully
C:\Users\Administrator\AppData\Local\Google deleted successfully
C:\Users\Guest\AppData\Local\Comodo deleted successfully
C:\Users\Guest\AppData\Local\Google deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Comodo deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google deleted successfully
C:\Users\Martina\AppData\Local\Comodo deleted successfully
C:\Users\Martina\AppData\Local\GHISLER deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1443460809-2058308057-2046692019-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DCFCC2EC-3F33-45A8-8ADF-A6C81F11232F} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{DCFCC2EC-3F33-45A8-8ADF-A6C81F11232F} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\u60ghvfv.default\prefs.js:
user_pref("browser.startup.homepage", "http://seznam.cz/");

Added to C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\u60ghvfv.default\prefs.js:

Deleted from C:\Users\Martina\AppData\Roaming\Philips-Songbird\Profiles\qxqlp484.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Added to C:\Users\Martina\AppData\Roaming\Philips-Songbird\Profiles\qxqlp484.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\u60ghvfv.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_201525.10._1908_.backup
prefs_201530.03._1613_.backup

ProfilePath: C:\Users\Martina\AppData\Roaming\Philips-Songbird\Profiles\qxqlp484.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_201525.10._1908_.backup
prefs_201530.03._1613_.backup

==== Deleting Files \ Folders ======================

C:\Users\Martina\AppData\Roaming\Radiocom deleted
C:\PROGRA~3\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Martina\AppData\Local\Radiocom deleted
C:\windows\SysNative\GroupPolicy\Adm deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\windows\SysNative\GroupPolicy\gpt.ini deleted
"C:\windows\SysNative\GroupPolicy\Machine" deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\Martina\AppData\Roaming\Philips-Songbird\Profiles\qxqlp484.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Proxy Settings ======================

ProfilePath: C:\Users\Martina\AppData\Roaming\Philips-Songbird\Profiles\qxqlp484.default
user_pref("network.proxy.type", 4);

==== Firefox Extensions ======================

ProfilePath: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\u60ghvfv.default
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

ProfilePath: C:\Users\Martina\AppData\Roaming\Philips-Songbird\Profiles\qxqlp484.default
- Artwork Extras - C:\Program Files (x86)\Philips\Philips Songbird\extensions\albumart@songbirdnest.com
- CD Rip Support - C:\Program Files (x86)\Philips\Philips Songbird\extensions\cd-rip@songbirdnest.com
- AAC Decoding Support - C:\Program Files (x86)\Philips\Philips Songbird\extensions\ewaacdec@songbirdnest.com
- H.264 Video Decoding Support - C:\Program Files (x86)\Philips\Philips Songbird\extensions\ewh264dec@songbirdnest.com
- MP3 Encoding Support - C:\Program Files (x86)\Philips\Philips Songbird\extensions\ewmp3enc@songbirdnest.com
- MPEG-4 Video Decoding Support - C:\Program Files (x86)\Philips\Philips Songbird\extensions\ewmpeg4dec@songbirdnest.com
- File association - C:\Program Files (x86)\Philips\Philips Songbird\extensions\fileassociation@philips.com
- Philips GoGear Device Manager - C:\Program Files (x86)\Philips\Philips Songbird\extensions\gogear@songbirdnest.com
- gonzo - C:\Program Files (x86)\Philips\Philips Songbird\extensions\gonzo@songbirdnest.com
- Fornecedor da pesquisa de metadados Gracenote - C:\Program Files (x86)\Philips\Philips Songbird\extensions\gracenote@songbirdnest.com
- Czech cs Language Pack - C:\Program Files (x86)\Philips\Philips Songbird\extensions\langpack-cs@songbirdnest.com
- mashTape - C:\Program Files (x86)\Philips\Philips Songbird\extensions\mashTape@songbirdnest.com
- MSC Device Support - C:\Program Files (x86)\Philips\Philips Songbird\extensions\msc@songbirdnest.com
- MTP Device Support - C:\Program Files (x86)\Philips\Philips Songbird\extensions\mtp@songbirdnest.com
- Philips addon manager - C:\Program Files (x86)\Philips\Philips Songbird\extensions\philips-addon-manager@philips.com
- Philips Branding - C:\Program Files (x86)\Philips\Philips Songbird\extensions\philips-branding@philips.com
- LikeMusic - C:\Program Files (x86)\Philips\Philips Songbird\extensions\philips-likemusic@philips.com
- Philips auto msc-mtp switch - C:\Program Files (x86)\Philips\Philips Songbird\extensions\philips-msc-mtp-switch@philips.com
- Philips Promotions - C:\Program Files (x86)\Philips\Philips Songbird\extensions\philips-promotions@philips.com
- Philips Skin - C:\Program Files (x86)\Philips\Philips Songbird\extensions\philips-skin@philips.com
- Philips UI - C:\Program Files (x86)\Philips\Philips Songbird\extensions\philips-ui@philips.com
- Purple Rain - C:\Program Files (x86)\Philips\Philips Songbird\extensions\purplerain@songbirdnest.com
- Windows Media Playback - C:\Program Files (x86)\Philips\Philips Songbird\extensions\windowsmedia@songbirdnest.com

