PC-HELP.CZ

Dobrý deň. Mám problém so spamom v Google Chrome. Mohli by ste mi prosím vás pomôcť odvíriť komp? Stalo sa to po tom, keď môj známy stiahol z torrent trackeru namiesto knihy nejaký downloader, keď klikol na "direct download" a už bol problém. Skúšal som ho odvíriť pomocou MBAM, no nepomohlo to. Tie stránky sú dosť dotieravé a nedávajú pokoj. Tiež sa občas stane, že nefungujú odkazy a ak sa na ne klikne viac krát, nabehne nová karta a tá hneď aj zmizne. Ďakujem.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:46:05, on 25.01.2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10586.0020)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\orose\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Users\orose\AppData\Roaming\uTorrent\uTorrent.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Lenovo\PowerDVD12\PDVD12Serv.exe
C:\Users\orose\AppData\Roaming\uTorrent\updates\3.4.5_41372\utorrentie.exe
C:\Users\orose\AppData\Roaming\uTorrent\updates\3.4.5_41372\utorrentie.exe
C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [OneDrive] "C:\Users\orose\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [uTorrent] "C:\Users\orose\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Sony PC Companion] "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @C:\WINDOWS\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\WINDOWS\system32\CxAudMsg64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: FastbootService - Lenovo - C:\Program Files (x86)\Lenovo\LenovoPortal\FastBoot\FbService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel Bluetooth Service (ibtsiva) - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: LenovoPortalService - Unknown owner - C:\Program Files (x86)\Lenovo\LenovoPortal\LenovoPortalService.exe
O23 - Service: MBAMScheduler - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Conexant SmartAudio service (SAService) - Conexant Systems, Inc. - C:\WINDOWS\system32\SAsrv.exe
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Update Agent (UpdateAgentService) - Unknown owner - C:\Program Files\update\UpdateAgent.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 13367 bytes

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.

===================================================

Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

===================================================

Stáhni AdwCleaner (by Xplode)

Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

===================================================

Stáhni si Malwarebytes' Anti-Malware
- Při instalaci odeber zatržítko u „Povolit bezplatnou zkušební verzi Malwarebytes' Anti-Malware Premium“
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a klikni na Skenovat nyní a
- po proběhnutí programu se ti objeví hláška vpravo dole tak klikni na Kopírovat do schránky a a vlož sem celý log.

- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).

Pokud budou problémy , spusť v nouz. režimu.

Len pred hodinou som spúšťal test a uložil nájdené hrozby. Potom som spúšťal znova a už potom nič nenašlo. Teraz som znova spustil a už mi našlo. Zjavne to robí po každom reštarte.

Malwarebytes Anti-Malware
www.malwarebytes.org

Dátum kontroly: 25.01.2016
Čas kontroly: 15:23
Protokol:
Správca: Áno

Verzia: 2.2.0.1024
Dazabáza malware: v2016.01.25.01
Databáza rootkitov: v2016.01.20.01
Licencia: Bezplatná verzia
Ochrana pred škodlivým softvérom: Vypnuté
Ochrana pred škodlivými webstránkami: Vypnuté
Vlastná ochrana: Vypnuté

OS: Windows 10
CPU: x64
Súborový systém: NTFS
Používateľ: orose

Typ kontroly: Kontrola hrozieb
Výsledok: Dokončená
Skontrolovaných objektov: 334185
Uplynulý čas: 5 min, 0 s

Pamäť: Zapnuté
Pri spustení: Zapnuté
Súborový systém: Zapnuté
Archívy: Zapnuté
Rootkity: Vypnuté
Heuristika: Zapnuté
PUP: Zapnuté
PUM: Zapnuté

Procesy: 0
(Žiadne škodlivé položky neboli zistené)

Moduly: 0
(Žiadne škodlivé položky neboli zistené)

Kľúče databázy Registry: 0
(Žiadne škodlivé položky neboli zistené)

Hodnoty databázy Registry: 0
(Žiadne škodlivé položky neboli zistené)

Údaj databázy Registry: 0
(Žiadne škodlivé položky neboli zistené)

Priečinky: 0
(Žiadne škodlivé položky neboli zistené)

Súbory: 2
PUP.Optional.CrossRider, C:\Users\orose\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d19tqk5t6qcjac.cloudfront.net_0.localstorage, , [d104ef4e7524c670b03f1b22dd27817f],
PUP.Optional.CrossRider, C:\Users\orose\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d19tqk5t6qcjac.cloudfront.net_0.localstorage-journal, , [9f365edf26737bbb4fa00a3352b216ea],

