VIRY.CZ

Zdravim, vim že je to sice starej šrot, je to pracovni.. ale takhle pomalej nebyl nikdy. Prosim pomožte.. děkuju

Logfile of random's system information tool 1.10 (written by random/random)
Run by Zuzka at 2016-09-22 22:59:28
Microsoft Windows 7 Starter Service Pack 1
System drive C: has 58 GB (57%) free of 102 GB
Total RAM: 1014 MB (44% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:59:40, on 22.9.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16545)
Boot mode: Normal

Running processes:
C:\windows\system32\taskhost.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\ExpressGateUtil\VAWinAgent.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\windows\system32\igfxsrvc.exe
C:\windows\system32\taskeng.exe
C:\Program Files\Common Files\InstantOn\InsOnWMI.exe
C:\windows\system32\taskhost.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Zuzka\Downloads\RSIT.exe
C:\Program Files\trend micro\Zuzka.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MIF5BA~1\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [HotkeyMon] AsusSender.exe C:\Program Files\ASUS\HotkeyService\HotKeyMon.exe
O4 - HKLM\..\Run: [HotkeyService] AsusSender.exe C:\Program Files\ASUS\HotkeyService\HotkeyService.exe
O4 - HKLM\..\Run: [SuperHybridEngine] AsusSender.exe C:\Program Files\ASUS\SHE\SuperHybridEngine.exe
O4 - HKLM\..\Run: [LiveUpdate] AsusSender.exe C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe auto
O4 - HKLM\..\Run: [CapsHook] AsusSender.exe C:\Program Files\ASUS\CapsHook\CapsHook.exe
O4 - HKLM\..\Run: [VAWinAgent] C:\ExpressGateUtil\VAWinAgent.exe
O4 - HKLM\..\Run: [ASUSPRP] C:\Program Files\ASUS\APRP\APRP.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\windows\system32\igfxpers.exe
O4 - Global Startup: AsusVibeLauncher.lnk = C:\Program Files\Asus\AsusVibe\AsusVibeLauncher.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MIF5BA~1\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Asus Launcher Service (AsusService) - Unknown owner - C:\windows\system32\AsusService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: VideAceWindowsService - Unknown owner - C:\ExpressGateUtil\VAWinService.exe

--
End of file - 5296 bytes

======Scheduled tasks folder======

C:\windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MIF5BA~1\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HotkeyMon"=AsusSender.exe C:\Program Files\ASUS\HotkeyService\HotKeyMon.exe []
"HotkeyService"=AsusSender.exe C:\Program Files\ASUS\HotkeyService\HotkeyService.exe []
"SuperHybridEngine"=AsusSender.exe C:\Program Files\ASUS\SHE\SuperHybridEngine.exe []
"LiveUpdate"=AsusSender.exe C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe auto []
"CapsHook"=AsusSender.exe C:\Program Files\ASUS\CapsHook\CapsHook.exe []
"VAWinAgent"=C:\ExpressGateUtil\VAWinAgent.exe [2011-03-24 45448]
"ASUSPRP"=C:\Program Files\ASUS\APRP\APRP.EXE [2011-04-30 2018032]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2011-04-19 142104]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2011-04-19 174360]
"Persistence"=C:\windows\system32\igfxpers.exe [2011-04-19 150808]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-28 35696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner.exe [2016-08-26 6868696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Eee Docking]
C:\Program Files\ASUS\Eee Docking\Eee Docking.exe [2011-01-07 414384]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
AsusVibeLauncher.lnk - C:\Program Files\Asus\AsusVibe\AsusVibeLauncher.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2011-04-11 218112]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"msacm.siren"=sirenacm.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2016-09-22 22:59:30 ----D---- C:\Program Files\trend micro
2016-09-22 22:59:28 ----D---- C:\rsit
2016-09-21 21:29:43 ----A---- C:\windows\system32\FNTCACHE.DAT
2016-09-21 21:28:16 ----A---- C:\ComboFix.txt
2016-09-21 21:26:08 ----SHD---- C:\$RECYCLE.BIN
2016-09-21 21:04:05 ----A---- C:\windows\MBR.exe
2016-09-21 21:04:04 ----A---- C:\windows\zip.exe
2016-09-21 21:04:04 ----A---- C:\windows\SWREG.exe
2016-09-21 21:04:04 ----A---- C:\windows\PEV.exe
2016-09-21 21:04:04 ----A---- C:\windows\NIRCMD.exe
2016-09-21 21:04:03 ----A---- C:\windows\SWSC.exe
2016-09-21 21:04:03 ----A---- C:\windows\sed.exe
2016-09-21 21:04:03 ----A---- C:\windows\grep.exe
2016-09-21 20:56:38 ----D---- C:\Qoobox
2016-09-21 20:53:11 ----D---- C:\windows\erdnt
2016-09-21 19:07:54 ----D---- C:\found.000

======List of files/folders modified in the last 1 month======

2016-09-22 22:59:31 ----D---- C:\windows\Temp
2016-09-22 22:59:30 ----RD---- C:\Program Files
2016-09-22 17:18:28 ----D---- C:\windows\system32\config
2016-09-22 06:44:23 ----D---- C:\windows\system32\LogFiles
2016-09-21 22:31:30 ----D---- C:\windows\Prefetch
2016-09-21 21:30:42 ----D---- C:\windows\inf
2016-09-21 21:30:07 ----D---- C:\Windows
2016-09-21 21:29:43 ----D---- C:\windows\System32
2016-09-21 21:23:09 ----A---- C:\windows\system.ini
2016-09-21 21:17:24 ----D---- C:\windows\AppPatch
2016-09-21 21:17:24 ----AD---- C:\windows\system32\drivers
2016-09-21 21:17:20 ----D---- C:\Program Files\Common Files
2016-09-21 20:31:41 ----D---- C:\windows\SoftwareDistribution
2016-09-21 20:24:18 ----D---- C:\ProgramData\AVAST Software
2016-09-21 20:04:45 ----SHD---- C:\System Volume Information
2016-09-21 19:45:04 ----D---- C:\windows\Logs
2016-09-21 19:33:17 ----D---- C:\windows\system32\Tasks
2016-09-21 19:33:11 ----D---- C:\Program Files\CCleaner

