VIRY.CZ

Porosím o kontrolu

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

provedeno

# -------------------------------
# Malwarebytes AdwCleaner 7.2.4.0
# -------------------------------
# Build: 09-25-2018
# Database: 2018-10-12.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 10-18-2018
# Duration: 00:01:58
# OS: Windows 8.1 Connected
# Cleaned: 71
# Failed: 1

***** [ Services ] *****

Deleted WCAssistantService

***** [ Folders ] *****

Deleted C:\ProgramData\Pokki
Deleted C:\Users\Public\Pokki
Deleted C:\Users\Vláďa Jindřich\AppData\Local\Pokki
Deleted C:\Program Files\Booking.com
Deleted C:\Users\Vláďa Jindřich\AppData\LocalLow\Tbccint
Deleted C:\Users\Vláďa Jindřich\AppData\Local\SweetLabs App Platform
Deleted C:\Windows\SysWOW64\config\systemprofile\AppData\Local\LavasoftTcpService
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion

***** [ Files ] *****

Deleted C:\Users\Vláďa Jindřich\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokki Start Menu.lnk
Deleted C:\Users\Vláďa Jindřich\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Free YouTube Downloader.lnk
Deleted C:\Users\Vláďa Jindřich\Favorites\Booking.com.url
Deleted C:\Users\Vláďa Jindřich\AppData\Roaming\Mozilla\Firefox\Profiles\2lwv32hy.default\searchplugins\securesearch.xml
Deleted C:\Windows\System32\LavasoftTcpService64.dll
Deleted C:\Windows\System32\LavasoftTcpServiceOff.ini
Deleted C:\Windows\SysWOW64\LavasoftTcpServiceOff.ini
Deleted C:\Windows\SysWOW64\lavasofttcpservice.dll
Deleted C:\END
Deleted C:\Users\Vláďa Jindřich\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted C:\Windows\System32\Tasks\SweetLabs App Platform

***** [ Registry ] *****

Deleted HKCU\Software\SweetLabs App Platform
Deleted HKCU\Software\Classes\lnkfile\shell\pokki
Deleted HKCU\Software\Classes\Drive\shell\pokki
Deleted HKCU\Software\Classes\Directory\shell\pokki
Deleted HKCU\Software\Classes\AllFileSystemObjects\shell\pokki
Deleted HKCU\Software\Classes\pokki
Deleted HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\TBDEn|SBOEM3
Deleted HKCU\Software\Conduit
Deleted HKLM\Software\Wow6432Node\Conduit
Deleted HKCU\Software\AppDataLow\Software\TbccintSearchScopes
Deleted HKCU\Software\AppDataLow\Software\Tbccint
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Web Companion
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Web Companion
Deleted HKCU\Software\AppDataLow\Software\Smartbar
Deleted HKCU\Software\Appscion
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_Start_Menu
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_AP
Deleted HKLM\Software\Wow6432Node\Classes\AppID\OverlayIcon.DLL
Deleted HKLM\SOFTWARE\Classes\AppID\OverlayIcon.DLL
Deleted HKLM\Software\Wow6432Node\Classes\TypeLib\{ADF1FA2A-6EAA-4A97-A55F-3C8B92843EF5}
Deleted HKLM\Software\Classes\TypeLib\{ADF1FA2A-6EAA-4A97-A55F-3C8B92843EF5}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{7BCA6879-A9F8-47DE-AE05-F5CE7EA3A474}
Deleted HKLM\Software\Classes\Interface\{7BCA6879-A9F8-47DE-AE05-F5CE7EA3A474}
Deleted HKLM\Software\Wow6432Node\Classes\TypeLib\{ED62BC6E-64F1-46BE-866F-4C8DC0DF7057}
Deleted HKLM\Software\Classes\TypeLib\{ED62BC6E-64F1-46BE-866F-4C8DC0DF7057}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{FCAA532B-E807-4027-940C-BA16B9D50105}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{CB31FF8F-BF80-4D2B-ADBE-12C6F5347890}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{9A754403-27B1-4ED7-96D7-588F07888EBF}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{8F010D54-C023-457F-AF03-497EACB6D519}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{472EF1D2-4AAE-470D-AE85-6AF8177916FD}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{3A5A5381-DAAF-4C0D-B032-2C66B3EE4A8D}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{26C7AFDB-3690-449E-B979-B0AF5CC56DD4}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{0015CAC9-FC30-4CD0-BFAA-7412CC2C4DD9}
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{3A1209A4-8568-40F0-9B5E-4A06A2A06417}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{3A1209A4-8568-40F0-9B5E-4A06A2A06417}
Deleted HKLM\Software\Classes\CLSID\{3A1209A4-8568-40F0-9B5E-4A06A2A06417}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FDAB0711-164D-413B-9750-06BDC7DAF6EB}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SweetLabs App Platform
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C0C3A6C6-03BC-4195-8FCB-AEA091301353}
Deleted HKCU\Software\Microsoft\Internet Explorer\Main|Start Page
Deleted HKCU\Software\AppDataLow\Toolbar
Deleted HKCU\Software\Lavasoft\Web Companion
Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKLM\Software\Wow6432Node\Classes\AppID\LavasoftTcpService.exe
Deleted HKLM\SOFTWARE\Classes\AppID\LavasoftTcpService.exe
Deleted HKLM\Software\Wow6432Node\Classes\AppID\{2CE0F1DC-C504-4B7B-A385-D94A2531DFFB}
Deleted HKLM\Software\Classes\AppID\{2CE0F1DC-C504-4B7B-A385-D94A2531DFFB}

