vyskakovací okna, otvírání nechtěných web. stránek

[baraba1]

Bohuzel.Stale stejne.Stale skacou nevyzadane stranky a nejvic nejaky program PC repair

[Rudy]

Udělejte následující skeny:

1. Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize

autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;

Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.

a

2. Junkware removal tool: http://thisisudax.org/downloads/JRT.exe
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.

[baraba1]

ZOEK
Zoek.exe v5.0.0.1 Updated 31-December-2015
Tool run by acer on po 07.03.2016 at 21:36:38,53.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\acer\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

7.3.2016 21:38:21 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\SearchYa! deleted successfully
C:\PROGRA~2\Sykpe deleted successfully
C:\PROGRA~2\COMMON~1\DivX Shared deleted successfully
C:\PROGRA~3\ac852925-00f3-0 deleted successfully
C:\PROGRA~3\ac852925-69b7-0 deleted successfully
C:\PROGRA~3\Boss Media deleted successfully
C:\Users\acer\AppData\Roaming\Media Player Classic deleted successfully
C:\Users\acer\AppData\Roaming\TP deleted successfully
C:\Users\acer\AppData\Roaming\Windows Live Writer deleted successfully
C:\Users\acer\AppData\Local\Boss Media deleted successfully
C:\Users\acer\AppData\Local\EmieBrowserModeList deleted successfully
C:\Users\acer\AppData\Local\EmieSiteList deleted successfully
C:\Users\acer\AppData\Local\EmieUserList deleted successfully
C:\Users\acer\AppData\Local\Skype deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1511965271-861068654-1920961887-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
HKEY_USERS\S-1-5-21-1511965271-861068654-1920961887-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
HKEY_USERS\S-1-5-21-1511965271-861068654-1920961887-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully
HKEY_USERS\S-1-5-21-1511965271-861068654-1920961887-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extension Compatibility\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ibupdaterservice deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\ibupdaterservice deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\relevantknowledge deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\relevantknowledge deleted successfully

==== FireFox Fix ======================

Deleted from C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\26vpf41l.default\prefs.js:
user_pref("backup.old.browser.startup.homepage", "http://cs.start3.mozilla.com/firefox?cl ... s:official");
user_pref("sweetim.toolbar.previous.browser.startup.homepage", "http://www.google.cz/");
user_pref("browser.startup.homepage", "");
user_pref("browser.search.defaulturl", "");
user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "Heuréka");
user_pref("backup.old.browser.search.selectedEngine", "Google");
user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "Heuréka");
user_pref("sweetim.toolbar.previous.keyword.URL", "http://search.icq.com/search/afe_result ... r=1.1.9&q=");
user_pref("browser.search.useDBForOrder", "false");

Added to C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\26vpf41l.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\26vpf41l.default