Fyzické sektory: 0
(Žiadne škodlivé položky neboli zistené)

(end)
_________________________________________________________________________________________________

# AdwCleaner v3.212 - Report created 17/01/2016 at 18:11:38
# Updated 05/06/2014 by Xplode
# Operating System : Windows 10 Home (64 bits)
# Username : orose - LAPTOP-L3921DIP
# Running from : F:\Zálohy\Kingston zaloha\pc-odvirenie\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Found : C:\Users\orose\AppData\Local\Media Get LLC

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Found : HKCU\Software\Media Get LLC
Key Found : [x64] HKCU\Software\Media Get LLC

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.10586.20

Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Secondary Start Pages] - hxxp://mystart.lenovo.com
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Secondary_Page_URL] - hxxp://mystart.lenovo.com

-\\ Google Chrome v47.0.2526.111

[ File : C:\Users\orose\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [1003 octets] - [17/01/2016 18:11:38]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [1063 octets] ##########
# AdwCleaner v3.212 - Report created 25/01/2016 at 15:19:17
# Updated 05/06/2014 by Xplode
# Operating System : Windows 10 Home (64 bits)
# Username : orose - LAPTOP-L3921DIP
# Running from : F:\Zálohy\Kingston zaloha\pc-odvirenie\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Found : HKCU\Software\Media Get LLC
Key Found : [x64] HKCU\Software\Media Get LLC

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.10586.20

Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Secondary Start Pages] - hxxp://mystart.lenovo.com
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Secondary_Page_URL] - hxxp://mystart.lenovo.com

-\\ Google Chrome v47.0.2526.111

[ File : C:\Users\orose\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [2091 octets] - [17/01/2016 18:11:38]
AdwCleaner[S0].txt - [1114 octets] - [17/01/2016 18:12:26]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [2211 octets] ##########

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
klikni na „Prohledat-Scan“, po prohledání klikni na „ Cleaning (Vymazat)“

Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [C?].txt) , jeho obsah sem celý vlož.

Stáhni si Junkware Removal Tool by Thisisu
http://www.bleepingcomputer.com/downloa ... oval-tool/
na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

. spusť znovu Malwarebytes' Anti-Malware a dej Skenovat nyní
- po proběhnutí programu se ti objeví hláška tak klikni na „Vše do karantény(smazat vybrané)“ a na „Exportovat záznam“ a vyber „textový soubor“ , soubor nějak pojmenuj a někam ho ulož. Zkopíruj se celý obsah toho logu.

Stáhni si RogueKiller by Adlice Software
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“ , v okně na pak na „Open TXT“ a celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

Malwarebytes Anti-Malware
http://www.malwarebytes.org

Dátum kontroly: 25.01.2016
Čas kontroly: 20:16
Protokol:
Správca: Áno

Verzia: 2.2.0.1024
Dazabáza malware: v2016.01.25.03
Databáza rootkitov: v2016.01.20.01
Licencia: Bezplatná verzia
Ochrana pred škodlivým softvérom: Vypnuté
Ochrana pred škodlivými webstránkami: Vypnuté
Vlastná ochrana: Vypnuté

OS: Windows 10
CPU: x64
Súborový systém: NTFS
Používateľ: orose

Typ kontroly: Kontrola hrozieb
Výsledok: Dokončená
Skontrolovaných objektov: 335756
Uplynulý čas: 5 min, 21 s

Pamäť: Zapnuté
Pri spustení: Zapnuté
Súborový systém: Zapnuté
Archívy: Zapnuté
Rootkity: Vypnuté
Heuristika: Zapnuté
PUP: Zapnuté
PUM: Zapnuté

Procesy: 0
(Žiadne škodlivé položky neboli zistené)

Moduly: 0
(Žiadne škodlivé položky neboli zistené)

Kľúče databázy Registry: 0
(Žiadne škodlivé položky neboli zistené)

Hodnoty databázy Registry: 0
(Žiadne škodlivé položky neboli zistené)

Údaj databázy Registry: 0
(Žiadne škodlivé položky neboli zistené)

Priečinky: 0
(Žiadne škodlivé položky neboli zistené)

