prosím o kontrolu logu Vyřešeno

[KamilaS]

----------------------------------------------------------------------------
CrystalDiskInfo 7.0.5 (C) 2008-2016 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 7 Home Premium SP1 [6.1 Build 7601] (x86)
Date : 2017/05/04 17:57:11

-- Controller Map ----------------------------------------------------------
+ ATA Channel 0 (0) [ATA]
- WDC WD10EALX-009BA0 ATA Device
+ ATA Channel 1 (1) [ATA]
- TSSTcorp CDDVDW SH-222AB ATA Device
+ Intel(R) 6 Series/C200 Series Chipset Family 6 Port SATA AHCI Controller - 1C02 [ATA]
- ATA Channel 0 (0)
- ATA Channel 1 (1)
- ATA Channel 4 (4)
- ATA Channel 5 (5)

-- Disk List ---------------------------------------------------------------
(1) WDC WD10EALX-009BA0 : 1000,2 GB [0/0/0, pd1] - wd

----------------------------------------------------------------------------
(1) WDC WD10EALX-009BA0
----------------------------------------------------------------------------
Model : WDC WD10EALX-009BA0
Firmware : 15.01H15
Serial Number : WD-WCATR9361274
Disk Size : 1000,2 GB (8,4/137,4/1000,2/1000,2)
Buffer Size : 32767 KB
Queue Depth : 32
# of Sectors : 1953525168
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : SATA/300 | SATA/600
Power On Hours : 15567 hod.
Power On Count : 5015 krát
Temperature : 39 C (102 F)
Health Status : Dobrý
Features : S.M.A.R.T., 48bit LBA, NCQ
APM Level : ----
AAM Level : ----
Drive Letter : C:

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chyb čtení
03 178 176 _21 000000000FF3 Čas na roztočení ploten
04 _95 _95 __0 00000000139A Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 100 253 __0 000000000000 Počet chybných hledání
09 _79 _79 __0 000000003CCF Hodin v činnosti
0A 100 100 __0 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000000 Počet pokusů o překalibrování
0C _95 _95 __0 000000001397 Počet cyklů zapnutí zařízení
C0 200 200 __0 00000000004F Počet vypnutí disku
C1 199 199 __0 00000000134A Počet cyklů načítání/vymazání
C2 108 100 __0 000000000027 Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 200 200 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 200 200 __0 000000000000 Počet chyb při zápisu sektorů

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2057 442D 5743 4154 5239 3336 3132 3734
020: 0000 FFFF 0032 3135 2E30 3148 3135 5744 4320 5744
030: 3130 4541 4C58 2D30 3039 4241 3020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0000 0000 0007 3FFF 0010 003F FC10 00FB 0100
060: FFFF 0FFF 0000 0407 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 170E 0004 0044 0040
080: 01FE 0000 746B 7D61 4123 7469 BC41 4123 007F 0056
090: 0056 0000 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 6DB0 7470 0000 0000 0000 0000 0000 0000 5001 4EE2
110: 5BBD D88C 0000 0000 0000 0000 0000 0000 0000 4018
120: 4018 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 16E2 0000 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 3037 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 103E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 1000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 29A5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 C8 C8 00 00 00 00 00 00 00 03 27
010: 00 B2 B0 F3 0F 00 00 00 00 00 04 32 00 5F 5F 9A
020: 13 00 00 00 00 00 05 33 00 C8 C8 00 00 00 00 00
030: 00 00 07 2E 00 64 FD 00 00 00 00 00 00 00 09 32
040: 00 4F 4F CF 3C 00 00 00 00 00 0A 32 00 64 64 00
050: 00 00 00 00 00 00 0B 32 00 64 64 00 00 00 00 00
060: 00 00 0C 32 00 5F 5F 97 13 00 00 00 00 00 C0 32
070: 00 C8 C8 4F 00 00 00 00 00 00 C1 32 00 C7 C7 4A
080: 13 00 00 00 00 00 C2 22 00 6C 64 27 00 00 00 00
090: 00 00 C4 32 00 C8 C8 00 00 00 00 00 00 00 C5 32
0A0: 00 C8 C8 00 00 00 00 00 00 00 C6 30 00 C8 C8 00
0B0: 00 00 00 00 00 00 C7 32 00 C8 C8 00 00 00 00 00
0C0: 00 00 C8 08 00 C8 C8 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 82 00 DC 41 01 7B
170: 03 00 01 00 02 C3 05 00 00 00 00 00 00 00 00 00
180: 00 00 01 04 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 1C