---- Lines searchya removed from prefs.js ----
user_pref("extensions.searchya.aflt", "foxtab");
user_pref("extensions.searchya.autoRvrt", false);
user_pref("extensions.searchya.cntry", "CZ");
user_pref("extensions.searchya.dfltLng", "");
user_pref("extensions.searchya.dfltlng", "en");
user_pref("extensions.searchya.dfltSrch", true);
user_pref("extensions.searchya.dfltsrch", true);
user_pref("extensions.searchya.dnsErr", true);
user_pref("extensions.searchya.envrmnt", "production");
user_pref("extensions.searchya.excTlbr", false);
user_pref("extensions.searchya.hdrMd5", "C36537FB1EF1B36F105B28539D3B3878");
user_pref("extensions.searchya.hmpg", true);
user_pref("extensions.searchya.hmpgUrl", "http://www.searchya.com/?s=0&a=foxtab&c ... CzytN0D0Tz
user_pref("extensions.searchya.hrdid", "E89A8FB368847369");
user_pref("extensions.searchya.id", "E89A8FB368847369");
user_pref("extensions.searchya.instlday", "15554");
user_pref("extensions.searchya.instlDay", "15554");
user_pref("extensions.searchya.instlref", "tc-100");
user_pref("extensions.searchya.instlRef", "tc-100");
user_pref("extensions.searchya.isDcmntCmplt", false);
user_pref("extensions.searchya.isdcmntcmplt", true);
user_pref("extensions.searchya.keywordurl", "");
user_pref("extensions.searchya.lastVrsnTs", "1.5.20.018:52:9");
user_pref("extensions.searchya.mntrvrsn", "1.3.0");
user_pref("extensions.searchya.newTab", true);
user_pref("extensions.searchya.newtab", true);
user_pref("extensions.searchya.newTabUrl", "http://www.searchya.com/?s=2&a=foxtab&c ... AyCzytN0D0
user_pref("extensions.searchya.newtaburl", "http://www.searchya.com/?s=2&a=foxtab&c ... AyCzytN0D0
user_pref("extensions.searchya.prdct", "searchya");
user_pref("extensions.searchya.propectorlck", 107106998);
user_pref("extensions.searchya.prtnrId", "searchya");
user_pref("extensions.searchya.prtnrid", "searchya");
user_pref("extensions.searchya.sg", "none");
user_pref("extensions.searchya.smplgrp", "none");
user_pref("extensions.searchya.smplGrp", "none");
user_pref("extensions.searchya.srch", "");
user_pref("extensions.searchya.srchPrvdr", "Search");
user_pref("extensions.searchya.srchprvdr", "Search");
user_pref("extensions.searchya.tlbrid", "base");
user_pref("extensions.searchya.tlbrId", "base");
user_pref("extensions.searchya.tlbrsrchurl", "http://www.searchya.com/?s=3&a=foxtab&c ... BtAyCzytN0
user_pref("extensions.searchya.tlbrSrchUrl", "http://www.searchya.com/?s=3&a=foxtab&c ... BtAyCzytN0
user_pref("extensions.searchya.vrsn", "1.5.20.0");
user_pref("extensions.searchya.vrsni", "1.5.20.0");
user_pref("extensions.searchya.vrsnTs", "1.5.20.018:52:9");
user_pref("extensions.searchya.vrsnts", "1.5.20.018:52:9");
user_pref("extensions.searchya_i.newTab", true);
user_pref("extensions.searchya_i.smplGrp", "none");
user_pref("extensions.searchya_i.vrsnTs", "1.5.20.018:52:9");
user_pref("extensions.xpiState", "{\"app-profile\":{\"ffxtlbr@searchya.com\":{\"d\":\"C:\\\\Users\\\\acer\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\
---- Lines searchya modified from prefs.js ----

user_pref("extensions.enabledAddons", "ffxtlbr%40searchya.com:1.5.0,%7B5ebdca98-43b3-45bb-87e0-716029fb42ab%7D:9.5.3,%7Bf15bff6b-a869-4516-bf6b-589ff3
---- Lines searchya removed from user.js ----

user_pref("extensions.searchya.hmpg", true);
user_pref("extensions.searchya.hmpgUrl", "http://www.searchya.com/?s=0&a=foxtab&c ... =371229949");
user_pref("extensions.searchya.dfltSrch", true);
user_pref("extensions.searchya.srchPrvdr", "Search");
user_pref("extensions.searchya.dnsErr", true);
user_pref("extensions.searchya_i.newTab", true);
user_pref("extensions.searchya.newTabUrl", "http://www.searchya.com/?s=2&a=foxtab&c ... =371229949");
user_pref("extensions.searchya.tlbrSrchUrl", "http://www.searchya.com/?s=3&a=foxtab&c ... 1229949&q=");
user_pref("extensions.searchya.id", "E89A8FB368847369");
user_pref("extensions.searchya.instlDay", "15554");
user_pref("extensions.searchya.vrsn", "1.5.20.0");
user_pref("extensions.searchya.vrsni", "1.5.20.0");
user_pref("extensions.searchya_i.vrsnTs", "1.5.20.018:52:9");
user_pref("extensions.searchya.prtnrId", "searchya");
user_pref("extensions.searchya.prdct", "searchya");
user_pref("extensions.searchya.aflt", "foxtab");
user_pref("extensions.searchya_i.smplGrp", "none");
user_pref("extensions.searchya.tlbrId", "base");
user_pref("extensions.searchya.instlRef", "tc-100");
user_pref("extensions.searchya.dfltLng", "");
user_pref("extensions.searchya.excTlbr", false);
user_pref("extensions.searchya.autoRvrt", false);
user_pref("extensions.searchya.envrmnt", "production");
user_pref("extensions.searchya.isdcmntcmplt", true);
user_pref("extensions.searchya.mntrvrsn", "1.3.0");