Súbory: 0
(Žiadne škodlivé položky neboli zistené)

Fyzické sektory: 0
(Žiadne škodlivé položky neboli zistené)

(end)
_____________________________________________________

# AdwCleaner v3.212 - Report created 25/01/2016 at 20:24:50
# Updated 05/06/2014 by Xplode
# Operating System : Windows 10 Home (64 bits)
# Username : orose - LAPTOP-L3921DIP
# Running from : F:\Zálohy\Kingston zaloha\pc-odvirenie\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.10586.20

-\\ Google Chrome v47.0.2526.111

[ File : C:\Users\orose\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [2295 octets] - [17/01/2016 18:11:38]
AdwCleaner[R1].txt - [1208 octets] - [25/01/2016 15:39:41]
AdwCleaner[R2].txt - [941 octets] - [25/01/2016 15:42:56]
AdwCleaner[R3].txt - [802 octets] - [25/01/2016 20:24:50]
AdwCleaner[S0].txt - [2228 octets] - [17/01/2016 18:12:26]

########## EOF - C:\AdwCleaner\AdwCleaner[R3].txt - [921 octets] ##########
_____________________________________________________________________

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.6.0 (04.20.2015:1)
OS: Windows 10 Home x64
Ran by orose on 25.01.2016 at 20:28:50,19
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Tasks

~~~ Registry Values

~~~ Registry Keys

~~~ Files

~~~ Folders

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 25.01.2016 at 20:34:19,94
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
_____________________________________________________________

RogueKiller V11.0.9.0 (x64) [Jan 24 2016] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/software/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 10 (10.0.10586) 64 bits version
Started in : Normal mode
User : orose [Administrator]
Started from : F:\Zálohy\Kingston zaloha\pc-odvirenie\RogueKillerX64.exe
Mode : Scan -- Date : 01/25/2016 21:06:56

¤¤¤ Processes : 0 ¤¤¤

¤¤¤ Registry : 0 ¤¤¤

¤¤¤ Tasks : 0 ¤¤¤

¤¤¤ Files : 0 ¤¤¤

¤¤¤ Hosts File : 0 ¤¤¤

¤¤¤ Antirootkit : 20 (Driver: Loaded) ¤¤¤
[IAT:Inl(Hook.IEAT)] (chrome.exe @ kernel32.dll) ntdll!LdrUnloadDll : Unknown @ 0x1f03fc (jmp 0x88a0f0cc|jmp 0x7415d334)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ kernel32.dll) ntdll!LdrUnloadDll : Unknown @ 0xc003fc (jmp 0x8941f0cc|jmp 0x7374d334)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ kernel32.dll) ntdll!LdrUnloadDll : Unknown @ 0x10b03fc (jmp 0x898cf0cc|jmp 0x7329d334)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ kernel32.dll) ntdll!LdrUnloadDll : Unknown @ 0xec03fc (jmp 0x896df0cc|jmp 0x7348d334)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ kernel32.dll) ntdll!LdrUnloadDll : Unknown @ 0x7603fc (jmp 0x88f7f0cc|jmp 0x73bed334)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ kernel32.dll) ntdll!LdrUnloadDll : Unknown @ 0x7703fc (jmp 0x88f8f0cc|jmp 0x73bdd334)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ kernel32.dll) ntdll!LdrUnloadDll : Unknown @ 0x9e03fc (jmp 0x891ff0cc|jmp 0x7396d334)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ kernel32.dll) ntdll!LdrUnloadDll : Unknown @ 0xd603fc (jmp 0x8957f0cc|jmp 0x735ed334)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ kernel32.dll) ntdll!LdrUnloadDll : Unknown @ 0xa203fc (jmp 0x8923f0cc|jmp 0x7392d334)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ kernel32.dll) ntdll!LdrUnloadDll : Unknown @ 0xb603fc (jmp 0x8937f0cc|jmp 0x737ed334)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ kernel32.dll) ntdll!LdrUnloadDll : Unknown @ 0xf003fc (jmp 0x8971f0cc|jmp 0x7344d334)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ kernel32.dll) ntdll!LdrUnloadDll : Unknown @ 0x4603fc (jmp 0x88c7f0cc|jmp 0x73eed334)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ kernel32.dll) ntdll!LdrUnloadDll : Unknown @ 0x5203fc (jmp 0x88d3f0cc|jmp 0x73e2d334)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ kernel32.dll) ntdll!LdrUnloadDll : Unknown @ 0x7003fc (jmp 0x88f1f0cc|jmp 0x73c4d334)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ kernel32.dll) ntdll!LdrUnloadDll : Unknown @ 0x7403fc (jmp 0x88f5f0cc|jmp 0x73c0d334)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ kernel32.dll) ntdll!LdrUnloadDll : Unknown @ 0xe903fc (jmp 0x896af0cc|jmp 0x734bd334)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ kernel32.dll) ntdll!LdrUnloadDll : Unknown @ 0x8f03fc (jmp 0x8910f0cc|jmp 0x73a5d334)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ kernel32.dll) ntdll!LdrUnloadDll : Unknown @ 0xb703fc (jmp 0x8938f0cc|jmp 0x737dd334)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ kernel32.dll) ntdll!LdrUnloadDll : Unknown @ 0xb903fc (jmp 0x893af0cc|jmp 0x737bd334)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ kernel32.dll) ntdll!LdrUnloadDll : Unknown @ 0xf703fc (jmp 0x8978f0cc|jmp 0x733dd334)