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\windows\system32\drivers\iaStor.sys [2010-06-08 435736]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 AsIO;AsIO; C:\windows\system32\drivers\AsIO.sys [2010-06-28 11456]
R1 AsUpIO;AsUpIO; C:\windows\system32\drivers\AsUpIO.sys [2010-08-03 11832]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athr.sys [2009-10-05 1221632]
R3 ETD;ELAN PS/2 Port Input Device; C:\windows\system32\DRIVERS\ETD.sys [2010-04-13 109960]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd32.sys [2011-04-11 4815872]
R3 kbfiltr;Keyboard Filter; C:\windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 13880]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\windows\system32\DRIVERS\L1C62x86.sys [2010-09-27 68208]
R3 WinUsb;WinUsb; C:\windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]
S2 Parvdm;Parvdm; C:\windows\system32\drivers\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\windows\system32\DRIVERS\bridge.sys [2009-07-14 78336]
S3 BthEnum;Bluetooth Request Block Driver; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Bluetooth Port Driver; C:\windows\System32\Drivers\BTHport.sys [2010-11-20 393216]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\windows\System32\Drivers\BTHUSB.sys [2010-11-20 60416]
S3 btwavdt;Bluetooth AVDT; C:\windows\system32\drivers\btwavdt.sys []
S3 btwrchid;btwrchid; C:\windows\system32\drivers\btwrchid.sys []
S3 catchme;catchme; \??\C:\Users\Zuzka\AppData\Local\Temp\catchme.sys []
S3 fssfltr;FssFltr; C:\windows\system32\DRIVERS\fssfltr.sys [2010-09-23 39272]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHDA.sys []
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 sisagp;SIS AGP Bus Filter; C:\windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 viaagp;VIA AGP Bus Filter; C:\windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\windows\system32\drivers\viac7.sys [2009-07-14 52736]
S3 wsvd;wsvd; C:\windows\system32\DRIVERS\wsvd.sys [2009-07-22 81704]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AsusService;Asus Launcher Service; C:\windows\system32\AsusService.exe [2011-03-04 224680]
R2 VideAceWindowsService;VideAceWindowsService; C:\ExpressGateUtil\VAWinService.exe [2011-01-13 91464]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-12-29 144200]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-12-29 144200]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S4 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 51040]

-----------------EOF-----------------

Zdravim

Pracovni, jako firemni?

Kdo si tam hral s ComboFixem?

Márty84 píše:Zdravim

Pracovni, jako firemni?

Kdo si tam hral s ComboFixem?

pracovni ale muj , uz to nedavam jak je to pomaly.. ja, se omlouvam ale potreboval jsem to na rychlo poresit sam protoze se to ani nehlo.. no ale nepomohlo.

Po pouziti CF je mi log z RSIT k nicemu, protoze CF smazal veskere stopy pripadne nakazy a ja se ted nemam ceho chytit. Takze se to muze protahnout :-/

Dejte mi sem log z CF, je zde C:\ComboFix.txt

Stahnete crystal disk info http://www.slunecnice.cz/sw/crystaldiskinfo/
Nainstalujte (pozor na pripadne doplnky, ty odmitnete zrusenim zatrzitka) a spustte jako spravce. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte (ctrl + V)

Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner[C?].txt ). Ten mi sem zkopirujte.

Márty84 píše:Po pouziti CF je mi log z RSIT k nicemu, protoze CF smazal veskere stopy pripadne nakazy a ja se ted nemam ceho chytit. Takze se to muze protahnout :-/

Dejte mi sem log z CF, je zde C:\ComboFix.txt

Stahnete crystal disk info http://www.slunecnice.cz/sw/crystaldiskinfo/
Nainstalujte (pozor na pripadne doplnky, ty odmitnete zrusenim zatrzitka) a spustte jako spravce. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte (ctrl + V)

Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner[C?].txt ). Ten mi sem zkopirujte.

.tak to se omlouvam .. zatim tady hazim log z Combofixu . Za chvili pošlu i dalši dva

ComboFix 16-09-14.01 - Zuzka 21.09.2016 21:11:32.1.4 - x86
Microsoft Windows 7 Starter 6.1.7601.1.1250.420.1029.18.1014.282 [GMT 2:00]
Spuštěný z: c:\users\Zuzka\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2016-08-21 do 2016-09-21 )))))))))))))))))))))))))))))))
.
.
2016-09-21 19:22 . 2016-09-21 19:22 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-09-21 17:07 . 2016-09-21 17:07 -------- d-----w- C:\found.000
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-09-21 16:56 . 2010-06-24 18:33 24800 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{CC5FC992-B0AA-47CD-9DC2-83445083CBB8}"
[HKEY_CLASSES_ROOT\CLSID\{CC5FC992-B0AA-47CD-9DC2-83445083CBB8}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{618A47A2-528B-4D9A-AFC8-97D3233511E2}"
[HKEY_CLASSES_ROOT\CLSID\{618A47A2-528B-4D9A-AFC8-97D3233511E2}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-28 35696]
"HotkeyMon"="AsusSender.exe" [2011-03-11 34728]
"HotkeyService"="AsusSender.exe" [2011-03-11 34728]
"SuperHybridEngine"="AsusSender.exe" [2011-03-11 34728]
"LiveUpdate"="AsusSender.exe" [2011-03-11 34728]
"CapsHook"="AsusSender.exe" [2011-03-11 34728]
"Eee Docking"="c:\program files\ASUS\Eee Docking\Eee Docking.exe" [2011-01-06 414384]
"VAWinAgent"="c:\expressgateutil\VAWinAgent.exe" [2011-03-24 45448]
"ASUSPRP"="c:\program files\ASUS\APRP\APRP.EXE" [2011-04-30 2018032]
"ASUSWebStorage"="c:\program files\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe" [2011-07-29 737104]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-04-19 142104]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-04-19 174360]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-04-19 150808]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AsusVibeLauncher.lnk - c:\program files\Asus\AsusVibe\AsusVibeLauncher.exe /start [2014-5-18 549040]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys [2009-07-22 81704]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
S1 AsUpIO;AsUpIO;c:\windows\system32\drivers\AsUpIO.sys [2010-08-03 11832]
S2 AsusService;Asus Launcher Service;c:\windows\system32\AsusService.exe [2011-03-03 224680]
S2 VideAceWindowsService;VideAceWindowsService;c:\expressgateutil\VAWinService.exe [2011-01-12 91464]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2010-04-13 109960]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x86.sys [2010-09-27 68208]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-12-29 22:25 1000264 ----a-w- c:\program files\Google\Chrome\Application\47.0.2526.106\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2016-09-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2015-07-20 20:09]
.
2016-09-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2015-07-20 20:09]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://asus.msn.com
IE: E&xport to Microsoft Excel - c:\progra~1\MIF5BA~1\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MIF5BA~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MIF5BA~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.0.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(1012)
c:\progra~1\ASUS\ASUSWE~1\30108~1.222\ASUSWS~1.DLL
.
Celkový čas: 2016-09-21 21:28:15
ComboFix-quarantined-files.txt 2016-09-21 19:28
.
Před spuštěním: Volných bajtů: 61 789 671 424
Po spuštění: Volných bajtů: 61 702 873 088
.
- - End Of File - - B6763D77AE0742EF41BB6929EDA89525
A36C5E4F47E84449FF07ED3517B43A31