---- Lines Steel Cut removed from prefs.js ----
user_pref("extensions.Steel Cut.asul", "1445004728924");
user_pref("extensions.Steel Cut.aul", "1445004714515");
user_pref("extensions.Steel Cut.irl", true);
user_pref("extensions.Steel Cut.is", "IM27lsCZ");
user_pref("extensions.Steel Cut.ug", "D8320EF7-91CE-4A07-BBF5-3FF2194010B4");
---- Lines nspdl removed from prefs.js ----
user_pref("extensions.nspdl.data.activeDate", "20151015");
user_pref("extensions.nspdl.data.aliveDate", "20151015");
user_pref("extensions.nspdl.data.cc", "cz");
user_pref("extensions.nspdl.data.configDate", "20151015");
user_pref("extensions.nspdl.data.instlDate", "20131009");
user_pref("extensions.nspdl.data.u0311", "1");
user_pref("extensions.nspdl.data.u0316", "1");
user_pref("extensions.nspdl.data.u0327", "1");
user_pref("extensions.nspdl.general.content", "favorites-b416293cfb42392e031e53840178957b");
user_pref("extensions.nspdl.general.firstRun", false);
user_pref("extensions.nspdl.general.guid", "4e529242-fc6b-4ce1-91d9-9a5c7beaca58");
user_pref("extensions.nspdl.general.version", "9.5.3");
---- Lines 5ebdca98-43b3-45bb-87e0-716029fb42ab modified from prefs.js ----

user_pref("extensions.enabledAddons", "ffxtlbr%40disabled.com:1.5.0,%7B5ebdca98-43b3-45bb-87e0-716029fb42ab%7D:9.5.3,%7Bf15bff6b-a869-4516-bf6b-589ff3
---- Lines searches removed from prefs.js ----
user_pref("icqtoolbar.numberOfSearches", 0);
---- Lines mysearch removed from prefs.js ----
user_pref("sweetim.toolbar.urls.homepage", "http://mysearch.sweetpacks.com/?src=10& ... Il1wN95L00
---- FireFox user.js and prefs.js backups ----