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 C8 C8 C8 C8 00 00 00 00 00 00 03 15
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 8C 00 00 00 00 00 00 00 00
030: 00 00 07 00 64 64 64 64 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 00 00 00 00 00
050: 00 00 00 00 00 00 0B 00 00 00 00 00 00 00 00 00
060: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 C0 00
070: 00 00 00 00 00 00 00 00 00 00 C1 00 00 00 00 00
080: 00 00 00 00 00 00 C2 00 00 00 00 00 00 00 00 00
090: 00 00 C4 00 00 00 00 00 00 00 00 00 00 00 C5 00
0A0: 00 00 00 00 00 00 00 00 00 00 C6 00 00 00 00 00
0B0: 00 00 00 00 00 00 C7 00 00 00 00 00 00 00 00 00
0C0: 00 00 C8 00 C8 C8 C8 C8 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ED

[Reklama]

[jaro3]

000000000FF3 Čas na roztočení ploten
zítra znovu CDI.


Ten Combofix udělej , nebo zkus předtím ještě adwcleaner , JRT.

[KamilaS]

tak teď jsem ukončila ten memtest, kterej byl jen na 1035 paměti a šel od 22. hodiny až do teĎ 14:00

nedá se to fakt, takhle dlouho:(

tady dávám obrázek

[KamilaS]

jdu na jrt, adw a pak ten combo

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.3 (04.10.2017)
Operating System: Windows 7 Home Premium x86
Ran by kamca (Administrator) on p  05.05.2017 at 14:16:26,34
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 9

Successfully deleted: C:\Users\kamca\AppData\Roaming\Mozilla\Firefox\Profiles\5lry4bt3.default-1485946732013\Invalidprefs.js (File)
Successfully deleted: C:\Users\kamca\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4ICMHW3Z (Temporary Internet Files Folder)
Successfully deleted: C:\Users\kamca\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\66CFLQ53 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\kamca\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J99WDLC5 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\kamca\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U4AZA5EA (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4ICMHW3Z (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\66CFLQ53 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J99WDLC5 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U4AZA5EA (Temporary Internet Files Folder)



Registry: 0





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on p  05.05.2017 at 14:17:43,68
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[KamilaS]

# AdwCleaner v6.046 - Log vytvořen 05/05/2017 v 14:47:57
# Aktualizováno dne 24/04/2017 z Malwarebytes
# Databáze : 2017-05-04.2 [Server]
# Operační systém : Windows 7 Home Premium Service Pack 1 (X86)
# Uživatelské jméno : kamca - PKSZABOVI
# Spuštěno z : C:\Users\kamca\Desktop\PC PROGRAMY\adwcleaner_6.046.exe
# Mod: Skenování
# Podpora : https://www.malwarebytes.com/support



***** [ Služby ] *****

Nebyly nalezeny žádné škodlivé služby.


***** [ Složky ] *****

Nebyly nalezeny žádné škodlivé složky.


***** [ Soubory ] *****

Nebyly nalezeny žádné škodlivé soubory.


***** [ DLL ] *****

Nebyly nalezeny žádné škodlivé DLL.


***** [ WMI ] *****

Nebyly nalezeny žádné škodlivé klíče.


***** [ Zástupci ] *****

Žádný infikovaný zástupce nenalezen.


***** [ Naplánované úlohy ] *****

Žádná nebezpečná úloha nenalezena.


***** [ Registry ] *****

Nebyly nalezeny žádné škodlivé položky registru.


***** [ Internetové prohlížeče ] *****

Nebyly nalezeny žádné škodlivé položky prohlížeče Firefox.
Nebyly nalezeny žádné škodlivé položky prohlížeče Chromium.