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

Deleted nemocnice-vs.cz

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

Not Deleted api.bing.com

*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [7875 octets] - [18/10/2018 13:25:16]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Dejte nový log FRST.

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
SearchScopes: HKU\S-1-5-21-2935905808-1350214744-1915146757-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2935905808-1350214744-1915146757-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2935905808-1350214744-1915146757-1001 -> {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL =
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
C:\Windows\System32\Tasks\{A4BA7CC1-C01E-4DE1-9E26-C8365E5E2AA1}
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\Vláďa Jindřich\AppData\Local\Temp
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
Task: {0D8A891D-890C-4808-84D8-2F436AB14653} - \Microsoft\Windows\Application Experience\AitAgent -> No File <==== ATTENTION
Task: {1274336E-AB06-46B6-A48C-0671C5557CC6} - \Microsoft\Windows\TaskScheduler\Maintenance Configurator -> No File <==== ATTENTION
Task: {1687544D-7247-4F5A-965A-A6E920E55278} - \Microsoft\Windows\TaskScheduler\Manual Maintenance -> No File <==== ATTENTION
Task: {66741BFC-C503-4D54-9E60-BA8E4D78D072} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {6F02587F-8A2B-4552-97F6-DEEF229E335B} - \Microsoft\Windows\TaskScheduler\Idle Maintenance -> No File <==== ATTENTION
Task: {B11FDFCD-3EF1-4E41-A515-1170A8FD9A0F} - System32\Tasks\{A4BA7CC1-C01E-4DE1-9E26-C8365E5E2AA1} => C:\Windows\system32\pcalua.exe -a "C:\Users\Vláďa Jindřich\Desktop\Age of Empires 2 + Conquerors [CZ]\aoe2\SETUPREG.EXE" -d "C:\Users\Vláďa Jindřich\Desktop\Age of Empires 2 + Conquerors [CZ]\aoe2"
Task: {B7992938-01F1-4F40-A0EC-0D23D2F0F152} - \Microsoft\Windows\TaskScheduler\Regular Maintenance -> No File <==== ATTENTION
Task: {CC3DBB46-43E0-4147-85FC-57EA940FA94B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - \Microsoft\Windows\SettingSync\BackupTask -> No File <==== ATTENTION

EmptyTemp:
End

Uložte do C:\Users\Vláďa Jindřich\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Potřebuji vidět obsah souboru fixlog.txt. Měl by být v C:\Users\Vláďa Jindřich\Downloads.

