Notebook zamrzá Prosím o kontrolu logu

[robotus]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.4 (03.14.2016)
Operating System: Windows 7 Home Premium x64
Ran by Jiýˇ Jamnˇk (Administrator) on st 16.03.2016 at 12:07:47.23
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 26

Successfully deleted: C:\Users\Jiýˇ Jamnˇk\AppData\Roaming\Mozilla\Firefox\Profiles\gexw2bdx.default\user.js (File)
Successfully deleted: C:\Users\Jiýˇ Jamnˇk\AppData\Roaming\opencandy (Folder)
Successfully deleted: C:\Users\Jiýˇ Jamnˇk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Jiýˇ Jamnˇk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Jiýˇ Jamnˇk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\66RW11YR (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Jiýˇ Jamnˇk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\68S2UEEW (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Jiýˇ Jamnˇk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7QQ1RSV9 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Jiýˇ Jamnˇk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\98VTLVK9 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Jiýˇ Jamnˇk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHZLOP65 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Jiýˇ Jamnˇk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EUXQKFN6 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Jiýˇ Jamnˇk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Jiýˇ Jamnˇk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Jiýˇ Jamnˇk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NHUFD1KZ (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Jiýˇ Jamnˇk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TYQX0Y4G (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\66RW11YR (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\68S2UEEW (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7QQ1RSV9 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\98VTLVK9 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHZLOP65 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EUXQKFN6 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NHUFD1KZ (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TYQX0Y4G (Temporary Internet Files Folder)



Registry: 2

Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{583FE9F2-6678-46BA-84F8-266728073E03} (Registry Key)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C228DE78-AD7F-4993-8E37-89886B666D06} (Registry Key)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on st 16.03.2016 at 12:13:12.78
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[Reklama]

[robotus]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.4 (03.14.2016)
Operating System: Windows 7 Home Premium x64
Ran by Jiýˇ Jamnˇk (Administrator) on st 16.03.2016 at 12:07:47.23
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 26

Successfully deleted: C:\Users\Jiýˇ Jamnˇk\AppData\Roaming\Mozilla\Firefox\Profiles\gexw2bdx.default\user.js (File)
Successfully deleted: C:\Users\Jiýˇ Jamnˇk\AppData\Roaming\opencandy (Folder)
Successfully deleted: C:\Users\Jiýˇ Jamnˇk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Jiýˇ Jamnˇk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Jiýˇ Jamnˇk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\66RW11YR (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Jiýˇ Jamnˇk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\68S2UEEW (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Jiýˇ Jamnˇk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7QQ1RSV9 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Jiýˇ Jamnˇk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\98VTLVK9 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Jiýˇ Jamnˇk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHZLOP65 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Jiýˇ Jamnˇk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EUXQKFN6 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Jiýˇ Jamnˇk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Jiýˇ Jamnˇk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Jiýˇ Jamnˇk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NHUFD1KZ (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Jiýˇ Jamnˇk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TYQX0Y4G (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\66RW11YR (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\68S2UEEW (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7QQ1RSV9 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\98VTLVK9 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHZLOP65 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EUXQKFN6 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NHUFD1KZ (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TYQX0Y4G (Temporary Internet Files Folder)



Registry: 2

Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{583FE9F2-6678-46BA-84F8-266728073E03} (Registry Key)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C228DE78-AD7F-4993-8E37-89886B666D06} (Registry Key)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on st 16.03.2016 at 12:13:12.78
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[robotus]

RogueKiller V12.0.2.0 (x64) [Mar 14 2016] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/software/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno : Normální režim
Uživatel : Ji?í Jamník [Práva správce]
Started from : C:\Users\Ji?í Jamník\Desktop\RogueKillerX64.exe
Mód : Prohledat -- Datum : 03/16/2016 13:21:32

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 2 ¤¤¤
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-2419117446-1860271502-1876842869-1001\Software

\Microsoft\Internet Explorer\Main | Default_Page_URL : http://toshiba.msn.com -> Nalezeno
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-2419117446-1860271502-1876842869-1001\Software