----------------------------------------------------------------------------
CrystalDiskInfo 7.0.3 (C) 2008-2016 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 7 Starter SP1 [6.1 Build 7601] (x86)
Date : 2016/09/26 16:27:47

-- Controller Map ----------------------------------------------------------
+ Intel(R) NM10 Express Chipset [ATA]
- WDC WD3200BPVT-80JJ5T0

-- Disk List ---------------------------------------------------------------
(1) WDC WD3200BPVT-80JJ5T0 : 320,0 GB [0/0/0, pd1] - wd

----------------------------------------------------------------------------
(1) WDC WD3200BPVT-80JJ5T0
----------------------------------------------------------------------------
Model : WDC WD3200BPVT-80JJ5T0
Firmware : 01.01A01
Serial Number : WD-WXQ1A81X1268
Disk Size : 320,0 GB (8,4/137,4/320,0/320,0)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 625142448
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : ---- | SATA/300
Power On Hours : 5506 hod.
Power On Count : 2159 krát
Temperature : 31 C (87 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 0060h [ON]
AAM Level : ----
Drive Letter : C: D:

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chyb čtení
03 143 139 _21 00000000073A Čas na roztočení ploten
04 _88 _88 __0 00000000303F Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 200 200 __0 000000000000 Počet chybných hledání
09 _93 _93 __0 000000001582 Hodin v činnosti
0A 100 100 __0 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000000 Počet pokusů o překalibrování
0C _98 _98 __0 00000000086F Počet cyklů zapnutí zařízení
BF __1 __1 __0 00000000095D Počet udalostí zaznamenaných otřesovým senzorem
C0 200 200 __0 0000000000CB Počet vypnutí disku
C1 _11 _11 __0 00000008A93D Počet cyklů načítání/vymazání
C2 112 _95 __0 00000000001F Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 100 253 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 100 253 __0 000000000000 Počet chyb při zápisu sektorů

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2057 442D 5758 5131 4138 3158 3132 3638
020: 0000 4000 0032 3031 2E30 3141 3031 5744 4320 5744
030: 3332 3030 4250 5654 2D38 304A 4A35 5430 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0000 0000 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 1F06 0000 004C 004C
080: 01FE 0000 746B 7D09 6123 7469 BC09 6123 407F 0023
090: 0023 0060 FFFE 0000 0000 0000 0000 0000 0000 0000
100: EAB0 2542 0000 0000 0000 0000 6003 0000 5001 4EE2
110: 5BB9 633F 0000 0000 0000 0000 0000 0000 0000 4018
120: 4018 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 16FE 0167 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 7035 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 101E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 1000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 B4A5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 C8 C8 00 00 00 00 00 00 00 03 27
010: 00 8F 8B 3A 07 00 00 00 00 00 04 32 00 58 58 3F
020: 30 00 00 00 00 00 05 33 00 C8 C8 00 00 00 00 00
030: 00 00 07 2E 00 C8 C8 00 00 00 00 00 00 00 09 32
040: 00 5D 5D 82 15 00 00 00 00 00 0A 32 00 64 64 00
050: 00 00 00 00 00 00 0B 32 00 64 64 00 00 00 00 00
060: 00 00 0C 32 00 62 62 6F 08 00 00 00 00 00 BF 32
070: 00 01 01 5D 09 00 00 00 00 00 C0 32 00 C8 C8 CB
080: 00 00 00 00 00 00 C1 32 00 0B 0B 3D A9 08 00 00
090: 00 00 C2 22 00 70 5F 1F 00 00 00 00 00 00 C4 32
0A0: 00 C8 C8 00 00 00 00 00 00 00 C5 32 00 C8 C8 00
0B0: 00 00 00 00 00 00 C6 30 00 64 FD 00 00 00 00 00
0C0: 00 00 C7 32 00 C8 C8 00 00 00 00 00 00 00 C8 08
0D0: 00 64 FD 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 30 1B 01 7B
170: 03 00 01 00 02 48 05 00 00 00 00 00 00 00 00 00
180: 00 00 01 02 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 11

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 C8 C8 00 00 00 00 00 00 00 00 03 15
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 8C 00 00 00 00 00 00 00 00
030: 00 00 07 00 C8 C8 00 00 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 00 00 00 00 00
050: 00 00 00 00 00 00 0B 00 00 00 00 00 00 00 00 00
060: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 BF 00
070: 00 00 00 00 00 00 00 00 00 00 C0 00 00 00 00 00
080: 00 00 00 00 00 00 C1 00 00 00 00 00 00 00 00 00
090: 00 00 C2 00 00 00 00 00 00 00 00 00 00 00 C4 00
0A0: 00 00 00 00 00 00 00 00 00 00 C5 00 00 00 00 00
0B0: 00 00 00 00 00 00 C6 00 00 00 00 00 00 00 00 00
0C0: 00 00 C7 00 00 00 00 00 00 00 00 00 00 00 C8 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 DE

a tady posledni log. Zatim zadna změna bohužél.. Už nevím co s tim .

# AdwCleaner v6.020 - Log soubor vytvořen 26/09/2016 na 16:35:31
# Aktualizováno dne 14/09/2016 z ToolsLib
# Databáze : 2016-09-26.1 [Server]
# Operační systém : Windows 7 Starter Service Pack 1 (X86)
# Uživatelské jméno : Zuzka - ZUZKA-PC
# Beží od : C:\Users\Zuzka\Downloads\adwcleaner_6.020.exe
# Mod: Čištění
# Podpora : https://toolslib.net/forum

***** [ Služby ] *****

***** [ Adresáře ] *****

***** [ Soubory ] *****

***** [ DLL ] *****

***** [ WMI ] *****

***** [ Zástupce ] *****

***** [ Plánovač úloh ] *****

***** [ Registry ] *****

***** [ Prohlížeče ] *****

*************************

:: "Tracing" klíč smazán
:: Winsock nastavení vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [798 Bajtů] - [26/09/2016 16:35:31]
C:\AdwCleaner\AdwCleaner[S0].txt - [1394 Bajtů] - [26/09/2016 16:34:32]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [945 Bajtů] ##########

Proc tam neni antivir?

Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu (cili Vlastni sken vsech disku) http://forum.viry.cz/viewtopic.php?f=29&t=144868 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

Márty84 píše: Proc tam neni antivir?

Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu (cili Vlastni sken vsech disku) http://forum.viry.cz/viewtopic.php?f=29&t=144868 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 26.9.2016
Čas skenování: 21:46
Protokol: vysledky.txt
Správce: Ano

Verze: 2.2.1.1043
Databáze malwaru: v2016.09.26.10
Databáze rootkitů: v2016.09.26.02
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x86
Souborový systém: NTFS
Uživatel: Zuzka

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 386999
Uplynulý čas: 10 hod, 16 min, 42 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 1
PUP.Optional.MindSpark, C:\Users\Zuzka\AppData\Roaming\Mozilla\Firefox\Profiles\a74kucnk.default\VideoDownloadConverter_4z, , [a61c3f374852a591955f9217f90ab64a],

Soubory: 28
PUP.Optional.MindSpark, C:\Users\Zuzka\AppData\Roaming\Mozilla\Firefox\Profiles\a74kucnk.default\VideoDownloadConverter_4z\696DFD18-9311-472D-9B8C-1BCB45B8DEA0.sqlite, , [a61c3f374852a591955f9217f90ab64a],
PUP.Optional.MindSpark.Generic, C:\Users\Zuzka\AppData\Roaming\Mozilla\Firefox\Profiles\a74kucnk.default\prefs.js, Dobré: (), Špatné: (user_pref("extensions.toolbar.mindspark._4zMembers_.BUTTON_STRUCTURE", "[{\"b\":221584481,\"c\":\"mindspark.magnify\",\"p\":\"L.0\"},{\"b\":221584482,\"c\":\"mindspark.entersearchterms\",\"p\":\"L.0.0\"},{\"b\":221584487,\"c\":\"mindspark.full\",\"p\":\"L.0.1\"},{\"b\":221584491,\"c\":\"mindspark.image\",\"p\":\"L.0.2\"},{\"b\":221584496,\"c\":\"mindspark.advanced\",\"p\":\"L.0.3\"},{\"b\":221584500,\"c\":\"mindspark.directorysearch\",\"p\":\"L.0.4\"},{\"b\":221584433,\"c\":\"mindspark.search\",\"p\":\"L.1\"},{\"b\":221584436,\"c\":\"mindspark.vdclogo\",\"p\":\"L.2\"},{\"b\":221584437,\"c\":\"mindspark.notspyware\",\"p\":\"L.2.0\"},{\"b\":221584444,\"c\":\"mindspark.faqs\",\"p\":\"L.2.1\"},{\"b\":221584445,\"c\":\"mindspark.help\",\"p\":\"L.2.2\"},{\"b\":221584451,\"c\":\"mindspark.version\",\"p\":\"L.2.3\"},{\"b\":222774183,\"c\":\"mindspark.download\",\"v\":\"2.0.0\",\"p\":\"L.3\"},{\"b\":221584460,\"c\":\"mindspark.convertfiles\",\"v\":\"1.0.2\",\"p\":\"L.4\"},{\"b\":221584461,\"c\":\"mindspark.popularwebsites\",\"p\":\"L.5\"},{\"b\":221584462,\"c\":\"mindspark.facebook\",\"p\":\"L.5.0\"},{\"b\":221584463,\"c\":\"mindspark.dailymotion\",\"p\":\"L.5.1\"},{\"b\":221584464,\"c\":\"mindspark.vimeo\",\"p\":\"L.5.2\"},{\"b\":221584465,\"c\":\"mindspark.entertainment\",\"p\":\"L.6\"},{\"b\":221584467,\"c\":\"mindspark.radio\",\"v\":\"1.0.3\",\"p\":\"L.7\"},{\"b\":221584435,\"c\":\"mindspark.ask\",\"p\":\"R.0\"},{\"b\":221584506,\"c\":\"mindspark.wrench\",\"p\":\"R.1\"},{\"b\":221584511,\"c\":\"mindspark.tboptions\",\"p\":\"R.1.0\"},{\"b\":221584512,\"c\":\"mindspark.enabledisable\",\"p\":\"R.1.0.0\"},{\"b\":221584530,\"c\":\"mindspark.uninstall\",\"p\":\"R.1.0.1\"}]");), ,[17ab72048713290d6427d70219eb9769]
PUP.Optional.MindSpark.Generic, C:\Users\Zuzka\AppData\Roaming\Mozilla\Firefox\Profiles\a74kucnk.default\prefs.js, Dobré: (), Špatné: (_version", 3);
user_pref("browser.places.smartBookmarksVersion", 7);
user_pref("b), ,[90325c1af2a84de977146a6fb0548c74]
PUP.Optional.MindSpark.Generic, C:\Users\Zuzka\AppData\Roaming\Mozilla\Firefox\Profiles\a74kucnk.default\prefs.js, Dobré: (), Špatné: (this file.
*
* If you make changes to this file while the application is running,
), ,[bf034531fc9e31052b608059c83c738d]
PUP.Optional.MindSpark.Generic, C:\Users\Zuzka\AppData\Roaming\Mozilla\Firefox\Profiles\a74kucnk.default\prefs.js, Dobré: (), Špatné: (file.
*
* If you make changes to this file while the application is running,
* the changes will be overwritten when the application exits.
*
* To make a manual chan), ,[388a1e585a4046f06d1e8a4ff11346ba]
PUP.Optional.MindSpark.Generic, C:\Users\Zuzka\AppData\Roaming\Mozilla\Firefox\Profiles\a74kucnk.default\prefs.js, Dobré: (), Špatné: (he changes will be overwritten when the application exits.
*
* To ma), ,[bb07fa7c7e1cba7c79128f4aed1711ef]
PUP.Optional.MindSpark.Generic, C:\Users\Zuzka\AppData\Roaming\Mozilla\Firefox\Profiles\a74kucnk.default\prefs.js, Dobré: (), Špatné: (o not edit this file.
*
* If you make changes to this file while the applicatio), ,[fcc66b0b0595c472d8b3edecd72dc53b]
PUP.Optional.MindSpark.Generic, C:\Users\Zuzka\AppData\Roaming\Mozilla\Firefox\Profiles\a74kucnk.default\prefs.js, Dobré: (), Špatné: (this file.
*
* If you make changes to this file while the application), ,[71512551ddbd3105a3e898413aca2ed2]
PUP.Optional.MindSpark.Generic, C:\Users\Zuzka\AppData\Roaming\Mozilla\Firefox\Profiles\a74kucnk.default\prefs.js, Dobré: (), Špatné: ( not edit this file.
*
* If you make changes to this file while the applicatio), ,[b30f6d097b1fb87ee6a57e5b788cbe42]
PUP.Optional.MindSpark.Generic, C:\Users\Zuzka\AppData\Roaming\Mozilla\Firefox\Profiles\a74kucnk.default\prefs.js, Dobré: (), Špatné: ( this file.
*
* If you make changes to this file while the application is running,
* th), ,[20a24630dfbb95a1bad1c316af55e21e]
PUP.Optional.MindSpark.Generic, C:\Users\Zuzka\AppData\Roaming\Mozilla\Firefox\Profiles\a74kucnk.default\prefs.js, Dobré: (), Špatné: (
*
* If you make changes to this file while the application is running,
* the changes will b), ,[e2e0b0c67921f640692281580afa40c0]
PUP.Optional.MindSpark.Generic, C:\Users\Zuzka\AppData\Roaming\Mozilla\Firefox\Profiles\a74kucnk.default\prefs.js, Dobré: (), Špatné: (
* If you make changes to this file while the application is running,
* the chang), ,[fcc6601667336ec88cfff9e0ab594bb5]
PUP.Optional.MindSpark.Generic, C:\Users\Zuzka\AppData\Roaming\Mozilla\Firefox\Profiles\a74kucnk.default\prefs.js, Dobré: (), Špatné: (his file.
*
* If you make changes to this file while the application is running,
* the changes will be overwritten when the application exits.
*
* To make a manual change to preferences, you can visit the URL about:config
*/

