VIRY.CZ

Zdravím,... Už zhruba dva dny řeším, že se mi drasticky zpomalil na notebooku internet. Připojení mám od UPC 50 mb/s, u nich je prý vše v pořádku, navíc na starém pc internet naměří kolem 40mb, ale na tomhle se nedostanu nad 2 mb/s a je jedno jestli jsem připojený přez wifi nebo kabel. Na internetu jsem četl že je to kvůli windows 8.1 ale ten mám už nějakou dobu a problém registruji pouze poslední dny.
Projižděl jsem to antivirem spybotem, přečetl jsem už kde co a stále nemůžu a na nic přijít. Přikládám scan.

Předem děkuji za odpověď

Zdravim a pekny den preji
Vas log se studuje a pracuje se na nem .
Prosim o strpeni!

Odinstalujte Spybot - Search & Destroy - program ma uz nejlepsi leta davno za sebou a posledni cca 3 roky neni schopen celit aktualnim hrozbam

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

• Ulozte nejlepe na plochu
• Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
• Probehne vytvoreni zalohy a nasledne prohledavani
• Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Kliknete na Scan a nasledne Clean
• Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
• Do okna vlozte skript nize

• Kód: Vybrat vše

  autoclean;
  emptyclsid;
  iedefaults;
  FFdefaults;
  CHRdefaults;
  emptyalltemp;
  resethosts;
  

• Nasledne kliknete na Run Script
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Moc Děkuji za rychlou odpověď
posílám vysledky z JRT a jdu na druhý krok:)

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 8.1 x64
Ran by Petr on so 10. 05. 2014 at 12:29:18,50
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-3759913120-3322944388-1342903606-1002\Software\Microsoft\Internet Explorer\Main\\Start Page