*************************

C:\AdwCleaner\AdwCleaner[S0].txt - [1397 Bajty] - [27/04/2017 13:29:41]
C:\AdwCleaner\AdwCleaner[S1].txt - [1318 Bajty] - [05/05/2017 14:47:57]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1391 Bajty] ##########

[KamilaS]

ComboFix 17-05-04.01 - kamca 05.05.2017 14:51:42.1.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3319.2053 [GMT 2:00]
Spuštěný z: c:\users\kamca\Desktop\ComboFix.exe
AV: Avira Antivirus *Disabled/Updated* {B3F630BD-538D-1B4A-14FA-14B63235278F}
SP: Avira Antivirus *Disabled/Updated* {0897D159-75B7-14C4-2E4A-2FC449B26D32}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2017-04-05 do 2017-05-05 )))))))))))))))))))))))))))))))
.
.
2017-05-05 12:57 . 2017-05-05 12:57 -------- d-----w- c:\users\Default\AppData\Local\temp
2017-05-04 14:48 . 2017-05-04 14:48 -------- d-----w- c:\program files\CrystalDiskInfo
2017-05-03 18:10 . 2017-05-03 18:10 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2017-05-03 18:10 . 2017-05-03 18:10 483952 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2017-05-03 08:13 . 2017-05-03 08:13 181496 ----a-w- c:\windows\system32\drivers\zamguard32.sys
2017-05-03 08:13 . 2017-05-03 08:13 181496 ----a-w- c:\windows\system32\drivers\zam32.sys
2017-05-03 08:13 . 2017-05-03 08:13 -------- d-----w- c:\program files\Zemana AntiMalware
2017-05-02 14:09 . 2017-05-02 14:09 -------- d-----w- C:\zoek
2017-05-02 12:35 . 2017-05-02 12:35 -------- d-----w- c:\users\kamca\AppData\Roaming\Avira
2017-04-27 11:31 . 2017-05-04 12:59 220088 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2017-04-27 11:31 . 2017-03-22 09:02 59904 ----a-w- c:\windows\system32\drivers\mbae.sys
2017-04-27 11:31 . 2017-04-27 11:31 -------- d-----w- c:\program files\Malwarebytes
2017-04-27 11:27 . 2017-05-05 12:47 -------- d-----w- C:\AdwCleaner
2017-04-26 20:50 . 2017-04-26 20:50 -------- d-----w- c:\programdata\Sophos
2017-04-26 20:48 . 2017-04-26 20:48 -------- d-----w- c:\program files\Sophos
2017-04-24 08:36 . 2017-04-24 08:36 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2017-04-24 08:36 . 2017-04-24 08:36 483952 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2017-04-19 11:01 . 2017-04-19 11:01 -------- d-----w- c:\users\kamca\AppData\Local\Adobe
2017-04-18 15:42 . 2017-05-04 14:47 -------- d-----w- c:\users\kamca\AppData\Local\CrashDumps
2017-04-18 15:33 . 2017-03-21 12:01 59000 ----a-w- c:\windows\system32\drivers\avnetflt.sys
2017-04-18 15:33 . 2017-03-21 12:01 46072 ----a-w- c:\windows\system32\drivers\avusbflt.sys
2017-04-18 15:33 . 2017-03-21 12:01 35840 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2017-04-18 15:33 . 2017-03-21 12:01 142320 ----a-w- c:\windows\system32\drivers\avipbb.sys
2017-04-18 15:33 . 2017-03-21 12:01 119264 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2017-04-18 13:47 . 2017-05-03 08:13 -------- d-----w- c:\users\kamca\AppData\Local\Zemana
2017-04-18 11:12 . 2017-04-18 11:12 -------- d-----w- c:\users\kamca\AppData\Roaming\TeamViewer
2017-04-16 15:01 . 2017-04-16 15:01 -------- d-----w- c:\users\kamca\AppData\Local\CEF
2017-04-07 18:39 . 2017-04-30 15:12 -------- d-----w- C:\The KMPlayer