user_pr), ,[6d554135f1a9290df4979346ec18bf41]
PUP.Optional.MindSpark.Generic, C:\Users\Zuzka\AppData\Roaming\Mozilla\Firefox\Profiles\a74kucnk.default\prefs.js, Dobré: (), Špatné: (e a manual change to preferences, you can visit the URL about:config
*/

user), ,[5171caacf0aada5c543702d7a064629e]
PUP.Optional.MindSpark.Generic, C:\Users\Zuzka\AppData\Roaming\Mozilla\Firefox\Profiles\a74kucnk.default\prefs.js, Dobré: (), Špatné: (t this file.
*
* If you make changes to this file while the application is running,
* the changes will be overw), ,[ecd64531acee15219fece2f7709456aa]
PUP.Optional.MindSpark.Generic, C:\Users\Zuzka\AppData\Roaming\Mozilla\Firefox\Profiles\a74kucnk.default\prefs.js, Dobré: (), Špatné: (nges to this file while the application is running,
* the changes will be overwritten when th), ,[0eb4f08612884aeca5e69544947019e7]
PUP.Optional.MindSpark.Generic, C:\Users\Zuzka\AppData\Roaming\Mozilla\Firefox\Profiles\a74kucnk.default\prefs.js, Dobré: (), Špatné: ( *
* If you make changes to this file while the application is running,
* the chan), ,[7f431d59debcd95d96f55d7c16eecb35]
PUP.Optional.MindSpark.Generic, C:\Users\Zuzka\AppData\Roaming\Mozilla\Firefox\Profiles\a74kucnk.default\prefs.js, Dobré: (), Špatné: (s file.
*
* If you make changes to this file while the application is running,
* ), ,[cff3ea8c445662d45a316673689cb050]
PUP.Optional.MindSpark.Generic, C:\Users\Zuzka\AppData\Roaming\Mozilla\Firefox\Profiles\a74kucnk.default\prefs.js, Dobré: (), Špatné: ( file.
*
* If you make changes to this file while the application is running,
), ,[5e6456200892c37391faddfcf311d030]
PUP.Optional.MindSpark.Generic, C:\Users\Zuzka\AppData\Roaming\Mozilla\Firefox\Profiles\a74kucnk.default\prefs.js, Dobré: (), Špatné: (this file.
*
* If you make changes to this file while the application is running,), ,[5072e5916436c76f7417fadf12f246ba]
PUP.Optional.MindSpark.Generic, C:\Users\Zuzka\AppData\Roaming\Mozilla\Firefox\Profiles\a74kucnk.default\prefs.js, Dobré: (), Špatné: (is file.
*
* If you make changes to this file while the application is running,
), ,[edd5b3c34f4b8fa7a7e4c415a460cc34]
PUP.Optional.MindSpark.Generic, C:\Users\Zuzka\AppData\Roaming\Mozilla\Firefox\Profiles\a74kucnk.default\prefs.js, Dobré: (), Špatné: (his file.
*
* If you make changes to this file while the application is runn), ,[09b9dc9a1387e155563519c09a6a7987]
PUP.Optional.MindSpark.Generic, C:\Users\Zuzka\AppData\Roaming\Mozilla\Firefox\Profiles\a74kucnk.default\prefs.js, Dobré: (), Špatné: (it this file.
*
* If you make changes to this file while the application i), ,[0fb35b1b1a80aa8c6526cd0cd0349f61]
PUP.Optional.MindSpark.Generic, C:\Users\Zuzka\AppData\Roaming\Mozilla\Firefox\Profiles\a74kucnk.default\prefs.js, Dobré: (), Špatné: (edit this file.
*
* If you make changes to this file while the application is running,
* the changes will be overwritten wh), ,[487a8fe70c8e74c22764d009c93b1ae6]
PUP.Optional.MindSpark.Generic, C:\Users\Zuzka\AppData\Roaming\Mozilla\Firefox\Profiles\a74kucnk.default\prefs.js, Dobré: (), Špatné: ( file while the application is running,
* the changes will be overwritten when the), ,[249e9adc19815ed88cff3c9da262e31d]
PUP.Optional.MindSpark.Generic, C:\Users\Zuzka\AppData\Roaming\Mozilla\Firefox\Profiles\a74kucnk.default\prefs.js, Dobré: (), Špatné: (his file.
*
* If you make changes to this file while the application is r), ,[22a0e393f9a18ea8bad137a2976d8977]
PUP.Optional.MindSpark.Generic, C:\Users\Zuzka\AppData\Roaming\Mozilla\Firefox\Profiles\a74kucnk.default\prefs.js, Dobré: (), Špatné: ( edit this file.
*
* If you make changes to this file while the application ), ,[ae1455216832e3534f3c05d429db5ca4]
PUP.Optional.MindSpark.Generic, C:\Users\Zuzka\AppData\Roaming\Mozilla\Firefox\Profiles\a74kucnk.default\prefs.js, Dobré: (), Špatné: (it this file.
*
* If you make changes to this file while the application is running,
* the), ,[952dcaac3565c96d7a11fddc9c68c040]

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)

(end)

tady je log, zatim jsem teda nic nemazal. Antivir byl, avast ale smazal jsem ho když to začlo blbnout ten pc. Nainstaluji zpatky

Vsechny nalezy nechte odstranit. Po odstraneni a restartu pc test s MBAM zopakujte (staci uz jen Sken hrozeb - bude rychlejsi), at vime, jestli se to nevraci. Napiste vysledek testu a podle nej zvolim dalsi postup.

Márty84 píše:Vsechny nalezy nechte odstranit. Po odstraneni a restartu pc test s MBAM zopakujte (staci uz jen Sken hrozeb - bude rychlejsi), at vime, jestli se to nevraci. Napiste vysledek testu a podle nej zvolim dalsi postup.

Druhy sken hotovy tentokrat to našlo 26chyb, posilam opět log.. mam je zase smazat? ikdyz predpokladam ze to nepomuze a objeví se znova.