\Microsoft\Internet Explorer\Main | Default_Page_URL : http://toshiba.msn.com -> Nalezeno

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 3 ¤¤¤
[Keylogger][Složka] C:\Users\Ji?í Jamník\AppData\Roaming\FK_Monitor -> Nalezeno
[PUP][Složka] C:\ProgramData\{00BAB1C5-D99B-4EF4-B1D6-1DEB5DA070DA} -> Nalezeno
[PUP][Složka] C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} -> Nalezeno

¤¤¤ Soubor HOSTS : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤

¤¤¤ Webové prohlížeče : 1 ¤¤¤
[PUM.HomePage][FIREFX:Config] gexw2bdx.default : user_pref("browser.startup.homepage",

"http://artodyssey1.blogspot.cz/search?q=joyce+ho"); -> Nalezeno

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: WDC WD7500BPVX-22JC3T0 +++++
--- User ---
[MBR] dd045539c42ca135bc72021893d2edf2
[BSP] 7092d10aeec3b2fad8f8b17b6e04cd8a : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 63 | Size: 800 MB
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 1638630 | Size: 238472 MB [Windows Vista/7/8

Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 490030695 | Size: 476129 MB [Windows

Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

[robotus]

RogueKiller našel 6 threads. Mám je odstranit? Nebo jen ty tři, které označil? Dík za rady.

[jerabina]

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB (kromě myši s klávesnice) nebo externí disky z počítače před spuštěním tohoto programu.
Spusť znovu RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Pak klikni na "Prohledat " ,po jeho skončení:
- V záložkách (Registry , Tasks , Web Browser apod.) vše zatrhni (dej zatržítka)
(musíš dát myší zatržítko do toho čtverečku vlevo od registru ap.)
- Klikni na "Smazat"
- Počkej, dokud Status box nezobrazí " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

Vypni antivir
Stáhni
Zoek.exe

a uloz si ho na plochu.
Zavři všechny ostatní programy , okna i prohlížeče.
Spusť Zoek.exe ( u win vista , win7, 8 klikni na něj pravým a vyber : „Spustit jako správce“
- pozor , náběh programu může trvat déle.

Do okna programu vlož skript níže:

Kód: Vybrat vše

autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts;

klikni na Run Script
Program provede sken , opravu, sken i oprava může trvat i více minut ,je třeba posečkat do konce. Do okna neklikej!
Program nabídne restart , potvrď .

Po restartu se může nějaký čas ukázat pouze černá plocha , to je normální. Je třeba počkat až se vytvoří log. Ten si můžeš uložit třeba do dokumentů , jinak se sám ukládá do:
C:\zoek-results.log
Zkopíruj sem celý obsah toho logu.

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

[robotus]

Díky za pomoc Jerabino. Ještě než to zkusím, tak pro info:
- Body obnovy jsem zkoušel - selžou
- Po restartu nikdy comp nenaběhne (až tak na čtvrtý až jedenáctý pokus)
- F8 po restartu nereaguje (comp jde spustit jen klasicky, ale ještě jsem to nezkoušel z msconfig)

mám se do postupu podle tvých instrukcí přesto pustit?

Dík

[jerabina]

Ano. Je tam havěť.

[robotus]

Trochu to zrekapituluji. Než si mi napsal RK původně našel 6 threads z toho 3 zaškrtnul a ty jsem smazal. Pak si mi napsal. Já jsem to projel RK znovu a našel zbylé tři, které jsem označil a smazal. Když jsem otvíral log, tak to zamrzlo. Restartoval jsem comp, kterej nabíhá pouze když mačkám střídavě F10 a enter (u toho je stále černá obrazovka). V historii RK jsem našel 2 logy z tohoto času, který přikládám. Comp už nezamrzá při spuštění videa v prohlížeči, nicméně spustit jde pouze když mačkám F10 a enter.