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installcore
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{89E9458C-2FDA-47BC-9CC1-211B2AFB4647}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2488}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2488}



~~~ Files

Successfully deleted: [File] "C:\end"



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\adtrustmedia"
Successfully deleted: [Folder] "C:\ProgramData\wincert"
Successfully deleted: [Folder] "C:\Users\Petr\AppData\Roaming\opencandy"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on so 10. 05. 2014 at 12:43:45,67
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Toto jsou výsledky z AdwCleaneru:

# AdwCleaner v3.207 - Report created 10/05/2014 at 12:49:44
# Updated 05/05/2014 by Xplode
# Operating System : Windows 8.1 (64 bits)
# Username : Petr - PIETRO
# Running from : C:\Users\Petr\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

[#] Folder Deleted : C:\ProgramData\BitGuard
[#] Folder Deleted : C:\ProgramData\Browser Manager
[#] Folder Deleted : C:\ProgramData\BrowserProtect
Folder Deleted : C:\ProgramData\SafetyNut
Folder Deleted : C:\Users\Petr\AppData\Roaming\BitLord
Folder Deleted : C:\Users\Petr\Documents\BitLord

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\Classes\pokki
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsemngr.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsermngr.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bundlesweetimsetup.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cltmngsvc.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta babylon.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta tb.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta2.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltainstaller.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltasetup.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb_2501-c733154b.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iminentsetup.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sweetimsetup.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tbdelta.exetoolbar783881609.exe
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Key Deleted : HKLM\Software\AVG SafeGuard toolbar
Key Deleted : HKLM\Software\SafetyNut
Key Deleted : [x64] HKLM\SOFTWARE\Speedchecker Limited
Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\ProgramData\Wincert\WIN64C~1.DLL
Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - (x86)\BROWSE~1\SAFETY~1\x64\SAFETY~2.DLL
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17037


-\\ Google Chrome v34.0.1847.131

[ File : C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [4841 octets] - [10/05/2014 12:46:35]
AdwCleaner[S0].txt - [4848 octets] - [10/05/2014 12:49:44]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4908 octets] ##########

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
• Do okna vlozte skript nize

• Kód: Vybrat vše

  autoclean;
  emptyclsid;
  iedefaults;
  FFdefaults;
  CHRdefaults;
  emptyalltemp;
  resethosts;
  

• Nasledne kliknete na Run Script
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Hotovo tady jsou vysledky
nicméně rychlost připojení je stále kolem 2mb/s (((


Zoek.exe v5.0.0.0 Updated 14-April-2014
Tool run by Petr on so 10. 05. 2014 at 12:56:11,59.
Microsoft Windows 8.1 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Petr\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

10. 5. 2014 13:02:08 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\PROGRA~3\Package Cache deleted
C:\Users\Public\sdelevURL.tmp deleted
C:\WINDOWS\wininit.ini deleted
"C:\Users\Petr\AppData\Local\LumaEmu" deleted
"C:\PROGRA~2\Browser Tab Search by Ask\SafetyNut\BrowserTabSearch\msb.dll" deleted
"C:\PROGRA~2\Browser Tab Search by Ask\SafetyNut\BrowserTabSearch\msbloader.exe" deleted
"C:\PROGRA~2\Browser Tab Search by Ask\SafetyNut\BrowserTabSearch\msbloader64.exe" deleted
"C:\Users\Petr\AppData\Roaming\rmi" deleted
"C:\PROGRA~2\Browser Tab Search by Ask" not deleted
"C:\PROGRA~2\Browser Tab Search by Ask\SafetyNut" not deleted
"C:\PROGRA~2\Browser Tab Search by Ask\SafetyNut\BrowserTabSearch" not deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"dpmaxz_ng@jetpack"="C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome" [09. 04. 2014 11:25]

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
ncffjdbbodifgldkcbhmiiljfcnbgjab - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome.crx[21. 09. 2013 23:04]

Seznam Lištička - Slovník - Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd
Seznam Lištička - Rychlá volba - Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Default_Page_URL"="http://www.bing.com?pc=CMNTDFJS"
"First Home Page"="http://www.bing.com?pc=CMNTDFJS"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"First Home Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... c=CMNTDFJS"
{072695B8-E4B8-4972-8DAF-E32CB538EBC5} Slovnˇk CZ/EN Url="http://slovnik.seznam.cz/?q={searchTerm ... arch_13415"
{3CE42DA8-3F2F-4677-A9D8-7C39DCE04D4B} Slovnˇk EN/CZ Url="http://slovnik.seznam.cz/?q={searchTerm ... arch_13415"
{5313B942-14C8-4F78-AEEA-C9DA63CF2C4C} Novinky.cz Url="http://www.novinky.cz/hledej?w={searchT ... arch_13415"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchT ... {startPage}"
{7D4BF40C-BCC9-446C-813C-A25556B487D3} Zbo§ˇ.cz Url="http://www.zbozi.cz/?q={searchTerms}&r= ... arch_13415"
{82DC6AB2-FB2E-4B6B-AC6C-D1B76BCEA930} Seznam TV Program Url="http://tv.seznam.cz/hledej?w={searchTer ... arch_13415"
{BF452900-5B71-44A8-9B8F-9BB90CFDA71F} Encyklopedie Seznam Url="http://encyklopedie.seznam.cz/search?q= ... arch_13415"
