prosím o kontrolu HJT,pc i mozzilla sekají a padají Vyřešeno

[KamilaS]

Zoek.exe v5.0.0.1 Updated 27-09-2015
Tool run by kamca on Łt 18.04.2017 at 14:25:20,07.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x86
Running in: Normal Mode No Internet Access Detected
Launched: C:\Users\kamca\Desktop\BACILATÝ PROGRAMY\zoek.exe [Scan all users] [Script inserted]

===== Runcheck 14:25:56,52 =====

--- Create Environment Variables 14:25:57,30
--- Create System Restore Point 14:26:28,65
--- Checking Input 14:26:46,90
--- Reset Hosts File 14:26:55,36
--- AU AppData Check 14:26:55,66
--- Remove From Windows Installer 14:26:58,57
--- Empty Folders Check 14:27:19,26
--- Registry HKLM Software Check 14:27:19,26
--- Quick Launch Shortcut Check 14:27:56,37
--- IE Startpage Check 14:27:58,01
--- Program Files DB Check 14:28:05,73
--- C:\Users\Default\AppData\Roaming DB Check 14:28:45,32
--- C:\Users\Default User\AppData\Roaming DB Check 14:28:45,32
--- C:\Users\kamca\AppData\Roaming DB Check 14:28:45,32
--- C:\Windows\system32\config\systemprofile\AppData\Roaming DB Check 14:28:45,32
--- C:\Windows\serviceprofiles\networkservice\AppData\Roaming DB Check 14:28:45,32
--- C:\Windows\serviceprofiles\Localservice\AppData\Roaming DB Check 14:28:45,32
--- C:\Users\kamca DB Check 14:30:23,56
--- C:\PROGRA~2 DB Check 14:30:39,41
--- C:\Users\Default\AppData\Local DB Check 14:30:43,40
--- C:\Users\Default User\AppData\Local DB Check 14:30:43,40
--- C:\Users\kamca\AppData\Local DB Check 14:30:43,40
--- C:\Users\Public\AppData\Local DB Check 14:30:43,40
--- C:\Windows\system32\config\systemprofile\AppData\Local DB Check 14:30:43,40
--- C:\Windows\serviceprofiles\networkservice\AppData\Local DB Check 14:30:43,40
--- C:\Windows\serviceprofiles\Localservice\AppData\Local DB Check 14:30:43,40

[Reklama]

[KamilaS]

Zoek.exe v5.0.0.1 Updated 27-09-2015
Tool run by kamca on Łt 18.04.2017 at 14:25:20,07.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x86
Running in: Normal Mode No Internet Access Detected
Launched: C:\Users\kamca\Desktop\BACILATÝ PROGRAMY\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

18.4.2017 14:26:46 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\ALLPlayerRemote deleted successfully
C:\PROGRA~2\office6 deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\kamca\AppData\Roaming\Mozilla\Firefox\Profiles\5lry4bt3.default-1485946732013\prefs.js:
user_pref("browser.startup.homepage", "http://pc-help.cnews.cz/viewtopic.php?f=47&t=187662&p=1460265#p1460265");

Added to C:\Users\kamca\AppData\Roaming\Mozilla\Firefox\Profiles\5lry4bt3.default-1485946732013\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Deleting Files \ Folders ======================

C:\Users\kamca\AppData\Roaming\Aegisub deleted
C:\Users\kamca\.android deleted
C:\PROGRA~2\Package Cache deleted
C:\Users\kamca\AppData\Roaming\Mozilla\Firefox\Profiles\5lry4bt3.default-1485946732013\extensions\firefox@mega.co.nz.xpi deleted
C:\Users\kamca\AppData\Roaming\Mozilla\Firefox\Profiles\5lry4bt3.default-1485946732013\Invalidprefs.js deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\kamca\AppData\Roaming\Mozilla\Firefox\Profiles\5lry4bt3.default-1485946732013
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

[KamilaS]

Zemana AntiMalware 2.72.2.388 (instalační verze)