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2017-05-02 20:11 . 2016-01-26 11:00 24688 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2017-04-12 06:47 . 2015-11-20 19:35 802904 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2017-04-12 06:47 . 2015-11-20 19:35 144472 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2015-10-21 14:36 . 2015-10-21 14:36 2306048 ----a-w- c:\program files\openoffice412.msi
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2012-06-11 10996368]
"NvBackend"="c:\program files\NVIDIA Corporation\Update Core\NvBackend.exe" [2015-11-24 2757424]
"Avira SystrayStartTrigger"="c:\program files\Avira\Launcher\Avira.SystrayStartTrigger.exe" [2017-03-09 63432]
"avgnt"="c:\program files\Avira\Antivirus\avgnt.exe" [2017-04-30 912768]
"Malwarebytes TrayApp"="c:\program files\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe" [2017-01-20 2780112]
"ZAM"="c:\program files\Zemana AntiMalware\ZAM.exe" [2017-04-03 14522512]
.
c:\users\kamca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Facebook Gameroom.lnk - c:\users\kamca\AppData\Local\Facebook\Games\FacebookGameroom.exe fbgames://windows_startup/ [2017-3-2 385456]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux9"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer_For_P2G10]
2015-10-28 03:20 110008 ----a-w- c:\program files\CyberLink\Power2Go10\CLMLSvc_P2G10.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Power2GoExpress10]
2015-10-28 03:21 3063224 ----a-w- c:\program files\CyberLink\Power2Go10\Power2GoExpress10.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2016-11-15 15:33 27219928 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
R2 AntiVirMailService;Avira Mail Protection;c:\program files\Avira\Antivirus\avmailc7.exe [2017-04-30 1119712]
R2 AntiVirWebService;Avira Web Protection;c:\program files\Avira\Antivirus\avwebg7.exe [2017-04-30 1520680]
R2 Freemake Improver;Freemake Improver;c:\programdata\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [2017-01-24 104448]
R3 HWHandSet;HWUSBSERSP;c:\windows\system32\DRIVERS\hw_quusbmdm.sys [2016-11-25 195200]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2016-09-30 102912]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 642520]
R3 MBAMWebProtection;MBAMWebProtection;c:\windows\system32\drivers\mwac.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 14848]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 49664]
S0 avusbflt;avusbflt;c:\windows\System32\Drivers\avusbflt.sys [2017-03-21 46072]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2017-03-21 35840]
S1 ZAM;ZAM Helper Driver;c:\windows\System32\drivers\zam32.sys [2017-05-03 181496]
S1 ZAM_Guard;ZAM Guard Driver;c:\windows\System32\drivers\zamguard32.sys [2017-05-03 181496]
S2 AntiVirSchedulerService;Avira Scheduler;c:\program files\Avira\Antivirus\sched.exe [2017-04-30 488920]
S2 Avira.ServiceHost;Avira Service Host;c:\program files\Avira\Launcher\Avira.ServiceHost.exe [2017-03-09 349560]
S2 avnetflt;avnetflt;c:\windows\system32\DRIVERS\avnetflt.sys [2017-03-21 59000]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 FreemakeVideoCapture;FreemakeVideoCapture;c:\program files\Freemake\CaptureLib\CaptureLibService.exe [2017-01-24 9216]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-11-24 922928]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2013-08-27 595968]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-09-16 169432]