Fix result of Farbar Recovery Scan Tool (x64) Version: 10.10.2018
Ran by Vláďa Jindřich (18-10-2018 16:59:11) Run:1
Running from C:\Users\Vláďa Jindřich\Downloads
Loaded Profiles: Vláďa Jindřich (Available Profiles: Vláďa Jindřich)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
SearchScopes: HKU\S-1-5-21-2935905808-1350214744-1915146757-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2935905808-1350214744-1915146757-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2935905808-1350214744-1915146757-1001 -> {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL =
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
C:\Windows\System32\Tasks\{A4BA7CC1-C01E-4DE1-9E26-C8365E5E2AA1}
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\Vláďa Jindřich\AppData\Local\Temp
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
Task: {0D8A891D-890C-4808-84D8-2F436AB14653} - \Microsoft\Windows\Application Experience\AitAgent -> No File <==== ATTENTION
Task: {1274336E-AB06-46B6-A48C-0671C5557CC6} - \Microsoft\Windows\TaskScheduler\Maintenance Configurator -> No File <==== ATTENTION
Task: {1687544D-7247-4F5A-965A-A6E920E55278} - \Microsoft\Windows\TaskScheduler\Manual Maintenance -> No File <==== ATTENTION
Task: {66741BFC-C503-4D54-9E60-BA8E4D78D072} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {6F02587F-8A2B-4552-97F6-DEEF229E335B} - \Microsoft\Windows\TaskScheduler\Idle Maintenance -> No File <==== ATTENTION
Task: {B11FDFCD-3EF1-4E41-A515-1170A8FD9A0F} - System32\Tasks\{A4BA7CC1-C01E-4DE1-9E26-C8365E5E2AA1} => C:\Windows\system32\pcalua.exe -a "C:\Users\Vláďa Jindřich\Desktop\Age of Empires 2 + Conquerors [CZ]\aoe2\SETUPREG.EXE" -d "C:\Users\Vláďa Jindřich\Desktop\Age of Empires 2 + Conquerors [CZ]\aoe2"
Task: {B7992938-01F1-4F40-A0EC-0D23D2F0F152} - \Microsoft\Windows\TaskScheduler\Regular Maintenance -> No File <==== ATTENTION
Task: {CC3DBB46-43E0-4147-85FC-57EA940FA94B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - \Microsoft\Windows\SettingSync\BackupTask -> No File <==== ATTENTION

EmptyTemp:
End
*****************

Processes closed successfully.
"HKU\S-1-5-21-2935905808-1350214744-1915146757-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-2935905808-1350214744-1915146757-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
HKU\S-1-5-21-2935905808-1350214744-1915146757-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} => removed successfully
HKLM\Software\Classes\CLSID\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} => not found
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki => removed successfully
C:\Windows\System32\Tasks\{A4BA7CC1-C01E-4DE1-9E26-C8365E5E2AA1} => moved successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
C:\Users\Vláďa Jindřich\AppData\Local\Temp => moved successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0D8A891D-890C-4808-84D8-2F436AB14653}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0D8A891D-890C-4808-84D8-2F436AB14653}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Application Experience\AitAgent" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1274336E-AB06-46B6-A48C-0671C5557CC6}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1274336E-AB06-46B6-A48C-0671C5557CC6}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\TaskScheduler\Maintenance Configurator" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1687544D-7247-4F5A-965A-A6E920E55278}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1687544D-7247-4F5A-965A-A6E920E55278}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\TaskScheduler\Manual Maintenance" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{66741BFC-C503-4D54-9E60-BA8E4D78D072}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{66741BFC-C503-4D54-9E60-BA8E4D78D072}" => removed successfully
"C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6F02587F-8A2B-4552-97F6-DEEF229E335B}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6F02587F-8A2B-4552-97F6-DEEF229E335B}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\TaskScheduler\Idle Maintenance" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B11FDFCD-3EF1-4E41-A515-1170A8FD9A0F}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B11FDFCD-3EF1-4E41-A515-1170A8FD9A0F}" => removed successfully
"C:\Windows\System32\Tasks\{A4BA7CC1-C01E-4DE1-9E26-C8365E5E2AA1}" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A4BA7CC1-C01E-4DE1-9E26-C8365E5E2AA1}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B7992938-01F1-4F40-A0EC-0D23D2F0F152}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B7992938-01F1-4F40-A0EC-0D23D2F0F152}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\TaskScheduler\Regular Maintenance" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{CC3DBB46-43E0-4147-85FC-57EA940FA94B}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CC3DBB46-43E0-4147-85FC-57EA940FA94B}" => removed successfully
"C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CFD7C21A-808B-487B-A6EC-8A10E44E8360}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CFD7C21A-808B-487B-A6EC-8A10E44E8360}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\SettingSync\BackupTask" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 6364816 B
Java, Flash, Steam htmlcache => 1427 B
Windows/system/drivers => 775954082 B
Edge => 0 B
Chrome => 578880994 B
Firefox => 1263463050 B
Opera => 31539382 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 0 B
LocalService => 1654836 B
NetworkService => 18282 B
Vláďa Jindřich => 177147823 B

RecycleBin => 7592501247 B
EmptyTemp: => 9.7 GB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 17:07:50 ====

OK. Nastala nějaká změna?

co se tyce systemu, tak zmena k lepsimu nastala ... co se tyce nacitani stranek, tak problem stale pretrvava a to predevsim u nacitani stranek typu youtube, sledovani tv atd. ( objevi se hlaska, ze "tato stranka zpomaluje prohlizec ...", pouzivam MozilluFirefox )

Zkusíme ještě vyčistit prohlížeče. Spusťte postupně tyto utility:

1. Stahnete Zoek.exe http://download.bleepingcomputer.com/smeenk/zoek.exe a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize

autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;

Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.

a

2. Junkware removal tool: https://www.stahuj.cz/utility_a_ostatni ... [oz]=8.1.0
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.