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: ST1000LM014-SSHD-8GB +++++
--- User ---
[MBR] f3d550c501e6cc3bbef734b222981a9f
[BSP] 35757e58539e65ea97183b3db3a6c234 : Empty|VT.Unknown MBR Code
Partition table:
0 - [MAN-MOUNT] EFI system partition | Offset (sectors): 2048 | Size: 260 MB
1 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 534528 | Size: 16 MB
2 - Basic data partition | Offset (sectors): 567296 | Size: 906288 MB
3 - Basic data partition | Offset (sectors): 1856645120 | Size: 25600 MB
4 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 1909073920 | Size: 1000 MB
5 - Basic data partition | Offset (sectors): 1911121920 | Size: 19704 MB
6 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 1951475712 | Size: 1000 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: ST2000LM 003 HN-M201R USB Device +++++
--- User ---
[MBR] 2ba1ae31c4cda3b7fe5d1fd7593bef22
[BSP] 67e43ec3d7f3271194df27e54b4077b1 : Empty|VT.Unknown MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 1907724 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
Error reading LL2 MBR! ([32] The request is not supported. )

Vypni antivir i firewall.
Stáhni
Zoek.exe

a uloz si ho na plochu.
Zavři všechny ostatní programy , okna i prohlížeče.
Spusť Zoek.exe ( u win vista , win7, 8 klikni na něj pravým a vyber : „Spustit jako správce“
- pozor , náběh programu může trvat déle.

Do okna programu vlož skript níže:

Kód: Vybrat vše

autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts;

klikni na Run Script
Program provede sken , opravu, sken i oprava může trvat i více minut ,je třeba posečkat do konce. Do okna neklikej!
Program nabídne restart , potvrď .

Po restartu se může nějaký čas ukázat pouze černá plocha , to je normální. Je třeba počkat až se vytvoří log. Ten si můžeš uložit třeba do dokumentů , jinak se sám ukládá do:
C:\zoek-results.log
Zkopíruj sem celý obsah toho logu.

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

Vlož nový log z HJT + informuj o problémech.

Zoek.exe v5.0.0.1 Updated 31-December-2015
Tool run by orose on 27.01.2016 at 10:19:39,76.
Microsoft Windows 10 Home 10.0.10586 x64
Running in: Normal Mode Internet Access Detected
Launched: F:\Zálohy\Kingston zaloha\pc-odvirenie\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

27.01.2016 10:21:48 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Empty Folders Check ======================

C:\PROGRA~3\Comms deleted successfully
C:\PROGRA~3\SoftwareDistribution deleted successfully
C:\PROGRA~3\SUPPORTDIR deleted successfully
C:\Users\orose\AppData\Local\ActiveSync deleted successfully
C:\Users\orose\AppData\Local\MediaShow deleted successfully
C:\Users\orose\AppData\Local\NetworkTiles deleted successfully
C:\Users\orose\AppData\Local\Skype deleted successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\NetworkTiles deleted successfully

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== Deleting Files \ Folders ======================

C:\PROGRA~3\Package Cache deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\windows\SysNative\GroupPolicy\machine deleted
C:\windows\SysNative\GroupPolicy\gpt.ini deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"sp@avast.com"="C:\Program Files\AVAST Software\Avast\SafePrice\FF" [19.01.2016 21:31]