S2 MBAMService;Malwarebytes Service;c:\program files\Malwarebytes\Anti-Malware\mbamservice.exe [2017-01-20 3303888]
S2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2011-02-11 35088]
S2 NvNetworkService;NVIDIA Network Service;c:\program files\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-11-24 1872688]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2015-11-24 4611888]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvscpapisvr.exe [2016-09-16 426040]
S2 ZAMSvc;ZAM Controller Service;c:\program files\Zemana AntiMalware\ZAM.exe [2017-04-03 14522512]
S3 CLVirtualBus01;CyberLink Virtual CDROM Bus Enumerator;c:\windows\system32\DRIVERS\CLVirtualBus01.sys [2014-11-05 79624]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys [2017-05-04 220088]
S3 MEI;Intel(R) Management Engine Interface ;c:\windows\system32\DRIVERS\TeeDriver.sys [2013-09-16 85464]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-11-24 18736]
S3 NvStreamNetworkSvc;NVIDIA Streamer Network Service;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [2015-11-24 6288688]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad32v.sys [2015-11-24 44840]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2014-06-17 718552]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - MBAMSWISSARMY
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr fdrespub AppIDSvc QWAVE wcncsvc Mcx2Svc SensrSvc
utcsvc REG_MULTI_SZ DiagTrack
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A6EADE66-0000-0000-484E-7E8A45000000}]
2017-04-05 00:38 323664 ----a-w- c:\program files\Adobe\Acrobat Reader DC\Esl\AiodLite.dll
.
.
------- Doplňkový sken -------
.
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
FF - ProfilePath - c:\users\kamca\AppData\Roaming\Mozilla\Firefox\Profiles\5lry4bt3.default-1485946732013\
FF - prefs.js: browser.startup.homepage - hxxp://pc-help.cnews.cz/viewtopic.php?f ... b/2017/5/3
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
HKLM-Run-DivXMediaServer - c:\program files\DivX\DivX Media Server\DivXMediaServer.exe
AddRemove-YTD_Pepak - c:\program files\YTD\ytd.exe
AddRemove-{0b46d918-af4f-4612-8076-5c0ae67cb2aa} - c:\programdata\Package Cache\{0b46d918-af4f-4612-8076-5c0ae67cb2aa}\Avira.OE.Setup.Bundle.exe
AddRemove-{22154f09-719a-4619-bb71-5b3356999fbf} - c:\programdata\Package Cache\{22154f09-719a-4619-bb71-5b3356999fbf}\vcredist_x86.exe
AddRemove-{ce085a78-074e-4823-8dc1-8a721b94b76d} - c:\programdata\Package Cache\{ce085a78-074e-4823-8dc1-8a721b94b76d}\vcredist_x86.exe
AddRemove-{f65db027-aff3-4070-886a-0d87064aabb1} - c:\programdata\Package Cache\{f65db027-aff3-4070-886a-0d87064aabb1}\vcredist_x86.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Celkový čas: 2017-05-05 14:58:09
ComboFix-quarantined-files.txt 2017-05-05 12:58
.
Před spuštěním: Volných bajtů: 272 249 729 024
Po spuštění: Volných bajtů: 272 362 999 808
.
- - End Of File - - 59C9DC3B58DE300F421F3FF98234483D
A36C5E4F47E84449FF07ED3517B43A31