ZOEK REPORT

Zoek.exe v5.0.0.2 Updated 03-May-2018(Online Version)
Tool run by Vl Ôa Jindýich on źt 18. 10. 2018 at 20:40:04,08.
Microsoft Windows 8.1 s aplikací Bing 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\VLAJIN~1\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

18. 10. 2018 20:49:37 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\Program Files\Common Files\AV deleted successfully
C:\Users\VLAJIN~1\AppData\Local\Adobe deleted successfully
C:\Users\VLAJIN~1\AppData\Local\EmieBrowserModeList deleted successfully
C:\Users\VLAJIN~1\AppData\Local\EmieSiteList deleted successfully
C:\Users\VLAJIN~1\AppData\Local\EmieUserList deleted successfully

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== FireFox Fix ======================

Deleted from C:\Users\VLAJIN~1\AppData\Roaming\Mozilla\Firefox\Profiles\2lwv32hy.default\prefs.js:
user_pref("browser.startup.homepage", "google.com");
user_pref("browser.newtab.url", "https://search.yahoo.com/yhs/web?hspart ... 1123__yaff");
user_pref("browser.search.defaultenginename", "Ad-Aware SecureSearch");
user_pref("browser.search.selectedEngine", "Ad-Aware SecureSearch");
user_pref("browser.search.useDBForOrder", true);

Added to C:\Users\VLAJIN~1\AppData\Roaming\Mozilla\Firefox\Profiles\2lwv32hy.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\VLAJIN~1\AppData\Roaming\Mozilla\Firefox\Profiles\2lwv32hy.default

user.js not found
---- Lines CT3329621 removed from prefs.js ----
user_pref("CT3329621.dum", "2");
user_pref("CT3329621.fullUserID", "UN29022901952567117.IN.20150101110524");
user_pref("CT3329621.installerVersion", "1.11.0.11");
user_pref("CT3329621.toolbarInstallDate", "01-01-2015 11:05:25");
user_pref("CT3329621.UserID", "UN29022901952567117");
user_pref("CT3329621.versionFromInstaller", "10.35.0.3");
user_pref("CT3329621.xpeMode", "1");
---- Lines yahoo removed from prefs.js ----
user_pref("browser.newtabpage.url", "https://search.yahoo.com/yhs/web?hspart ... FYD_161123__
---- Lines searchengine removed from prefs.js ----
user_pref("browser.pageActions.persistedActions", "{\"version\":1,\"ids\":[\"bookmark\",\"bookmarkSeparator\",\"copyURL\",\"emailLink\",\"sendToDevice
---- Lines searches removed from prefs.js ----
user_pref("browser.urlbar.suggest.searches", false);
---- Lines smartbar removed from prefs.js ----
user_pref("smartbar.machineId", "NPAID/HBHX4FJXHOSZRT3399CC0HWU2ACSRWZ8ESBL7ORBKMXY8+JSN0SHV25WEK8RN/DVVZQYL9YR8VN6JO0W");
---- FireFox user.js and prefs.js backups ----

prefs_201818.10._2235_.backup

==== Deleting Files \ Folders ======================

C:\windows\SysNative\Tasks\Software Update Application deleted
C:\PROGRA~2\Lavasoft\Web Companion deleted
C:\PROGRA~3\Lavasoft\Web Companion deleted
C:\PROGRA~3\{69533018-33A8-4C46-869A-11AA2CDF4EDC} deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Default\AppData\Local\Pokki deleted
C:\Users\VLAJIN~1\AppData\Local\Lavasoft\WebCompanion.exe_Url_siq0lwf3tzgxp2khfkllybk3idtbehng deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Lavasoft\WebCompanion.exe_Url_siq0lwf3tzgxp2khfkllybk3idtbehng deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\windows\SysNative\Tasks\AvastUpdateTaskMachineCore deleted
C:\windows\SysNative\Tasks\AvastUpdateTaskMachineUA deleted
C:\Users\VLAJIN~1\AppData\Roaming\Mozilla\Firefox\Profiles\2lwv32hy.default\CT3329621 deleted
"C:\Windows\Installer\91a56.msi" deleted
"C:\Users\VLAJIN~1\AppData\Local\AVAST Software\APM\Vláďa JindřichFfl2.dat" deleted
"C:\Users\VLAJIN~1\AppData\Local\AVAST Software" not deleted
"C:\Users\VLAJIN~1\AppData\Local\AVAST Software\APM" not deleted
"C:\Users\VLAJIN~1\AppData\Local\AVAST Software\APM\Vláďa Jindřich" deleted

