VIRY.CZ

Log z hijackthis po skenu:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:02:34, on 20.6.2016
Platform: Unknown Windows (WinNT 6.01.3505 SP1)
MSIE: Internet Explorer v11.0 (11.00.9600.18347)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files\VIA XHCI UASP Utility\usb3Monitor.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Users\WymleeSe\AppData\Local\Discord\app-0.0.291\Discord.exe
C:\Program Files (x86)\puush\puush.exe
C:\Program Files (x86)\Creative\Sound Blaster Cinema 2\Sound Blaster Cinema 2\SBCinema2.exe
C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Users\WymleeSe\AppData\Local\Discord\app-0.0.291\Discord.exe
C:\Users\WymleeSe\AppData\Local\Discord\app-0.0.291\Discord.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Hj\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://un-stop.info/wpad.dat?59975a751b ... 7111941661
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Sound Blaster Cinema 2] "C:\Program Files (x86)\Creative\Sound Blaster Cinema 2\Sound Blaster Cinema 2\SBCinema2.exe" /r
O4 - HKLM\..\Run: [UpdReg] C:\Windows\UpdReg.EXE
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Super Charger] C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [Discord] C:\Users\WymleeSe\AppData\Local\Discord\app-0.0.291\Discord.exe
O4 - HKCU\..\Run: [puush] C:\Program Files (x86)\puush\puush.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Sledovat výstrahy inkoustu - HP Deskjet 2540 series.lnk = ?
O4 - Global Startup: Killer Network Manager.lnk = C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O13 - Gopher Prefix:
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service: HuaweiHiSuiteService64.exe - Unknown owner - C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Jatosydinodom Launcher (JtsLncs) - Unknown owner - C:\Program.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Killer Service V2 - Rivet Networks - C:\Program Files\Killer Networking\Network Manager\KillerService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MSI_SuperCharger - MSI - C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Network Service (NvStreamNetworkSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wacom Consumer Service (WTabletServiceCon) - Wacom Technology, Corp. - C:\Program Files\Tablet\Pen\WTabletServiceCon.exe

--
End of file - 9908 bytes


Porhlížeč se mi pouští s jiným vyhledávačem většinou Safebrowsing.biz nebo i jiné. Často vyskakují reklamy.
Poprosil bych o pomoc

Přikládám ještě log z rsit:

http://puu.sh/pzSCB.txt

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

# AdwCleaner v5.200 - Log vytvořen 21/06/2016 v 09:28:53
# Aktualizováno 14/06/2016 by ToolsLib
# Databáze : 2016-06-20.3 [Server]
# Operační system : Windows 7 Professional Service Pack 1 (X64)
# Uživatelské jméno : WymleeSe - WYMLEESE-PC
# Spuštěno z : C:\Users\WymleeSe\Desktop\adwcleaner_5.200.exe
# Nastavení : Čištění
# Podpora : https://toolslib.net/forum

***** [ Služby ] *****


***** [ Složky ] *****

[-] Složka Smazáno : C:\ProgramData\LuckyBrowse
[#] Složka Smazáno : C:\ProgramData\Application Data\LuckyBrowse
[-] Složka Smazáno : C:\Users\WymleeSe\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108
[-] Složka Smazáno : C:\Users\WymleeSe\AppData\Roaming\SpringFiles

***** [ Soubory ] *****


***** [ DLLs ] *****


***** [ WMI ] *****


***** [ Zástupci ] *****


***** [ Naplánované úlohy ] *****

[-] Úloha Smazáno : LuckyBrowse

***** [ Registry ] *****

[-] Klíč Smazáno : HKCU\SOFTWARE\Mozilla\Firefox\{EB52F1AB-3C2B-424F-9794-833C687025CF}
[-] Klíč Smazáno : HKLM\SOFTWARE\Mozilla\Firefox\{EB52F1AB-3C2B-424F-9794-833C687025CF}
[-] Klíč Smazáno : HKCU\Software\WIN
[-] Klíč Smazáno : HKCU\Software\SrpnFiles
[-] Klíč Smazáno : HKLM\SOFTWARE\LuckyBrowse
[-] Klíč Smazáno : HKLM\SOFTWARE\SrpnFiles
[-] Klíč Smazáno : HKLM\SOFTWARE\{E6276374-DE18-4AA5-A365-9016A2F98A2D}
[-] Hodnota Smazáno : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{7C49DE6F-9DC1-4F36-9ED8-4BCB9C2D7EBC}]
[-] Hodnota Smazáno : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{C532FBEF-3C61-48DC-8833-E0F9B801E135}]
[-] Hodnota Smazáno : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{605A586C-CF5D-4602-8DCD-9A4E345F10A7}]
[-] Hodnota Smazáno : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{DE8C99D1-1739-4179-8BB4-4A770B216D91}]
[-] Hodnota Smazáno : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{1FCABA1A-6613-4499-A454-4584D4A39712}]
[-] Hodnota Smazáno : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{4E0E830A-C72D-46E3-AE8F-9C4B5F4D2B29}]

***** [ Prohlížeče ] *****


*************************

:: "Tracing" klíče smazány
:: Nastavení Winsock vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [2494 bytů] - [21/06/2016 09:28:53]
C:\AdwCleaner\AdwCleaner[S1].txt - [2634 bytů] - [21/06/2016 09:26:26]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [2640 bytů] ##########

Dejte nový log RSIT.

http://puu.sh/pAvsS.txt

moc dlouhé stále

Chtěl jsem RSIT: http://forum.viry.cz/viewtopic.php?f=13&t=130786 , nikoli ADWCleaner.

Ano měl jsem zkopírován log z rána, zeditoval jsem již

update:
Počítač jsem projel malware bytes, našlo mi to 8 hrozeb všechny sem smazal a přikládám nový log z RSIT

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

:reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"hshhsaaaws"=-

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.

Smazáno. Znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC. Log je již OK.

Moc díky za pomoc, Vše se zdá v pořádku.

Rádo se stalo!