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 27.9.2016
Čas skenování: 9:25
Protokol: Vysledky2.txt
Správce: Ano

Verze: 2.2.1.1043
Databáze malwaru: v2016.09.27.04
Databáze rootkitů: v2016.09.26.02
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x86
Souborový systém: NTFS
Uživatel: Zuzka

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 269847
Uplynulý čas: 25 min, 53 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 26
PUP.Optional.MindSpark.Generic, C:\Users\Zuzka\AppData\Roaming\Mozilla\Firefox\Profiles\a74kucnk.default\prefs.js, Dobré: (), Špatné: (user_pref("extensions.toolbar.mindspark._4zMembers_.browser.version.last", "38.0");), ,[7ca42f489bffba7c6c1b7465e91b9c64]
PUP.Optional.MindSpark.Generic, C:\Users\Zuzka\AppData\Roaming\Mozilla\Firefox\Profiles\a74kucnk.default\prefs.js, Dobré: (), Špatné: (* tk_pref("app.update.lastUpdateTime.addon-background-update-timer", 1466251463);
user_), ,[a977aacddfbb56e0ceb97b5e61a3d32d]
PUP.Optional.MindSpark.Generic, C:\Users\Zuzka\AppData\Roaming\Mozilla\Firefox\Profiles\a74kucnk.default\prefs.js, Dobré: (), Špatné: (pref("app.update.lastUpdateTime.addon-background-update-timer", 1466251463);
user_pref("app.update.lastUpdateTime.background-update-timer", 1466251245);
user_pref("app.upda), ,[58c83b3cc9d1a69007809940e123e31d]
PUP.Optional.MindSpark.Generic, C:\Users\Zuzka\AppData\Roaming\Mozilla\Firefox\Profiles\a74kucnk.default\prefs.js, Dobré: (), Špatné: (f("app.update.lastUpdateTime.background-update-timer", 1466251245);
use), ,[ba66b8bf2d6dca6c4047d70205ffd12f]
PUP.Optional.MindSpark.Generic, C:\Users\Zuzka\AppData\Roaming\Mozilla\Firefox\Profiles\a74kucnk.default\prefs.js, Dobré: (), Špatné: (o not edit * tk_pref("app.update.lastUpdateTime.addon-background-update-timer", 146), ,[9b859adda8f264d2c0c7d00947bd4fb1]
PUP.Optional.MindSpark.Generic, C:\Users\Zuzka\AppData\Roaming\Mozilla\Firefox\Profiles\a74kucnk.default\prefs.js, Dobré: (), Špatné: (* tk_pref("app.update.lastUpdateTime.addon-background-update-timer", 1466), ,[b96731467723ce6803845386ac582ad6]
PUP.Optional.MindSpark.Generic, C:\Users\Zuzka\AppData\Roaming\Mozilla\Firefox\Profiles\a74kucnk.default\prefs.js, Dobré: (), Špatné: ( not edit * tk_pref("app.update.lastUpdateTime.addon-background-update-timer", 146), ,[42de89ee0496f1453c4b855438cc54ac]
PUP.Optional.MindSpark.Generic, C:\Users\Zuzka\AppData\Roaming\Mozilla\Firefox\Profiles\a74kucnk.default\prefs.js, Dobré: (), Špatné: ( * tk_pref("app.update.lastUpdateTime.addon-background-update-timer", 1466251463);
user_pref), ,[38e8b7c0732758dea0e75a7f42c215eb]
PUP.Optional.MindSpark.Generic, C:\Users\Zuzka\AppData\Roaming\Mozilla\Firefox\Profiles\a74kucnk.default\prefs.js, Dobré: (), Špatné: ("app.update.lastUpdateTime.addon-background-update-timer", 1466251463);
user_pref("app.update.las), ,[69b7d0a719813cfa4a3d8c4d976d8779]
PUP.Optional.MindSpark.Generic, C:\Users\Zuzka\AppData\Roaming\Mozilla\Firefox\Profiles\a74kucnk.default\prefs.js, Dobré: (), Špatné: (update.lastUpdateTime.addon-background-update-timer", 1466251463);
user_pref("app.u), ,[6db34235ddbd0b2b7f086574669ee719]
PUP.Optional.MindSpark.Generic, C:\Users\Zuzka\AppData\Roaming\Mozilla\Firefox\Profiles\a74kucnk.default\prefs.js, Dobré: (), Špatné: ( tk_pref("app.update.lastUpdateTime.addon-background-update-timer", 1466251463);
user_pref("app.update.lastUpdateTime.background-update-timer", 1466251245);
user_pref("app.update.lastUpdateTime.blocklist-background-update-timer", 1474478566);
u), ,[110fdc9bd7c3e84ebec93f9a996b7987]
PUP.Optional.MindSpark.Generic, C:\Users\Zuzka\AppData\Roaming\Mozilla\Firefox\Profiles\a74kucnk.default\prefs.js, Dobré: (), Špatné: (_pref("app.update.lastUpdateTime.blocklist-background-update-timer", 1474478566);), ,[958b1a5d6b2f4de945429b3e897b30d0]
PUP.Optional.MindSpark.Generic, C:\Users\Zuzka\AppData\Roaming\Mozilla\Firefox\Profiles\a74kucnk.default\prefs.js, Dobré: (), Špatné: (t * tk_pref("app.update.lastUpdateTime.addon-background-update-timer", 1466251463);
user_pref("app.update.lastUpdate), ,[d8484631dfbb59ddb1d6d2075ea6e61a]
PUP.Optional.MindSpark.Generic, C:\Users\Zuzka\AppData\Roaming\Mozilla\Firefox\Profiles\a74kucnk.default\prefs.js, Dobré: (), Špatné: (me.addon-background-update-timer", 1466251463);
user_pref("app.update.lastUpdateTime.backgroun), ,[f42cd89f009af442048371684fb5ca36]
PUP.Optional.MindSpark.Generic, C:\Users\Zuzka\AppData\Roaming\Mozilla\Firefox\Profiles\a74kucnk.default\prefs.js, Dobré: (), Špatné: (pp.update.lastUpdateTime.addon-background-update-timer", 1466251463);
user_pref("app.), ,[41df2255bfdb79bdc6c183565ca86c94]
PUP.Optional.MindSpark.Generic, C:\Users\Zuzka\AppData\Roaming\Mozilla\Firefox\Profiles\a74kucnk.default\prefs.js, Dobré: (), Špatné: (k_pref("app.update.lastUpdateTime.addon-background-update-timer", 1466251463);
user_pr), ,[c65aa4d3d4c61323b2d5697053b1946c]
PUP.Optional.MindSpark.Generic, C:\Users\Zuzka\AppData\Roaming\Mozilla\Firefox\Profiles\a74kucnk.default\prefs.js, Dobré: (), Špatné: (_pref("app.update.lastUpdateTime.addon-background-update-timer", 1466251463);
user), ,[52cede99f7a35dd9483fd306d3319e62]
PUP.Optional.MindSpark.Generic, C:\Users\Zuzka\AppData\Roaming\Mozilla\Firefox\Profiles\a74kucnk.default\prefs.js, Dobré: (), Špatné: (* tk_pref("app.update.lastUpdateTime.addon-background-update-timer", 1466251463);
us), ,[f12f5522702a3bfb5037d70232d29c64]
PUP.Optional.MindSpark.Generic, C:\Users\Zuzka\AppData\Roaming\Mozilla\Firefox\Profiles\a74kucnk.default\prefs.js, Dobré: (), Špatné: (tk_pref("app.update.lastUpdateTime.addon-background-update-timer", 1466251463);
use), ,[c85833448a103afc790e6f6a5ba93fc1]
PUP.Optional.MindSpark.Generic, C:\Users\Zuzka\AppData\Roaming\Mozilla\Firefox\Profiles\a74kucnk.default\prefs.js, Dobré: (), Špatné: ( tk_pref("app.update.lastUpdateTime.addon-background-update-timer", 1466251463);), ,[40e0b3c4089264d2a0e7b1289d67d828]
PUP.Optional.MindSpark.Generic, C:\Users\Zuzka\AppData\Roaming\Mozilla\Firefox\Profiles\a74kucnk.default\prefs.js, Dobré: (), Špatné: (it * tk_pref("app.update.lastUpdateTime.addon-background-update-timer", 146625), ,[2af6b7c0eab085b11e69f3e6b351649c]
PUP.Optional.MindSpark.Generic, C:\Users\Zuzka\AppData\Roaming\Mozilla\Firefox\Profiles\a74kucnk.default\prefs.js, Dobré: (), Špatné: (edit * tk_pref("app.update.lastUpdateTime.addon-background-update-timer", 1466251463);
user_pref("app.update.lastUpdateTime.back), ,[4cd44e29f1a9171f3057bd1c24e01de3]
PUP.Optional.MindSpark.Generic, C:\Users\Zuzka\AppData\Roaming\Mozilla\Firefox\Profiles\a74kucnk.default\prefs.js, Dobré: (), Špatné: (kground-update-timer", 1466251463);
user_pref("app.update.lastUpdateTime.background), ,[869a31467a200b2bddaae6f37d8726da]
PUP.Optional.MindSpark.Generic, C:\Users\Zuzka\AppData\Roaming\Mozilla\Firefox\Profiles\a74kucnk.default\prefs.js, Dobré: (), Špatné: ( tk_pref("app.update.lastUpdateTime.addon-background-update-timer", 146625146), ,[e23e9fd8fe9cb185f1965d7c3ec6857b]
PUP.Optional.MindSpark.Generic, C:\Users\Zuzka\AppData\Roaming\Mozilla\Firefox\Profiles\a74kucnk.default\prefs.js, Dobré: (), Špatné: ( edit * tk_pref("app.update.lastUpdateTime.addon-background-update-timer", 14662), ,[1c04a8cf2377b87eeb9c716814f052ae]
PUP.Optional.MindSpark.Generic, C:\Users\Zuzka\AppData\Roaming\Mozilla\Firefox\Profiles\a74kucnk.default\prefs.js, Dobré: (), Špatné: (it * tk_pref("app.update.lastUpdateTime.addon-background-update-timer", 1466251463);
user_pref(), ,[ff21512641593600aadd7a5fba4ad22e]