user_07.03.2016_2158_.backup
prefs_07.03.2016_2158_.backup

==== Deleting Files \ Folders ======================

C:\PROGRA~2\SearchYa! not found
C:\PROGRA~2\Sykpe not found
C:\PROGRA~3\DivX deleted
C:\PROGRA~2\sweetpacks bundle uninstaller_SweetPlayer_1348381 deleted
C:\PROGRA~2\ICQ6Toolbar deleted
C:\PROGRA~2\SweetPlayer deleted
C:\Users\acer\AppData\Roaming\RHEng deleted
C:\Users\acer\AppData\Roaming\msxml4.dll deleted
C:\Users\acer\AppData\Roaming\msxml4a.dll deleted
C:\Users\acer\AppData\Roaming\msxml4r.dll deleted
C:\Users\acer\AppData\Roaming\OpenCandy deleted
C:\PROGRA~3\Ask deleted
C:\PROGRA~3\ICQ deleted
C:\PROGRA~3\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\acer\AppData\Local\speeddial.crx deleted
C:\Users\acer\AppData\Local\Software deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SweetPlayer deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge deleted
C:\Users\acer\Downloads\ReimageRepair.exe deleted
C:\Users\acer\AppData\LocalLow\SkwConfig.bin deleted
C:\Windows\Reimage.ini deleted
C:\Windows\wininit.ini deleted
C:\windows\SysNative\drivers\{16639074-5f95-4d8e-b6d1-74ba7cd0c9d9}Gw64.sys deleted
C:\windows\SysNative\drivers\{c9f54c4b-aee6-4718-be37-986ac8510887}Gw64.sys deleted
C:\windows\SysNative\drivers\{f15bff6b-a869-4516-bf6b-589ff320de09}Gw64.sys deleted
C:\Windows\SysNative\rlls64.dll deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\Windows\Syswow64\jmdp deleted
C:\Windows\Syswow64\ARFC deleted
C:\Windows\Syswow64\WNLT deleted
C:\Windows\Syswow64\rlls.dll deleted
C:\Windows\Syswow64\sho582B.tmp deleted
C:\Windows\Syswow64\sho85CD.tmp deleted
C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\26vpf41l.default\ICQToolbarData deleted
C:\Users\Public\Desktop\SweetPlayer.lnk deleted
C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\26vpf41l.default\nspdl deleted
"C:\Windows\Installer\dfac11.msi" deleted
"C:\Windows\Installer\dfac11.msi" deleted
"C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\26vpf41l.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi" deleted
"C:\windows\SysNative\dmwu.exe" deleted
"C:\Programdata\Windows\msxx.dat" deleted
"C:\Programdata\Windows\vvve.dat" deleted
"C:\Programdata\Windows\wjdj.dat" deleted
"C:\Windows\Syswow64\mjcm\dnkt.exe" deleted
"C:\Windows\Syswow64\mjcm\ImHttpComm.dll" deleted
"C:\Windows\Syswow64\mjcm\msvcp100.dll" deleted
"C:\Windows\Syswow64\mjcm\msvcr100.dll" deleted
"C:\windows\SysNative\tprb\dnkt.exe" deleted
"C:\windows\SysNative\tprb\ImHttpComm.dll" deleted
"C:\windows\SysNative\tprb\msvcp100.dll" deleted
"C:\windows\SysNative\tprb\msvcr100.dll" not deleted
"C:\Windows\Syswow64\mjcm\5154\ImHttpComm.dll" deleted
"C:\Windows\Syswow64\mjcm\5154\msvcp100.dll" deleted
"C:\Windows\Syswow64\mjcm\5154\msvcr100.dll" not deleted
"C:\Windows\Syswow64\mjcm\5154\nsib.dll" deleted
"C:\windows\SysNative\tprb\5154\ImHttpComm.dll" deleted
"C:\windows\SysNative\tprb\5154\msvcp100.dll" deleted
"C:\windows\SysNative\tprb\5154\msvcr100.dll" not deleted
"C:\windows\SysNative\tprb\5154\nsib.dll" deleted
"C:\Programdata\Windows" deleted
"C:\Windows\Syswow64\mjcm" not deleted
"C:\windows\SysNative\tprb" not deleted
"C:\Windows\Syswow64\mjcm\5154" not deleted
"C:\windows\SysNative\tprb\5154" not deleted

==== Orphaned Tasks deleted from Registry ======================

clear.fiMovieService.exe_1750260402 deleted
{B919E568-7FC5-47D4-9EE6-457C9A867A75} deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\26vpf41l.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{0153E448-190B-4987-BDE1-F256CADA672F}"="C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext" [23.08.2012 14:42]

==== Firefox Extensions ======================

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
- Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\26vpf41l.default
E32771B0AE3F18CEFFC12D682025238A - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll - RealPlayer(tm) HTML5VideoShim Plug-In (32-bit)
555E65306A5D3A5978BE74E1DD62CDD9 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll - RealNetworks(tm) Chrome Background Extension Plug-In (32-bit)
15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System


==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
cjpglkicenollcignonpgiafdgfeehoj - C:\Users\acer\AppData\Local\speeddial.crx[]
jfmjfhklogoienhpfnppmbcbjfjnkonk - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx[23.08.2012 14:42]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
cjpglkicenollcignonpgiafdgfeehoj - C:\Users\acer\AppData\Local\speeddial.crx[]