-------------------------------------------------------
Scan Result : Dokončeno
Scan Date : 2017.4.18
Operating System : Windows 7 32-bit
Processor : 2X Intel(R) Pentium(R) CPU G620 @ 2.60GHz
BIOS Mode : Legacy
CUID : 12CC098A01801464A3E1B0
Scan Type : Skenování systému
Duration : 15m 18s
Scanned Objects : 80426
Detected Objects : 2
Excluded Objects : 0
Read Level : SCSI
Auto Upload : Zapnuto
Detect All Extensions : Vypnuto
Scan Documents : Vypnuto
Domain Info : WORKGROUP,0,2

Detected Objects
-------------------------------------------------------

{968d3d21-169f-4d34-ad28-068cbe555020}
Status : Skenováno
Object : NE->c:\windows\system32\tasks\{968d3d21-169f-4d34-ad28-068cbe555020}
MD5 : -
Publisher : -
Size : -
Version : -
Detection : Adware:Win32/FF.TASKSCHD.GEN.A!Neng
Cleaning Action : Karanténa
Related Objects :
(null) - (null)

FFSetup3.7.0.0.exe
Status : Skenováno
Object : %userprofile%\downloads\ffsetup3.7.0.0.exe
MD5 : 4816ADD3F3F2A3DF69CF4151A91BBAEC
Publisher : chen jun hao
Size : 148992
Version : 3.7.0.0
Detection : PUA:Win32/FormatFactory!Ep
Cleaning Action : Karanténa
Related Objects :
Soubor - %userprofile%\downloads\ffsetup3.7.0.0.exe

[KamilaS]

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:09:11, on 18.4.2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18500)

FIREFOX: 52.0.2 (x86 cs)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Users\kamca\AppData\Local\Facebook\Games\FacebookGameroom.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Avira\Launcher\Avira.Systray.exe
C:\Users\kamca\AppData\Local\Facebook\Games\Facebook Gameroom Browser.exe
C:\Users\kamca\Desktop\BACILATÝ PROGRAMY\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
O1 - Hosts: ::1 localhost
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [NvBackend] "C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe"
O4 - HKLM\..\Run: [Avira SystrayStartTrigger] "C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe"
O4 - HKLM\..\Run: [DivXMediaServer] C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe
O4 - HKLM\..\Run: [ZAM] "C:\Program Files\Zemana AntiMalware\ZAM.exe" /minimized
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - Startup: Facebook Gameroom.lnk = kamca\AppData\Local\Facebook\Games\FacebookGameroom.exe
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Avira Service Host (Avira.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe
O23 - Service: Freemake Improver - Freemake - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
O23 - Service: FreemakeVideoCapture - Ellora Assets Corp. - C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Network Service (NvStreamNetworkSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
O23 - Service: ZAM Controller Service (ZAMSvc) - Copyright 2017. - C:\Program Files\Zemana AntiMalware\ZAM.exe

--
End of file - 5338 bytes

[KamilaS]

tak to vypadá dobře, ještě počkám a když do zítra bude vše ok, odfajfkuju. příští měsíc vám zase něco za tuhle službu pošlu, díky moc!

[jaro3]

Nemáš zač!

pokud bude vše OK:
Stáhni si zde DelFix
https://toolslib.net/downloads/viewdownload/2-delfix/

ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7 a 8, musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore)
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci

Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem.Jinak je zpráva zde:
v C: \ DelFix.txt

[KamilaS]

# DelFix v1.013 - Logfile created 20/04/2017 at 08:04:25
# Updated 17/04/2016 by Xplode
# Username : kamca - PKSZABOVI
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)

~ Removing disinfection tools ...

Deleted : C:\zoek_backup
Deleted : C:\AdwCleaner
Deleted : C:\zoek-results.log
Deleted : HKLM\SOFTWARE\OldTimer Tools

########## - EOF - ##########

[jaro3]

Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.

[KamilaS]

zase se nějaké objevily, zkusím ještě něco ale mám dát asi znovu hjt, že jo?

[jaro3]

j , znovu ten začátek.