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)

(end)

Nalezy nechte znovu odstranit.

Postupujte podle navodu kolegy

vyosek píše: Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
Ulozte nejlepe na plochu

Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu

Probehne vytvoreni zalohy a nasledne prohledavani

Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Postupujte podle navodu kolegy

vyosek píše: Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu
Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize
Kód: Vybrat vše
autoclean;
autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;
Nasledne kliknete na Run Script

PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Pak dalsi sken hrozeb s MBAM a vysledky opet poslete.

prvni log:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.8 (09.20.2016)
Operating System: Windows 7 Starter x86
Ran by Zuzka (Administrator) on Łt 27.09.2016 at 10:59:30,09
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

File System: 15

Successfully deleted: C:\Users\Zuzka\AppData\Local\{08A0D821-FD5E-46EA-97B8-7ED76065CA94} (Empty Folder)
Successfully deleted: C:\Users\Zuzka\AppData\Local\{57F8CA3F-0426-4C07-87D8-FB51B6B59002} (Empty Folder)
Successfully deleted: C:\Users\Zuzka\AppData\Local\{D49690CE-4AC5-4393-93B6-505AC935B548} (Empty Folder)
Successfully deleted: C:\Users\Zuzka\AppData\Local\{D90D7E08-9BBB-4925-AEF4-C98880EE6246} (Empty Folder)
Successfully deleted: C:\Users\Zuzka\AppData\Local\{DD5B0676-EBCC-4A93-9B51-F5F84F09E964} (Empty Folder)
Successfully deleted: C:\Users\Zuzka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BF56JCIX (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Zuzka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J3JVOWAW (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Zuzka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OPYYYA0P (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Zuzka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XDF4KDOC (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Zuzka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XN8HA3HG (Temporary Internet Files Folder)
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BF56JCIX (Temporary Internet Files Folder)
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J3JVOWAW (Temporary Internet Files Folder)
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OPYYYA0P (Temporary Internet Files Folder)
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XDF4KDOC (Temporary Internet Files Folder)
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XN8HA3HG (Temporary Internet Files Folder)

Deleted the following from C:\Users\Zuzka\AppData\Roaming\Mozilla\Firefox\Profiles\a74kucnk.default\prefs.js
user_pref(extensions.toolbar.mindspark._4zMembers_.firstKnownVersion, 6.85.5.65044);
user_pref(extensions.toolbar.mindspark._4zMembers_.homepage, hxxp://home.tb.ask.com/index.jhtml?ptb=696DFD18-9311-472D-9B8C-1BCB45B8DEA0&n=781af06f&p2=^HJ^xdm007^YYA^cz);
user_pref(extensions.toolbar.mindspark._4zMembers_.initialized, true);
user_pref(extensions.toolbar.mindspark._4zMembers_.installKeysSource, Cookies);
user_pref(extensions.toolbar.mindspark._4zMembers_.installType, XPI);
user_pref(extensions.toolbar.mindspark._4zMembers_.installation.contextKey, );
user_pref(extensions.toolbar.mindspark._4zMembers_.installation.installDate, 2015031407);
user_pref(extensions.toolbar.mindspark._4zMembers_.installation.partnerId, ^HJ^xdm007^YYA^cz);
user_pref(extensions.toolbar.mindspark._4zMembers_.installation.partnerSubId, );
user_pref(extensions.toolbar.mindspark._4zMembers_.installation.pixelUrl, hxxp://free.videodownloadconverter.com/install_pixels.jhtml?partner=^HJ^xdm007^YYA^cz&coId=8c4004b
user_pref(extensions.toolbar.mindspark._4zMembers_.installation.success, true);
user_pref(extensions.toolbar.mindspark._4zMembers_.installation.toolbarId, 696DFD18-9311-472D-9B8C-1BCB45B8DEA0);
user_pref(extensions.toolbar.mindspark._4zMembers_.isCompliantUninstallImplementation, true);
user_pref(extensions.toolbar.mindspark._4zMembers_.lastActivePing, 1435087977067);
user_pref(extensions.toolbar.mindspark._4zMembers_.lastKnownVersion, 6.85.5.65044);
user_pref(extensions.toolbar.mindspark._4zMembers_.options.defaultSearch, false);
user_pref(extensions.toolbar.mindspark._4zMembers_.options.homePageEnabled, false);
user_pref(extensions.toolbar.mindspark._4zMembers_.options.keywordEnabled, false);
user_pref(extensions.toolbar.mindspark._4zMembers_.options.tabEnabled, false);
user_pref(extensions.toolbar.mindspark._4zMembers_.partnerPixelFired, true);
user_pref(extensions.toolbar.mindspark._4zMembers_.successUrl, hxxp://free.videodownloadconverter.com/installComplete.jhtml);
user_pref(extensions.toolbar.mindspark._4zMembers_.toolbar.versionChanged, false);
user_pref(extensions.toolbar.mindspark._4zMembers_.toolbarCollapsed, true);
user_pref(extensions.toolbar.mindspark._4zMembers_.weather.location, 10001);
user_pref(extensions.toolbar.mindspark.lastInstalled, videodownloadconverter@mindspark.com);