==== Chromium Fix ======================

C:\Users\acer\AppData\Roaming\Opera Software\Opera Stable\Local Storage\http_nps.pastaleads.com_0.localstorage deleted successfully
C:\Users\acer\AppData\Roaming\Opera Software\Opera Stable\Local Storage\http_nps.pastaleads.com_0.localstorage-journal deleted successfully
C:\Users\acer\AppData\Roaming\Opera Software\Opera Stable\Local Storage\https_d19tqk5t6qcjac.cloudfront.net_0.localstorage deleted successfully
C:\Users\acer\AppData\Roaming\Opera Software\Opera Stable\Local Storage\https_d19tqk5t6qcjac.cloudfront.net_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTer ... ORM=IESR02

==== Reset Google Chrome ======================

C:\Users\acer\AppData\Roaming\Opera Software\Opera Stable\Preferences was reset successfully
C:\Users\acer\AppData\Roaming\Opera Software\Opera Stable\Web Data was reset successfully
C:\Users\acer\AppData\Roaming\Opera Software\Opera Stable\Web Data-journal was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\5EC33E4FBA7A86F47A7E0FAA48FED2E9 deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj deleted successfully
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{d08d9f98-1c78-4704-87e6-368b0023d831} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F4E33CE5-A7AB-4F68-A7E7-F0AA84EF2D9E} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WNLT deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{3F5700A1-5116-4BAA-9AD8-3FB238BE9334}_is1 deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\5EC33E4FBA7A86F47A7E0FAA48FED2E9 deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\acer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\acer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IM01F6VP will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\acer\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=942 folders=330 340050972 bytes)

==== Empty Temp Folders ======================

C:\Users\acer\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\acer\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\windows\SysNative\tprb\msvcr100.dll" deleted
"C:\Windows\Syswow64\mjcm\5154\msvcr100.dll" not found
"C:\windows\SysNative\tprb\5154\msvcr100.dll" deleted
"C:\windows\SysNative\dmwu.exesearch" deleted
"C:\Windows\Syswow64\mjcm" not found
"C:\windows\SysNative\tprb" deleted
"C:\Users\acer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IM01F6VP" deleted

==== EOF on po 07.03.2016 at 22:21:10,16 ======================

[baraba1]

JRT exe mi nejde spustit
Pise to není platna aplikace WIN32

[Rudy]

I tak. Změnilo se něco teď?

[baraba1]

Bohuzel stále stejne

[Rudy]

Udělejte ještě kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic neamžte.

[baraba1]

provedu
dekuji

[Rudy]

OK.

[baraba1]

alwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 8.3.2016
Čas skenování: 18:18
Protokol: anti-malaware.txt
Správce: Ano

Verze: 2.2.0.1024
Databáze malwaru: v2016.03.08.05
Databáze rootkitů: v2016.02.27.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: acer