[jaro3]

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::
RegLock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

RAM OK.

[KamilaS]

ComboFix 17-05-04.01 - kamca 07.05.2017 18:53:27.2.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3319.2169 [GMT 2:00]
Spuštěný z: c:\users\kamca\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\kamca\Desktop\CFScript.txt
AV: Avira Antivirus *Disabled/Updated* {B3F630BD-538D-1B4A-14FA-14B63235278F}
SP: Avira Antivirus *Disabled/Updated* {0897D159-75B7-14C4-2E4A-2FC449B26D32}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2017-04-07 do 2017-05-07 )))))))))))))))))))))))))))))))
.
.
2017-05-07 17:00 . 2017-05-07 17:00 -------- d-----w- c:\users\Public\AppData\Local\temp
2017-05-07 17:00 . 2017-05-07 17:00 -------- d-----w- c:\users\Default\AppData\Local\temp
2017-05-07 14:24 . 2017-05-07 14:24 -------- d-----w- c:\programdata\Package Cache
2017-05-04 14:48 . 2017-05-04 14:48 -------- d-----w- c:\program files\CrystalDiskInfo
2017-05-03 18:10 . 2017-05-03 18:10 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2017-05-03 18:10 . 2017-05-03 18:10 483952 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2017-05-03 08:13 . 2017-05-03 08:13 181496 ----a-w- c:\windows\system32\drivers\zamguard32.sys
2017-05-03 08:13 . 2017-05-03 08:13 181496 ----a-w- c:\windows\system32\drivers\zam32.sys
2017-05-03 08:13 . 2017-05-03 08:13 -------- d-----w- c:\program files\Zemana AntiMalware
2017-05-02 14:09 . 2017-05-02 14:09 -------- d-----w- C:\zoek
2017-05-02 12:35 . 2017-05-02 12:35 -------- d-----w- c:\users\kamca\AppData\Roaming\Avira
2017-04-27 11:31 . 2017-05-07 14:24 220088 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2017-04-27 11:31 . 2017-03-22 09:02 59904 ----a-w- c:\windows\system32\drivers\mbae.sys
2017-04-27 11:31 . 2017-04-27 11:31 -------- d-----w- c:\program files\Malwarebytes
2017-04-27 11:27 . 2017-05-05 12:47 -------- d-----w- C:\AdwCleaner
2017-04-26 20:50 . 2017-04-26 20:50 -------- d-----w- c:\programdata\Sophos
2017-04-26 20:48 . 2017-04-26 20:48 -------- d-----w- c:\program files\Sophos
2017-04-24 08:36 . 2017-04-24 08:36 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2017-04-24 08:36 . 2017-04-24 08:36 483952 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2017-04-19 11:01 . 2017-04-19 11:01 -------- d-----w- c:\users\kamca\AppData\Local\Adobe
2017-04-18 15:42 . 2017-05-04 14:47 -------- d-----w- c:\users\kamca\AppData\Local\CrashDumps
2017-04-18 15:33 . 2017-03-21 12:01 59000 ----a-w- c:\windows\system32\drivers\avnetflt.sys
2017-04-18 15:33 . 2017-03-21 12:01 46072 ----a-w- c:\windows\system32\drivers\avusbflt.sys
2017-04-18 15:33 . 2017-03-21 12:01 35840 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2017-04-18 15:33 . 2017-03-21 12:01 142320 ----a-w- c:\windows\system32\drivers\avipbb.sys
2017-04-18 15:33 . 2017-03-21 12:01 119264 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2017-04-18 13:47 . 2017-05-03 08:13 -------- d-----w- c:\users\kamca\AppData\Local\Zemana
2017-04-18 11:12 . 2017-04-18 11:12 -------- d-----w- c:\users\kamca\AppData\Roaming\TeamViewer
2017-04-16 15:01 . 2017-04-16 15:01 -------- d-----w- c:\users\kamca\AppData\Local\CEF
2017-04-07 18:39 . 2017-04-30 15:12 -------- d-----w- C:\The KMPlayer
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2017-05-02 20:11 . 2016-01-26 11:00 24688 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2017-04-12 06:47 . 2015-11-20 19:35 802904 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2017-04-12 06:47 . 2015-11-20 19:35 144472 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2015-10-21 14:36 . 2015-10-21 14:36 2306048 ----a-w- c:\program files\openoffice412.msi
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2012-06-11 10996368]
"NvBackend"="c:\program files\NVIDIA Corporation\Update Core\NvBackend.exe" [2015-11-24 2757424]
"Avira SystrayStartTrigger"="c:\program files\Avira\Launcher\Avira.SystrayStartTrigger.exe" [2017-04-11 61944]
"avgnt"="c:\program files\Avira\Antivirus\avgnt.exe" [2017-04-30 912768]
"Malwarebytes TrayApp"="c:\program files\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe" [2017-01-20 2780112]
"ZAM"="c:\program files\Zemana AntiMalware\ZAM.exe" [2017-04-03 14522512]
.
c:\users\kamca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Facebook Gameroom.lnk - c:\users\kamca\AppData\Local\Facebook\Games\FacebookGameroom.exe fbgames://windows_startup/ [2017-3-2 385456]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux9"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer_For_P2G10]