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Skype Click to Call - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
- Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\u60ghvfv.default
D7324EB1EDCB8990F8522DE0311359E9 - C:\windows\SysWOW64\npDeployJava1.dll - Java Deployment Toolkit 7.0.250.17
0C0C5C207121C7A78414A8250E8E099A - C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll - Shockwave for Director / Shockwave for Director
863AF0003392FEBC2667A8A790DED955 - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll - Shockwave Flash
7D127425BBE91DF37448A7F44C1DDA52 - C:\Users\Martina\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll - Google Update
3A57A288F098188E92C6B0309CBC50B2 - C:\windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System


==== Chromium Look ======================



==== Chromium Fix ======================

C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage deleted successfully
C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage-journal deleted successfully
C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage deleted successfully
C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.msn.com/?pc=MSE1"
"Search Page"="http://www.google.com"
"Default_Search_URL"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]
"CustomizeSearch"="http://www.google.com"
"SearchAssistant"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Search]
"CustomizeSearch"="http://www.google.com"
"SearchAssistant"="http://www.google.com"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://www.msn.com/?pc=MSE1"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]
"CustomizeSearch"="http://ie.search.msn.com/{SUB_RFC1766}/ ... chcust.htm"
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/ ... chasst.htm"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Search]
"CustomizeSearch"="http://ie.search.msn.com/{SUB_RFC1766}/ ... chcust.htm"
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/ ... chasst.htm"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
{24AB7B16-6C04-4E62-BADB-A3AF9C7BA5B2} Slovnˇk EN/CZ Url="http://slovnik.seznam.cz/?q={searchTerm ... arch_13415"
{28DBDC09-CD74-4291-80D1-789ACD6F9883} Mapy.cz Url="http://www.mapy.cz/?query={searchTerms} ... arch_13415"
{4E0C853B-1E34-451A-B946-3B8D7C8BCE5D} Slovnˇk CZ/EN Url="http://slovnik.seznam.cz/?q={searchTerm ... arch_13415"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchT ... {startPage}"
{6BC336E0-0860-4AFD-B849-E13CABFBD077} Novinky.cz Url="http://www.novinky.cz/hledej?w={searchT ... arch_13415"
{764482F2-C192-4032-B5B2-7848E6928461} Zbo§ˇ.cz Url="http://www.zbozi.cz/?q={searchTerms}&r= ... arch_13415"
{8C35819E-0D88-4E0F-8946-73D1764A9500} Encyklopedie Seznam Url="http://encyklopedie.seznam.cz/search?q= ... arch_13415"
{A82AFC07-BDDB-4D91-91BD-B3D6AB1E5B87} Firmy.cz Url="http://www.firmy.cz/?q={searchTerms}&so ... arch_13415"
{CFDE9E19-18B2-4AC6-9F1E-14BD87C69D29} Seznam TV Program Url="http://tv.seznam.cz/hledej?w={searchTer ... arch_13415"

==== Reset Google Chrome ======================

C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully

==== Empty IE Cache ======================

C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Martina\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HGM8MKFS will be deleted at reboot
C:\Users\Martina\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XOUJB4GK will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Users\Martina\AppData\Local\Mozilla\Firefox\Profiles\u60ghvfv.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=26 folders=23 49178232 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Martina\AppData\Local\Temp will be emptied at reboot
C:\windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\windows\Temp successfully emptied
C:\Users\Martina\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Martina\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HGM8MKFS" not found
"C:\Users\Martina\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XOUJB4GK" not found

==== EOF on ne 25. 10. 2015 at 19:53:18,24 ======================

Nastala teď změna?

Černé okno stále naskakuje a ruské stránky také, když zapnu prohlížeč, ikdyž mám nastavenou jinou domovskou stránku. Také mi nejdou připnout na hlavní panel ikonky prohlížeče, ale jiné aplikace ano :/

V kterém prohlížeči?

v Google chrome a mozilla

Prohlížeče zazálohujte pomocí Mozbackup: http://www.stahuj.centrum.cz/utility_a_ ... mozbackup/ , resp. ChromeBackup: http://www.stahuj.centrum.cz/internet_a ... me-backup/ . Pak oba prohlížeče odinstalujte vč. jejich profilů. Znovu nainstalujte a ze záloh nakopírujte pouze záložky a hesla.

Tak teď už je to v pořádku.
A jen pro zajímavost - ta černá okna, co mi vyskakovala, měla název - taskeng.exe. Jsme to zjistila, když se mi na chvilku zasekl pc a to okno se zrovna ukázalo.
A díky moc za všechno!

Někdy se musí prohlížeč přeinstalovat, nepomohou ani čistitče. Rádo se stalo!