==== Chromium Look ======================

Google Chrome Version: 46.0.2490.86

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[28.11.2015 18:13]
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[08.01.2016 10:47]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
dbaonaocldpohelilahfhnkmjankmbcc - No path found[]

AdBlock - orose\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
Avast Online Security - orose\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
FB2 Reader - orose\AppData\Local\Google\Chrome\User Data\Default\Extensions\imcncdfdhemlpcblfkilloceahbhddnj

==== Chromium Fix ======================

C:\Users\orose\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ad.mail.ru_0.localstorage deleted successfully
C:\Users\orose\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ad.mail.ru_0.localstorage-journal deleted successfully
C:\Users\orose\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_adfreeapk.net_0.localstorage deleted successfully
C:\Users\orose\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_adfreeapk.net_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
"Secondary Start Pages"="http://www.google.com"
"Default_Secondary_Page_URL"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Secondary_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
"Secondary Start Pages"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{00214F65-7D91-4A66-BC8C-4D6F1786C349}"
HKLM\SearchScopes\{00214F65-7D91-4A66-BC8C-4D6F1786C349} - http://www.bing.com/search?q={searchTerms}&form=PRLNC1&src=IE11TR&pc=LCTE
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes "DefaultScope"=""
HKLM\Wow6432Node\SearchScopes\{00214F65-7D91-4A66-BC8C-4D6F1786C349} - http://www.bing.com/search?q={searchTerms}&form=PRLNC1&src=IE11TR&pc=LCTE
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
HKCU\SearchScopes\{00214F65-7D91-4A66-BC8C-4D6F1786C349} - No_Url_Value
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\orose\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\orose\AppData\Local\Microsoft\Windows\INetCache\IE\5AMNX669 will be deleted at reboot
C:\Users\orose\AppData\Local\Microsoft\Windows\INetCache\IE\FSW49O82 will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\orose\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=42 folders=38 107992761 bytes)

==== Empty Temp Folders ======================

C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\orose\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\orose\AppData\Local\Microsoft\Windows\INetCache\IE\5AMNX669" not found
"C:\Users\orose\AppData\Local\Microsoft\Windows\INetCache\IE\FSW49O82" not found

==== EOF on 27.01.2016 at 10:35:48,51 ======================
___________________________________________________________________________

aswMBR version 1.0.1.2290 Copyright(c) 2014 AVAST Software
Run date: 2016-01-27 10:38:31
-----------------------------
10:38:31.773 OS Version: Windows x64 6.2.9200
10:38:31.773 Number of processors: 4 586 0x3D04
10:38:31.773 ComputerName: LAPTOP-L3921DIP UserName: orose
10:38:39.796 Initialize success
10:38:39.827 VM: initialized successfully
10:38:39.827 VM: Intel CPU BiosDisabled
10:38:41.833 AVAST engine defs: 16012700
10:39:06.056 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000002c
10:39:06.056 Disk 0 Vendor: ST1000LM014-SSHD-8GB LVD5 Size: 953869MB BusType: 11
10:39:06.076 Disk 0 MBR read successfully
10:39:06.076 Disk 0 MBR scan
10:39:06.076 Disk 0 unknown MBR code
10:39:06.088 Disk 0 Partition 1 00 EE GPT 2097151 MB offset 1
10:39:06.088 Disk 0 scanning C:\WINDOWS\system32\drivers
10:39:17.256 Service scanning
10:39:23.522 Modules scanning
10:39:23.522 Disk 0 trace - called modules:
10:39:23.538 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys storport.sys hal.dll iaStorA.sys
10:39:23.554 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xffffe00156e4c060]
10:39:23.569 3 CLASSPNP.SYS[fffff801ae957d95] -> nt!IofCallDriver -> [0xffffe00154a3d300]
10:39:23.569 5 ACPI.sys[fffff801adb11361] -> nt!IofCallDriver -> \Device\0000002c[0xffffe00152cde400]
10:39:30.470 AVAST engine scan C:\WINDOWS
10:39:39.639 AVAST engine scan C:\WINDOWS\system32
10:41:26.958 AVAST engine scan C:\WINDOWS\system32\drivers
10:41:45.465 AVAST engine scan C:\Users\orose
10:47:44.050 AVAST engine scan C:\ProgramData
10:49:13.846 Disk 0 statistics 2139175/0/0 @ 2,89 MB/s
10:49:13.861 Scan finished successfully
10:50:18.093 Disk 0 MBR has been saved successfully to "F:\Zálohy\Kingston zaloha\pc-odvirenie\MBR.dat"
10:50:18.093 The log file has been saved successfully to "F:\Zálohy\Kingston zaloha\pc-odvirenie\aswMBR.txt"
____________________________________________________________________________________________________