==== Orphaned Tasks deleted from Registry ======================

AvastUpdateTaskMachineCore deleted
AvastUpdateTaskMachineUA deleted
Software Update Application deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\VLAJIN~1\AppData\Roaming\Mozilla\Firefox\Profiles\2lwv32hy.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions ======================

ProfilePath: C:\Users\VLAJIN~1\AppData\Roaming\Mozilla\Firefox\Profiles\2lwv32hy.default
- __MSG_avastAppName__ - %ProfilePath%\extensions\sp@avast.com.xpi
- Avast Online Security - %ProfilePath%\extensions\wrc@avast.com.xpi
- short_ __MSG_name__ - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

==== Firefox Plugins ======================

==== Chromium Look ======================

Google Chrome Version: 69.0.3497.100
Opera Browser Version: 55.0.2994.44
Opera Browser Version: 55.0.2994.61
Opera Browser Version: 56.0.3051.36
Opera Browser Version: 56.0.3051.43
Opera Browser Version: 56.0.3051.52

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
daanglpcpkjjlkhcbladppjphglbigam - No path found[]

Avast Online Security (BETA) - VLAJIN~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\daanglpcpkjjlkhcbladppjphglbigam
Avast Online Security - VLAJIN~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
Chrome Media Router - VLAJIN~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTer ... ORM=IE8SRC

==== Reset Google Chrome ======================

C:\Users\VLAJIN~1\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\VLAJIN~1\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\VLAJIN~1\Appdata\Roaming\Opera Software\Opera Stable\Preferences was reset successfully
C:\Users\VLAJIN~1\Appdata\Roaming\Opera Software\Opera Stable\Preferences.backup was reset successfully
C:\Users\VLAJIN~1\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\VLAJIN~1\AppData\Local\Google\Chrome\User Data\Default\Web Data copy was reset successfully
C:\Users\VLAJIN~1\AppData\Local\Google\Chrome\User Data\Default\Web Data.tmp was reset successfully
C:\Users\VLAJIN~1\Appdata\Roaming\Opera Software\Opera Stable\Web Data was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\02F6486B12843E11F869800002C0A966 deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{13709cc9-f8af-4eb6-9033-f7612f54d097} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B6846F20-4821-11E3-8F96-0800200C9A66} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\02F6486B12843E11F869800002C0A966 deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\VLAJIN~1\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\VLAJIN~1\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

C:\Users\VLAJIN~1\AppData\Local\Mozilla\Firefox\Profiles\2lwv32hy.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\VLAJIN~1\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully
C:\Users\VLAJIN~1\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=1395 folders=690 329630213 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\VLAJIN~1\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\VLAJIN~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\VLAJIN~1\AppData\Local\AVAST Software" not found

==== EOF on źt 18. 10. 2018 at 23:57:33,58 ======================

JRT REPORT

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 8.1 Connected x64
Ran by Vl Ôa Jindýich (Administrator) on p 19. 10. 2018 at 8:45:57,42
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

File System: 2

Successfully deleted: C:\Users\Vl Ôa Jindýich\AppData\Roaming\lavasoft\web companion (Folder)
Successfully deleted: C:\Program Files (x86)\ytd (Folder)

Deleted the following from C:\Users\Vl Ôa Jindýich\AppData\Roaming\Mozilla\Firefox\Profiles\2lwv32hy.default\prefs.js
user_pref(browser.urlbar.suggest.searches, false);

Registry: 0

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on p 19. 10. 2018 at 9:08:58,94
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

OK. Změnilo se něco po zásahu Zoek a Junkware?

bohuzel, zadna zretelna zmena neprobehla

VIRY.CZ

kontrola logu, zpomalený internet a systém

kontrola logu, zpomalený internet a systém

Re: kontrola logu, zpomalený internet a systém

Re: kontrola logu, zpomalený internet a systém

Re: kontrola logu, zpomalený internet a systém

Re: kontrola logu, zpomalený internet a systém

Re: kontrola logu, zpomalený internet a systém

Re: kontrola logu, zpomalený internet a systém

Re: kontrola logu, zpomalený internet a systém

Re: kontrola logu, zpomalený internet a systém

Re: kontrola logu, zpomalený internet a systém

Re: kontrola logu, zpomalený internet a systém

Re: kontrola logu, zpomalený internet a systém

Re: kontrola logu, zpomalený internet a systém

Re: kontrola logu, zpomalený internet a systém

Re: kontrola logu, zpomalený internet a systém