2015-10-28 03:20 110008 ----a-w- c:\program files\CyberLink\Power2Go10\CLMLSvc_P2G10.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Power2GoExpress10]
2015-10-28 03:21 3063224 ----a-w- c:\program files\CyberLink\Power2Go10\Power2GoExpress10.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2016-11-15 15:33 27219928 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
R2 AntiVirMailService;Avira Mail Protection;c:\program files\Avira\Antivirus\avmailc7.exe [2017-04-30 1119712]
R2 AntiVirWebService;Avira Web Protection;c:\program files\Avira\Antivirus\avwebg7.exe [2017-04-30 1520680]
R2 Freemake Improver;Freemake Improver;c:\programdata\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [2017-01-24 104448]
R3 HWHandSet;HWUSBSERSP;c:\windows\system32\DRIVERS\hw_quusbmdm.sys [2016-11-25 195200]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2016-09-30 102912]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 642520]
R3 MBAMWebProtection;MBAMWebProtection;c:\windows\system32\drivers\mwac.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 14848]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 49664]
S0 avusbflt;avusbflt;c:\windows\System32\Drivers\avusbflt.sys [2017-03-21 46072]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2017-03-21 35840]
S1 ZAM;ZAM Helper Driver;c:\windows\System32\drivers\zam32.sys [2017-05-03 181496]
S1 ZAM_Guard;ZAM Guard Driver;c:\windows\System32\drivers\zamguard32.sys [2017-05-03 181496]
S2 AntiVirSchedulerService;Avira Scheduler;c:\program files\Avira\Antivirus\sched.exe [2017-04-30 488920]
S2 Avira.ServiceHost;Avira Service Host;c:\program files\Avira\Launcher\Avira.ServiceHost.exe [2017-04-11 350120]
S2 avnetflt;avnetflt;c:\windows\system32\DRIVERS\avnetflt.sys [2017-03-21 59000]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 FreemakeVideoCapture;FreemakeVideoCapture;c:\program files\Freemake\CaptureLib\CaptureLibService.exe [2017-01-24 9216]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-11-24 922928]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2013-08-27 595968]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-09-16 169432]
S2 MBAMService;Malwarebytes Service;c:\program files\Malwarebytes\Anti-Malware\mbamservice.exe [2017-01-20 3303888]
S2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2011-02-11 35088]
S2 NvNetworkService;NVIDIA Network Service;c:\program files\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-11-24 1872688]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2015-11-24 4611888]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvscpapisvr.exe [2016-09-16 426040]
S2 ZAMSvc;ZAM Controller Service;c:\program files\Zemana AntiMalware\ZAM.exe [2017-04-03 14522512]
S3 CLVirtualBus01;CyberLink Virtual CDROM Bus Enumerator;c:\windows\system32\DRIVERS\CLVirtualBus01.sys [2014-11-05 79624]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys [2017-05-07 220088]
S3 MEI;Intel(R) Management Engine Interface ;c:\windows\system32\DRIVERS\TeeDriver.sys [2013-09-16 85464]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-11-24 18736]
S3 NvStreamNetworkSvc;NVIDIA Streamer Network Service;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [2015-11-24 6288688]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad32v.sys [2015-11-24 44840]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2014-06-17 718552]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - MBAMSWISSARMY
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr fdrespub AppIDSvc QWAVE wcncsvc Mcx2Svc SensrSvc
utcsvc REG_MULTI_SZ DiagTrack
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A6EADE66-0000-0000-484E-7E8A45000000}]
2017-04-05 00:38 323664 ----a-w- c:\program files\Adobe\Acrobat Reader DC\Esl\AiodLite.dll
.
.
------- Doplňkový sken -------
.
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
FF - ProfilePath - c:\users\kamca\AppData\Roaming\Mozilla\Firefox\Profiles\5lry4bt3.default-1485946732013\
FF - prefs.js: browser.startup.homepage - hxxp://pc-help.cnews.cz/viewtopic.php?f ... b/2017/5/3
.
.
Celkový čas: 2017-05-07 19:01:52
ComboFix-quarantined-files.txt 2017-05-07 17:01
ComboFix2.txt 2017-05-05 12:58
.
Před spuštěním: Volných bajtů: 269 466 337 280
Po spuštění: Volných bajtů: 269 415 239 680
.
- - End Of File - - 83B293C62D7D054BC50D5706422C22C0
A36C5E4F47E84449FF07ED3517B43A31