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:55:20, on 27.01.2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10586.0020)
Boot mode: Normal

Running processes:
C:\Windows\SysWOW64\notepad.exe
C:\Program Files (x86)\Lenovo\PowerDVD12\PDVD12Serv.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\orose\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Users\orose\AppData\Roaming\uTorrent\uTorrent.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\orose\AppData\Roaming\uTorrent\updates\3.4.5_41372\utorrentie.exe
C:\Users\orose\AppData\Roaming\uTorrent\updates\3.4.5_41372\utorrentie.exe
C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
F:\Zálohy\Kingston zaloha\pc-odvirenie\aswmbr.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [OneDrive] "C:\Users\orose\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [uTorrent] "C:\Users\orose\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Sony PC Companion] "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @C:\WINDOWS\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\WINDOWS\system32\CxAudMsg64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: FastbootService - Lenovo - C:\Program Files (x86)\Lenovo\LenovoPortal\FastBoot\FbService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel Bluetooth Service (ibtsiva) - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: LenovoPortalService - Unknown owner - C:\Program Files (x86)\Lenovo\LenovoPortal\LenovoPortalService.exe
O23 - Service: MBAMScheduler - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Conexant SmartAudio service (SAService) - Conexant Systems, Inc. - C:\WINDOWS\system32\SAsrv.exe
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Update Agent (UpdateAgentService) - Unknown owner - C:\Program Files\update\UpdateAgent.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 13329 bytes
____________________________________________________________________

Zatiaľ sa nevyskytli žiadne problémy. Ak sa to náhodou vráti, ozvem sa.

V HJT fixni:
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

Vyčisti systém CCleanerem

====================================================

Stáhni si zde DelFix
http://general-changelog-team.fr/fr/dow ... e/9-delfix

ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7 a 8, musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore) .
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci.

Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem. Jinak je zpráva zde: C: \ DelFix.txt

Pokud nejsou problémy, je to vše a můžeš dát vyřešeno , zelenou fajfku.

to je všetko, nezaznamenal som žiadne ďalšie problémy.

# DelFix v1.011 - Logfile created 10/02/2016 at 11:29:19
# Updated 18/08/2015 by Xplode
# Username : orose - LAPTOP-L3921DIP
# Operating System : Windows 10 Home (64 bits)

~ Removing disinfection tools ...

Deleted : C:\zoek_backup
Deleted : C:\AdwCleaner
Deleted : C:\RegBackup
Deleted : C:\Program Files (x86)\Trend Micro\Hijackthis
Deleted : C:\WINDOWS\Snack
Deleted : C:\TDSSKiller.2.8.15.0_25.01.2016_12.52.21_log.txt
Deleted : C:\TDSSKiller.3.1.0.9_25.01.2016_12.52.59_log.txt
Deleted : C:\zoek-results.log
Deleted : C:\Users\orose\Desktop\JRT.txt
Deleted : C:\Users\orose\Desktop\HiJackThis.lnk
Deleted : HKLM\SOFTWARE\OldTimer Tools
Deleted : HKLM\SOFTWARE\AdwCleaner
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis

~ Cleaning system restore ...

Deleted : RP #10 [Sony PC Companion | 01/24/2016 23:02:14]
Deleted : RP #11 [zoek.exe restore point | 01/27/2016 09:21:23]
Deleted : RP #12 [Windows Update | 01/31/2016 16:24:49]
Deleted : RP #13 [Scheduled Checkpoint | 02/09/2016 20:03:35]

New restore point created !

########## - EOF - ##########

Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.

PC-HELP.CZ

Kontrola logu - spam

Kontrola logu - spam Vyřešeno

Re: Kontrola logu - spam

Re: Kontrola logu - spam

Re: Kontrola logu - spam

Re: Kontrola logu - spam

Re: Kontrola logu - spam

Re: Kontrola logu - spam

Re: Kontrola logu - spam

Re: Kontrola logu - spam

Re: Kontrola logu - spam