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 361018
Uplynulý čas: 34 min, 32 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 38
PUP.Optional.ColorMedia, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\GamesAppIntegrationService, , [fe572c5933661125bcf67f455aa88080],
PUP.Optional.SweetPacks, HKLM\SOFTWARE\CLASSES\Toolbar3.SWEETIE, , [ce875e271584f541004174218a789b65],
PUP.Optional.SweetPacks, HKLM\SOFTWARE\CLASSES\Toolbar3.SWEETIE.1, , [2134ef965e3b4aece35ed9bcf30fc739],
PUP.Optional.SweetPacks, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Toolbar3.SWEETIE, , [2134ef965e3b4aece35ed9bcf30fc739],
PUP.Optional.SweetPacks, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Toolbar3.SWEETIE.1, , [2134ef965e3b4aece35ed9bcf30fc739],
PUP.Optional.SweetPacks, HKLM\SOFTWARE\CLASSES\WOW6432NODE\Toolbar3.SWEETIE, , [2134ef965e3b4aece35ed9bcf30fc739],
PUP.Optional.SweetPacks, HKLM\SOFTWARE\CLASSES\WOW6432NODE\Toolbar3.SWEETIE.1, , [2134ef965e3b4aece35ed9bcf30fc739],
PUP.Optional.SweetPacks, HKLM\SOFTWARE\CLASSES\SWEETIE.IEToolbar, , [d77e5b2a6d2cd363062518a2966cc53b],
PUP.Optional.SweetPacks, HKLM\SOFTWARE\CLASSES\SWEETIE.IEToolbar.1, , [9fb6632243567abc909b467460a2b749],
PUP.Optional.SweetPacks, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SWEETIE.IEToolbar, , [9fb6632243567abc909b467460a2b749],
PUP.Optional.SweetPacks, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SWEETIE.IEToolbar.1, , [9fb6632243567abc909b467460a2b749],
PUP.Optional.SweetPacks, HKLM\SOFTWARE\CLASSES\WOW6432NODE\SWEETIE.IEToolbar, , [9fb6632243567abc909b467460a2b749],
PUP.Optional.SweetPacks, HKLM\SOFTWARE\CLASSES\WOW6432NODE\SWEETIE.IEToolbar.1, , [9fb6632243567abc909b467460a2b749],
PUP.Optional.SweetIM, HKLM\SOFTWARE\SweetIM, , [183d850072270f27a39b45de7b89a759],
PUP.Optional.SweetIM, HKLM\SOFTWARE\CLASSES\SweetIM_URLSearchHook.ToolbarURLSearchHook, , [60f5d9ac0693d75fc57147dca65ec43c],
PUP.Optional.SweetIM, HKLM\SOFTWARE\CLASSES\SweetIM_URLSearchHook.ToolbarURLSearchHook.1, , [4d08e0a532675dd9ab8b889bdf25d729],
PUP.Optional.DNSUnlocker, HKLM\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\ROOT\CERTIFICATES\26D9E607FFF0C58C7844B47FF8B6E079E5A2220E, , [d77e4d38f5a484b27d2bd0a2eb1918e8],
PUP.Optional.DNSUnlocker.BrwsrFlsh, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{E1527582-8509-4011-B922-29E3FB548882}_is1, , [30257a0b5841bd7921d18df040c4e41c],
PUP.Optional.InstallBrain, HKLM\SOFTWARE\WNLT, , [470e01844a4f4de95c947295bf4545bb],
PUP.Optional.SweetIM, HKLM\SOFTWARE\WOW6432NODE\SweetIM, , [4d08acd920794cea9ba3db48b74dd828],
PUP.Optional.SweetIM, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SweetIM_URLSearchHook.ToolbarURLSearchHook, , [64f19de880193df9f24455ce92727a86],
PUP.Optional.SweetIM, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SweetIM_URLSearchHook.ToolbarURLSearchHook.1, , [490c64216534fe3848ee3ae9d331d12f],
PUP.Optional.DNSUnlocker, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\SYSTEMCERTIFICATES\ROOT\CERTIFICATES\26D9E607FFF0C58C7844B47FF8B6E079E5A2220E, , [ce87d2b36c2d78be6345660c976d7b85],
PUP.Optional.RelevantKnowledge, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\rlvknlg_RASAPI32, , [173eea9b49505dd9080fd13fac5711ef],
PUP.Optional.RelevantKnowledge, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\rlvknlg_RASMANCS, , [ce871075e3b6d26424f31df30df68c74],
PUP.Optional.DNSUnlocker.BrwsrFlsh, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{E1527582-8509-4011-B922-29E3FB548882}_is1, , [b79e92f3a1f8b87e1225601d7d8740c0],
PUP.Optional.DNSUnlocker.EncJob, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{7E9446CA}, , [d0858bfa6435cc6a20616a140004916f],
PUP.Optional.RegCleanPro, HKLM\SOFTWARE\WOW6432NODE\SYSTWEAK\RegClean Pro, , [7cd92a5b1287fc3a29014dcca0648f71],
PUP.Optional.SystemSpeedup, HKLM\SOFTWARE\WOW6432NODE\SYSTWEAK\ssd, , [0b4a3b4ae3b69c9a0bd7f6326c9718e8],
PUP.Optional.Sanbreel, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\{16639074-5f95-4d8e-b6d1-74ba7cd0c9d9}Gw64, , [b4a1f68ff1a8eb4bdfe234e613f16a96],
PUP.Optional.Sanbreel, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\{c9f54c4b-aee6-4718-be37-986ac8510887}Gw64, , [f1642a5b772249ed922ffe1c57adf907],
PUP.Optional.Sanbreel, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\{f15bff6b-a869-4516-bf6b-589ff320de09}Gw64, , [1f36186d0e8b46f0e3ded545699b12ee],
PUP.Optional.SweetIM, HKU\S-1-5-18\SOFTWARE\SweetIM, , [56ff2c5915840432fa3f74af030143bd],
PUP.Optional.InstallBrain, HKU\S-1-5-18\SOFTWARE\WNLT, , [e86d058064351a1c846a63a4a460e917],
PUP.Optional.InstallCore, HKU\S-1-5-21-1511965271-861068654-1920961887-1000\SOFTWARE\InstallCore, , [d38288fdd4c5ef472fc5996e84800cf4],
PUP.Optional.SweetIM, HKU\S-1-5-21-1511965271-861068654-1920961887-1000\SOFTWARE\SweetIM, , [72e33154e6b311253900111263a1718f],
PUP.Optional.SystemSpeedup, HKU\S-1-5-21-1511965271-861068654-1920961887-1000\SOFTWARE\SYSTWEAK\ssd, , [ba9b3253dbbe3204f2ef72b6c63dc43c],
PUP.Optional.InstallBrain, HKU\S-1-5-21-1511965271-861068654-1920961887-1000\SOFTWARE\WNLT, , [4d086a1b9702191d5c92e3244bb911ef],