Registry: 1

Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\Search\\SearchAssistant (Registry Value)

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Łt 27.09.2016 at 11:03:54,21
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Tady je druhy log.. Ted jdu na MBAM

Zoek.exe v5.0.0.1 Updated 19-September-2016
Tool run by Zuzka on Łt 27.09.2016 at 11:05:56,98.
Microsoft Windows 7 Starter 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Zuzka\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

27.9.2016 11:07:23 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\Users\Zuzka\AppData\Roaming\Windows Live Writer deleted successfully

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== FireFox Fix ======================

Deleted from C:\Users\Zuzka\AppData\Roaming\Mozilla\Firefox\Profiles\a74kucnk.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.seznam.cz/");

Added to C:\Users\Zuzka\AppData\Roaming\Mozilla\Firefox\Profiles\a74kucnk.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Deleted from C:\Users\Zuzka\AppData\Roaming\Netscape\Navigator\Profiles\zg5emn6h.default\prefs.js:

Added to C:\Users\Zuzka\AppData\Roaming\Netscape\Navigator\Profiles\zg5emn6h.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\Zuzka\AppData\Roaming\Mozilla\Firefox\Profiles\a74kucnk.default

user.js not found
---- Lines ffxtbr removed from prefs.js ----
user_pref("extensions.4zffxtbr@VideoDownloadConverter_4z.com.install-event-fired", true);
---- FireFox user.js and prefs.js backups ----

prefs_27.09.2016_1139_.backup

ProfilePath: C:\Users\Zuzka\AppData\Roaming\Netscape\Navigator\Profiles\zg5emn6h.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_27.09.2016_1139_.backup

==== Deleting Files \ Folders ======================

C:\Program Files\syncables deleted

==== Orphaned Tasks deleted from Registry ======================

avast Emergency Update deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\Zuzka\AppData\Roaming\Mozilla\Firefox\Profiles\a74kucnk.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\Zuzka\AppData\Roaming\Netscape\Navigator\Profiles\zg5emn6h.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions ======================

ProfilePath: C:\Users\Zuzka\AppData\Roaming\Mozilla\Firefox\Profiles\a74kucnk.default
- Undetermined - C:\Program Files\AVAST Software\Avast\WebRep\FF

ProfilePath: C:\Users\Zuzka\AppData\Roaming\Netscape\Navigator\Profiles\zg5emn6h.default
- Undetermined - D:\Program Files 2\extensions\netscape9migrator@flock.com
- Undetermined - D:\Program Files 2\extensions\netstripe@netscape.com

==== Firefox Plugins ======================

Profilepath: C:\Users\Zuzka\AppData\Roaming\Mozilla\Firefox\Profiles\a74kucnk.default
28D2C5CE5944E1B027CF5C8004CF89A1 - C:\Program Files\Adobe\Reader 9.0\Reader\browser\nppdf32.dll - Adobe Acrobat
AC421A44DE902F2627F1E63793ED89CD - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Windows Live? Photo Gallery
8006FC6A9A7C3168EF15DBA842C3AFC5 - c:\Program Files\Microsoft Silverlight\4.0.50401.0\npctrl.dll - Silverlight Plug-In
C04B0BCA15F30CF7D68E7733997EA90B - c:\Program Files\Microsoft Silverlight\4.0.50401.0\npctrlui.dll - Microsoft (R) Silverlight

==== Chromium Look ======================

Google Chrome Version: 43.0.2357.134

Chrome Media Router - Zuzka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://asus.msn.com"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://asus.msn.com"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTer ... -SearchBox
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTer ... -SearchBox

==== Reset Google Chrome ======================

C:\Users\Zuzka\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Zuzka\AppData\Local\Google\Chrome\User Data\Default\Preferences.bad was reset successfully
C:\Users\Zuzka\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Zuzka\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Zuzka\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully

==== Empty IE Cache ======================

C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Zuzka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\Zuzka\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=805 folders=88 169317690 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Default User\AppData\Local\temp emptied successfully
C:\Users\Public\AppData\Local\temp emptied successfully
C:\Users\Zuzka\AppData\Local\Temp will be emptied at reboot
C:\windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\windows\Temp successfully emptied
C:\Users\Zuzka\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Zuzka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

==== EOF on Łt 27.09.2016 at 11:51:19,15 ======================

VIRY.CZ

Prosim o kontrolu logu, hodně zpomaleny VŠECHNO

Prosim o kontrolu logu, hodně zpomaleny VŠECHNO

Re: Prosim o kontrolu logu, hodně zpomaleny VŠECHNO

Re: Prosim o kontrolu logu, hodně zpomaleny VŠECHNO

Re: Prosim o kontrolu logu, hodně zpomaleny VŠECHNO

Re: Prosim o kontrolu logu, hodně zpomaleny VŠECHNO

Re: Prosim o kontrolu logu, hodně zpomaleny VŠECHNO

Re: Prosim o kontrolu logu, hodně zpomaleny VŠECHNO

Re: Prosim o kontrolu logu, hodně zpomaleny VŠECHNO

Re: Prosim o kontrolu logu, hodně zpomaleny VŠECHNO

Re: Prosim o kontrolu logu, hodně zpomaleny VŠECHNO

Re: Prosim o kontrolu logu, hodně zpomaleny VŠECHNO

Re: Prosim o kontrolu logu, hodně zpomaleny VŠECHNO

Re: Prosim o kontrolu logu, hodně zpomaleny VŠECHNO

Re: Prosim o kontrolu logu, hodně zpomaleny VŠECHNO

Re: Prosim o kontrolu logu, hodně zpomaleny VŠECHNO