[KamilaS]

aswMBR version 1.0.1.2290 Copyright(c) 2014 AVAST Software
Run date: 2017-05-07 19:10:25
-----------------------------
19:10:25.079 OS Version: Windows 6.1.7601 Service Pack 1
19:10:25.079 Number of processors: 2 586 0x2A07
19:10:25.079 ComputerName: PKSZABOVI UserName: kamca
19:10:27.653 Initialize success
19:10:27.746 VM: initialized successfully
19:10:27.746 VM: Intel CPU supported
19:10:29.750 VM: not used
19:10:35.298 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
19:10:35.298 Disk 0 Vendor: WDC_WD10EALX-009BA0 15.01H15 Size: 953869MB BusType: 11
19:10:35.392 Disk 0 MBR read successfully
19:10:35.392 Disk 0 MBR scan
19:10:35.392 Disk 0 Windows 7 default MBR code
19:10:35.407 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
19:10:35.407 Disk 0 Boot: NTFS code=2
19:10:35.407 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 953767 MB offset 206848
19:10:35.423 Disk 0 scanning sectors +1953521664
19:10:35.470 Disk 0 scanning C:\Windows\system32\drivers
19:10:43.114 Service scanning
19:10:59.400 Modules scanning
19:10:59.400 Disk 0 trace - called modules:
19:10:59.416 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS PCIIDEX.SYS msahci.sys
19:10:59.416 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x867ad178]
19:10:59.416 3 CLASSPNP.SYS[8c3b059e] -> nt!IofCallDriver -> [0x866bdc10]
19:10:59.431 5 ACPI.sys[8be3a3d4] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x862f1908]
19:10:59.431 Disk 0 statistics 87600/0/0 @ 6,87 MB/s
19:10:59.431 Scan finished successfully
19:11:24.849 Disk 0 MBR has been saved successfully to "C:\Users\kamca\Desktop\MBR.dat"
19:11:24.849 The log file has been saved successfully to "C:\Users\kamca\Desktop\aswMBR.txt"

[jerabina]

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.

Co problémy? + nový log z HJT

[KamilaS]

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:17:14, on 7.5.2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18500)

FIREFOX: 53.0.2 (x86 cs)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\Avira\Antivirus\avgnt.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files\Zemana AntiMalware\ZAM.exe
C:\Users\kamca\AppData\Local\Facebook\Games\FacebookGameroom.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Avira\Launcher\Avira.Systray.exe
C:\Users\kamca\AppData\Local\Facebook\Games\Facebook Gameroom Browser.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Users\kamca\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
O1 - Hosts: ::1 localhost
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [NvBackend] "C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe"
O4 - HKLM\..\Run: [Avira SystrayStartTrigger] "C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\Antivirus\avgnt.exe" /min
O4 - HKLM\..\Run: [Malwarebytes TrayApp] C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe
O4 - HKLM\..\Run: [ZAM] "C:\Program Files\Zemana AntiMalware\ZAM.exe" /minimized
O4 - Startup: Facebook Gameroom.lnk = kamca\AppData\Local\Facebook\Games\FacebookGameroom.exe
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\Antivirus\avmailc7.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\Antivirus\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\Antivirus\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\Antivirus\avwebg7.exe
O23 - Service: Avira Service Host (Avira.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe
O23 - Service: Freemake Improver - Freemake - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
O23 - Service: FreemakeVideoCapture - Ellora Assets Corp. - C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Network Service (NvStreamNetworkSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
O23 - Service: ZAM Controller Service (ZAMSvc) - Copyright 2017. - C:\Program Files\Zemana AntiMalware\ZAM.exe

--
End of file - 6011 bytes

[KamilaS]

ff jde a neseká se i pc už je v původním stavu, mooc děkuju zase:)
můžu se ještě zeptat, existuje vůbec nějaká ochrana při "downloadech" (tor.)?

díky a v příštím týdnu zašlu pár kaček:)