Hodnoty registru: 16
PUP.Optional.InstallBrain, HKLM\SOFTWARE\WNLT|PDV, [BLACKLIST=1] [CAPTURECHEXT=1], , [470e01844a4f4de95c947295bf4545bb]
PUP.Optional.DNSUnlocker.EncJob, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{7e9446ca}|1, 1457111131, , [d0858bfa6435cc6a20616a140004916f]
PUP.Optional.Perion, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{5FE3063F-CDFC-4D7B-B14E-171518414BDC}, v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Windows\System32\dmwu.exe|Name=dmwu|, , [d87d24615247fa3cb819cfaa8b790ef2]
PUP.Optional.Perion, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{889E9320-3412-4F15-8B54-2E5C28379B22}, v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Windows\System32\dmwu.exe|Name=dmwu|, , [0055fc89ecad1521834e4435a16360a0]
PUP.Optional.Perion, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{F4E7BE4D-F86F-47A8-BC69-7EA2BB10CAFF}, v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Windows\SysWOW64\ARFC\wrtc.exe|Name=wrtc|, , [bd9862239dfc4beb16ba3f3a1fe5a060]
PUP.Optional.Perion, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{49F3B141-8566-4F26-8BE7-A240A83F1156}, v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Windows\SysWOW64\ARFC\wrtc.exe|Name=wrtc|, , [b3a2c0c5f9a04cea08c886f3f311dd23]
PUP.Optional.Perion, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{27221FAC-2348-4D5E-91BE-0F0234AF6D48}, v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Windows\System32\dmwu.exe|Name=dmwu|, , [fe57f88df3a6e35303ce116817ed27d9]
PUP.Optional.Perion, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{3C70FE58-CD42-4793-BD57-452203AC04FB}, v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Windows\System32\dmwu.exe|Name=dmwu|, , [2b2a11745742280e3f9219604cb82fd1]
PUP.Optional.Perion, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{7DAD2101-89EF-476D-83AF-C835CF94D54D}, v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Windows\SysWOW64\ARFC\wrtc.exe|Name=wrtc|, , [b2a3a4e18712d066b8189edbc83c49b7]
PUP.Optional.Perion, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{80863D6A-1E13-44EA-8200-666F409E4BE6}, v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Windows\SysWOW64\ARFC\wrtc.exe|Name=wrtc|, , [91c45f264d4ca096d5fb621750b4966a]
PUP.Optional.RelevantKnowledge, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{9B75C9E9-72B3-4D92-A509-B3447C8F5236}, v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\RelevantKnowledge\rlvknlg.exe|Name=rlvknlg.exe|, , [ef66b4d18e0b39fde9ee5f1ab4507789]
PUP.Optional.RelevantKnowledge, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{E987570B-FABE-4C74-BBA3-A9EA0DAF4635}, v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\RelevantKnowledge\rlvknlg.exe|Name=rlvknlg.exe|, , [eb6a90f5980173c318bfc7b22ed643bd]
Trojan.DNSChanger.DNSRst, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\INTERFACES\{958CC223-F319-4BCC-BF7C-371EC47EB03F}|NameServer, 82.163.143.171 82.163.142.173, , [2f26295cf2a743f35ff4e68c43c113ed]
Trojan.DNSChanger.DNSRst, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\INTERFACES\{CE2B193A-94C9-4B60-A4F5-B13D456330D4}|NameServer, 82.163.143.171 82.163.142.173, , [57fe5e272f6aac8a95be1959788ccf31]
PUP.Optional.InstallBrain, HKU\S-1-5-18\SOFTWARE\WNLT|URL, MYSTART, , [e86d058064351a1c846a63a4a460e917]
PUP.Optional.InstallBrain, HKU\S-1-5-21-1511965271-861068654-1920961887-1000\SOFTWARE\WNLT|URL, MYSEARCH_SWEETPACKS, , [4d086a1b9702191d5c92e3244bb911ef]