{D082D3EC-F559-44D1-AD0D-17E0690FF90F} Firmy.cz Url="http://www.firmy.cz/?q={searchTerms}&so ... arch_13415"
{EA0BB024-3002-4DD5-938B-2E792369551D} Mapy.cz Url="http://www.mapy.cz/?query={searchTerms} ... arch_13415"

==== Reset Google Chrome ======================

C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\preferences was reset successfully
C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Petr\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Petr\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=32 folders=29 23655594 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Petr\AppData\Local\Temp will be emptied at reboot
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\Petr\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\PROGRA~2\Browser Tab Search by Ask" not found

==== EOF on so 10. 05. 2014 at 13:26:11,06 ======================

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

• Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
• Pokud mate Win XP spustte pod uctem Spravce\Administratora
• Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
• Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
• Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
• Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
• Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
• Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
• Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

Mam windows 8.1 ,...combofix napiše pouze ComboFix is not meant to run in 'Comapatibility Mode' the program shall now exit ((

Jaj, moje chybka

Dejte tedy novy log z FRST

V pohodě moc děkuji za pomoc )))) posílám výseldky v příloze

Tvorba fixlistu pro FRST

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  Start
  HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
  HKLM\...\Run: [Zune Launcher] => C:\Program Files\Zune\ZuneLauncher.exe [163552 2011-08-05] (Microsoft Corporation)
  HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [683656 2013-02-07] (PDF Complete Inc)
  HKLM-x32\...\Run: [CLMLServer_For_P2G8] => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111136 2012-11-21] (CyberLink)
  HKLM-x32\...\Run: [CLVirtualDrive] => c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [493088 2012-11-21] (CyberLink Corp.)
  HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
  HKLM-x32\...\Run: [] => [X]
  HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
  HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
  HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
  HKU\S-1-5-21-3759913120-3322944388-1342903606-1002\...\Run: [Browser Tab Search by Ask] => "C:\Program Files (x86)\Browser Tab Search by Ask\SafetyNut\BrowserTabSearch\msbloader.exe"
  HKU\S-1-5-21-3759913120-3322944388-1342903606-1002\...\Run: [Browser Tab Search by Askx64] => "C:\Program Files (x86)\Browser Tab Search by Ask\SafetyNut\BrowserTabSearch\msbloader64.exe"
  HKU\S-1-5-21-3759913120-3322944388-1342903606-1002\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
  HKU\S-1-5-21-3759913120-3322944388-1342903606-1002\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Petr\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
  HKU\S-1-5-21-3759913120-3322944388-1342903606-1002\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Petr\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
  HKU\S-1-5-21-3759913120-3322944388-1342903606-1002\...\Run: [BitTorrent] => C:\Users\Petr\AppData\Roaming\BitTorrent\BitTorrent.exe [1236832 2014-04-23] (BitTorrent Inc.)
  HKU\S-1-5-21-3759913120-3322944388-1342903606-1002\...\Run: [AdobeBridge] => [X]
  AppInit_DLLs: C:\Program Files => C:\Program Files [0 2014-05-06] ()
  IFEO\rjatydimofu.exe: [Debugger] tasklist.exe
  
  SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=CMNTDFJS
  SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=CMNTDFJS
  SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2488} URL = http://dts.search.ask.com/sr?src=ieb&gct=ds&appid=101&systemid=488&v=n11470-297&apn_uid=1042601951354189&apn_dtid=TCH001&o=APN11459&apn_ptnrs=AG1&q={searchTerms}
  
  2014-05-10 16:40 - 2014-05-10 16:41 - 05200347 _____ (Swearware) C:\Users\Petr\Downloads\ComboFix (1).exe
  2014-05-10 13:20 - 2014-05-10 12:55 - 00024064 _____ () C:\WINDOWS\zoek-delete.exe
  2014-05-10 13:01 - 2014-05-10 13:26 - 00007500 _____ () C:\zoek-results.log
  2014-05-10 12:55 - 2014-05-10 13:18 - 00000000 ____D () C:\zoek_backup
  2014-05-10 11:20 - 2014-05-10 11:31 - 00223713 _____ () C:\Users\Petr\Downloads\FRST.txt
  2014-05-10 11:22 - 2014-05-10 11:23 - 00049690 _____ () C:\Users\Petr\Downloads\Addition.txt
  2014-05-10 02:29 - 2014-05-10 02:31 - 11164411 _____ () C:\Users\Petr\Downloads\cc-setup.exe
  2014-05-10 00:16 - 2014-05-10 00:19 - 46392680 _____ (Safer-Networking Ltd. ) C:\Users\Petr\Downloads\spybot-2.3.exe
  C:\Users\Petr\Downloads\ComboFix.exe
  C:\Program Files (x86)\Browser Tab Search by Ask
  
  Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
  Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  Task: C:\WINDOWS\Tasks\HPCeeScheduleForPetr.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
  Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
  
  Hosts:
  End
  

• Ulozte vytvoreny TXT jako fixlist.txt
• Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

• Kliknete na Fix
• Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

tohle z toho vylezlo

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 10-05-2014
Ran by Petr at 2014-05-10 18:17:26 Run:1