RogueKiller V12.0.2.0 (x64) [Mar 14 2016] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/software/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno : Normální režim
Uživatel : Ji?í Jamník [Práva správce]
Started from : C:\Users\Ji?í Jamník\Desktop\RogueKillerX64.exe
Mód : Prohledat -- Datum : 03/18/2016 00:13:21

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 2 ¤¤¤
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-2419117446-1860271502-1876842869-1001\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://toshiba.msn.com -> Nalezeno
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-2419117446-1860271502-1876842869-1001\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://toshiba.msn.com -> Nalezeno

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤

¤¤¤ Webové prohlížeče : 1 ¤¤¤
[PUM.HomePage][FIREFX:Config] gexw2bdx.default : user_pref("browser.startup.homepage", "http://artodyssey1.blogspot.cz/search?q=joyce+ho"); -> Nalezeno

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: WDC WD7500BPVX-22JC3T0 +++++
--- User ---
[MBR] dd045539c42ca135bc72021893d2edf2
[BSP] 7092d10aeec3b2fad8f8b17b6e04cd8a : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 63 | Size: 800 MB
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 1638630 | Size: 238472 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 490030695 | Size: 476129 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

[robotus]

RogueKiller V12.0.2.0 (x64) [Mar 14 2016] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/software/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno : Normální režim
Uživatel : Ji?í Jamník [Práva správce]
Started from : C:\Users\Ji?í Jamník\Desktop\RogueKillerX64.exe
Mód : Smazat -- Datum : 03/18/2016 00:16:00

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 2 ¤¤¤
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-2419117446-1860271502-1876842869-1001\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://toshiba.msn.com -> Nahrazeno (http://www.microsoft.com/isapi/redir.dl ... ar=msnhome)
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-2419117446-1860271502-1876842869-1001\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://toshiba.msn.com -> Nahrazeno (http://www.microsoft.com/isapi/redir.dl ... ar=msnhome)

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤

¤¤¤ Webové prohlížeče : 1 ¤¤¤
[PUM.HomePage][FIREFX:Config] gexw2bdx.default : user_pref("browser.startup.homepage", "http://artodyssey1.blogspot.cz/search?q=joyce+ho"); -> Nahrazeno (about:home)

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: WDC WD7500BPVX-22JC3T0 +++++
--- User ---
[MBR] dd045539c42ca135bc72021893d2edf2
[BSP] 7092d10aeec3b2fad8f8b17b6e04cd8a : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 63 | Size: 800 MB
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 1638630 | Size: 238472 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 490030695 | Size: 476129 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

[jaro3]

Ještě zoek a Combofix.

[robotus]

Btw Zoek mi nenabídl restart, takže jsem nevěděl, že už nepracuje.

Zoek.exe v5.0.0.1 Updated 31-December-2015
Tool run by Jiýˇ Jamnˇk on p  18.03.2016 at 10:06:59.77.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\JIJAMN~1\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

18.3.2016 10:08:20 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\Brother deleted successfully
C:\PROGRA~2\Dassault Systemes deleted successfully
C:\PROGRA~2\GRETECH deleted successfully
C:\Program Files\Google deleted successfully
C:\Users\JIJAMN~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\CD to MP3 Freeware deleted successfully
C:\Users\JIJAMN~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Notepad++ deleted successfully
C:\Users\JIJAMN~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\PDF Editor 3.3 deleted successfully
C:\Users\Default\AppData\\LocalGoogle deleted successfully
C:\Users\JIJAMN~1\AppData\\LocalGoogle deleted successfully
C:\Users\JIJAMN~1\AppData\Local\._Revolution_ deleted successfully
C:\Users\JIJAMN~1\AppData\Local\EmieBrowserModeList deleted successfully
C:\Users\JIJAMN~1\AppData\Local\EmieSiteList deleted successfully
C:\Users\JIJAMN~1\AppData\Local\EmieUserList deleted successfully

[robotus]

Jak douho cca trvá scan Zoek? Nejsem si jistej jestli to dokončil. Po hodině a půl, když se v okně Zoeku nic nedělo, tak jsem se podíval na disk jestli vytvořil nějaký log a ten jsem sem umístil, ale když jsem pak zavřel prohlížeč a chtěl zavřít okno Zoek, hodil mi hlášku, že Zoek pracuje ať neotvírám prohlížeč. Příjde mi, že Zoek ale nic nedělá.