Data registru: 1
Trojan.DNSChanger.DNSRst, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS|NameServer, 82.163.143.171 82.163.142.173, Dobré: (8.8.8.8), Špatné: (82.163.143.171 82.163.142.173),,[dd78275e8c0d37ffdb8e7b92de27d729]

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 10
PUP.Optional.ColorMedia, C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe, , [fe572c5933661125bcf67f455aa88080],
PUP.Optional.OpenCandy, C:\Users\acer\Documents\KMPlayer_EN_3.2.0.0.exe, , [8acbfc89afea2a0c15f6e0418f76738d],
PUP.Optional.SofTonic, C:\Users\acer\Documents\SoftonicDownloader_for_kmplayer.exe, , [b5a09fe6aced1c1ae07c5fe44bb625db],
PUP.Optional.PastaLeads, C:\Users\acer\AppData\Roaming\Opera Software\Opera Stable\Local Storage\http_nps.pastaleads.com_0.localstorage, , [d18441446633fb3b3f8deb496e965aa6],
PUP.Optional.PastaLeads, C:\Users\acer\AppData\Roaming\Opera Software\Opera Stable\Local Storage\http_nps.pastaleads.com_0.localstorage-journal, , [ff562d58fb9e290d6b6187ad0103dd23],
PUP.Optional.eShopComp, C:\Users\acer\AppData\Roaming\Opera Software\Opera Stable\Local Storage\http_pstatic.eshopcomp.com_0.localstorage, , [5203bcc9cacf57df2a59de9409fb3dc3],
PUP.Optional.eShopComp, C:\Users\acer\AppData\Roaming\Opera Software\Opera Stable\Local Storage\http_pstatic.eshopcomp.com_0.localstorage-journal, , [f065c4c17f1a4cea03802e442ada2bd5],
PUP.Optional.CrossRider, C:\Users\acer\AppData\Roaming\Opera Software\Opera Stable\Local Storage\https_d19tqk5t6qcjac.cloudfront.net_0.localstorage, , [d3821174fa9fad89825b21546f950cf4],
PUP.Optional.CrossRider, C:\Users\acer\AppData\Roaming\Opera Software\Opera Stable\Local Storage\https_d19tqk5t6qcjac.cloudfront.net_0.localstorage-journal, , [3b1ae79e5742bd79d607a0d508fc23dd],
PUM.Optional.FireFoxSearchOverride, C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\26vpf41l.default\user.js, , [d085c3c27e1b53e3dbbe46f1dc2904fc],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

[Rudy]

Všechny položky smažte.

[baraba1]

Smazano, bohuzel jsem v praci, nemohou odzkouset, co se zmenilo, nebot se nelze v praci pripojit na soukromy ntb.
Napisu zitra.
Zatim samozrejme dekuji

[Rudy]

OK. Zatím není zač!

[baraba1]

Zatím se zda,ze reklamy a nevyzdane stranky nevyskakuji.
Jen alwarebytes Anti-Malware hazi vpravo dole okenka, ze nevyzadane stranky byly blokovany

[Rudy]

V jakém se to děje prohlížeči?