Running from C:\Users\Petr\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [Zune Launcher] => C:\Program Files\Zune\ZuneLauncher.exe [163552 2011-08-05] (Microsoft Corporation)
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [683656 2013-02-07] (PDF Complete Inc)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111136 2012-11-21] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [493088 2012-11-21] (CyberLink Corp.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKU\S-1-5-21-3759913120-3322944388-1342903606-1002\...\Run: [Browser Tab Search by Ask] => "C:\Program Files (x86)\Browser Tab Search by Ask\SafetyNut\BrowserTabSearch\msbloader.exe"
HKU\S-1-5-21-3759913120-3322944388-1342903606-1002\...\Run: [Browser Tab Search by Askx64] => "C:\Program Files (x86)\Browser Tab Search by Ask\SafetyNut\BrowserTabSearch\msbloader64.exe"
HKU\S-1-5-21-3759913120-3322944388-1342903606-1002\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-3759913120-3322944388-1342903606-1002\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Petr\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-3759913120-3322944388-1342903606-1002\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Petr\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\S-1-5-21-3759913120-3322944388-1342903606-1002\...\Run: [BitTorrent] => C:\Users\Petr\AppData\Roaming\BitTorrent\BitTorrent.exe [1236832 2014-04-23] (BitTorrent Inc.)
HKU\S-1-5-21-3759913120-3322944388-1342903606-1002\...\Run: [AdobeBridge] => [X]
AppInit_DLLs: C:\Program Files => C:\Program Files [0 2014-05-06] ()
IFEO\rjatydimofu.exe: [Debugger] tasklist.exe

SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... c=CMNTDFJS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... c=CMNTDFJS
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2488} URL = http://dts.search.ask.com/sr?src=ieb&gc ... earchTerms}

2014-05-10 16:40 - 2014-05-10 16:41 - 05200347 _____ (Swearware) C:\Users\Petr\Downloads\ComboFix (1).exe
2014-05-10 13:20 - 2014-05-10 12:55 - 00024064 _____ () C:\WINDOWS\zoek-delete.exe
2014-05-10 13:01 - 2014-05-10 13:26 - 00007500 _____ () C:\zoek-results.log
2014-05-10 12:55 - 2014-05-10 13:18 - 00000000 ____D () C:\zoek_backup
2014-05-10 11:20 - 2014-05-10 11:31 - 00223713 _____ () C:\Users\Petr\Downloads\FRST.txt
2014-05-10 11:22 - 2014-05-10 11:23 - 00049690 _____ () C:\Users\Petr\Downloads\Addition.txt
2014-05-10 02:29 - 2014-05-10 02:31 - 11164411 _____ () C:\Users\Petr\Downloads\cc-setup.exe
2014-05-10 00:16 - 2014-05-10 00:19 - 46392680 _____ (Safer-Networking Ltd. ) C:\Users\Petr\Downloads\spybot-2.3.exe
C:\Users\Petr\Downloads\ComboFix.exe
C:\Program Files (x86)\Browser Tab Search by Ask

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForPetr.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

Hosts:
End
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Zune Launcher => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\PDF Complete => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\CLMLServer_For_P2G8 => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\CLVirtualDrive => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\seznam-listicka-distribuce => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SwitchBoard => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\AdobeCS6ServiceManager => Value deleted successfully.
HKU\S-1-5-21-3759913120-3322944388-1342903606-1002\Software\Microsoft\Windows\CurrentVersion\Run\\Browser Tab Search by Ask => Value deleted successfully.
HKU\S-1-5-21-3759913120-3322944388-1342903606-1002\Software\Microsoft\Windows\CurrentVersion\Run\\Browser Tab Search by Askx64 => Value deleted successfully.
HKU\S-1-5-21-3759913120-3322944388-1342903606-1002\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => Value deleted successfully.
HKU\S-1-5-21-3759913120-3322944388-1342903606-1002\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.autoupdate => Value deleted successfully.
HKU\S-1-5-21-3759913120-3322944388-1342903606-1002\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.szndesktop => Value deleted successfully.
HKU\S-1-5-21-3759913120-3322944388-1342903606-1002\Software\Microsoft\Windows\CurrentVersion\Run\\BitTorrent => Value deleted successfully.
HKU\S-1-5-21-3759913120-3322944388-1342903606-1002\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => Value deleted successfully.
"C:\Program Files" => Value Data removed successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\rjatydimofu.exe => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2488} => Key deleted successfully.
HKCR\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2488} => Key not found.
C:\Users\Petr\Downloads\ComboFix (1).exe => Moved successfully.
C:\WINDOWS\zoek-delete.exe => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\Petr\Downloads\FRST.txt => Moved successfully.
C:\Users\Petr\Downloads\Addition.txt => Moved successfully.
C:\Users\Petr\Downloads\cc-setup.exe => Moved successfully.
C:\Users\Petr\Downloads\spybot-2.3.exe => Moved successfully.
"C:\Users\Petr\Downloads\ComboFix.exe" => File/Directory not found.
"C:\Program Files (x86)\Browser Tab Search by Ask" => File/Directory not found.
C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\WINDOWS\Tasks\HPCeeScheduleForPetr.job => Moved successfully.
C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

==== End of Fixlog ====

Tak jeste uklidime

T-Cleaner http://vyosek.tym.cz/pro_usery/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stahnete a spustte
• Kliknete na CleanUp a potvrdte YES
• Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

Napiste co PC

Hotovo,.... stale ale když měřím rychlost internetu se nadostanu výše jak 3-4 Mb/s,....(