Zpomalený prohlížeč Firefox

Zpráva

Archicz · #1 Příspěvek od **Archicz** » 21 črc 2015 13:53

Zdravím, poslední dobou se u PC projevuje pomalé nabíhání Firefoxu a ke zpomalení celého PC, prosím o kontrolu logu.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Administrator at 2015-07-21 14:50:20
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 132 GB (86%) free of 153 GB
Total RAM: 1023 MB (28% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:50:38, on 21.7.2015
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Zrychleni Pocitace\PCSUService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Zrychleni Pocitace\PCSUNotifier.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Administrator\Plocha\RSIT.exe
C:\Program Files\trend micro\Administrator.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1ewenusDefaultPack/UP97_FRPage
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: EmailBHO - {647FD14A-C4F1-46F4-8FC3-0B40F54226F7} - C:\Program Files\jZip\WebmailPlugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Facebook Update] "C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [PCSpeedUp] C:\Program Files\Zrychleni Pocitace\PCSUNotifier.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-602162358-1004336348-1801674531-1001\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-602162358-1004336348-1801674531-1001\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: CiSvc - Unknown owner - C:\WINDOWS\system32\cisvc.exe (file missing)
O23 - Service: ClipSrv - Unknown owner - C:\WINDOWS\system32\clipsrv.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PC Speed Up Service (PCSUService) - Optimal Software s.r.o. - C:\Program Files\Zrychleni Pocitace\PCSUService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--
End of file - 7473 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\avast! Emergency Update.job - C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-602162358-1004336348-1801674531-500Core.job - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe /c /nocrashserver
C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-602162358-1004336348-1801674531-500UA.job - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1cf9114a955f9f0.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1cff35adc857a18.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1d000e745906722.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1d042f49adb2150.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1d09307a0e0a378.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1d0c164fa269b84.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-18Core.job - C:\WINDOWS\system32\config\systemprofile\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job - C:\Program Files\Microsoft Security Client\MpCmdRun.exe Scan -ScheduleJob -RestrictPrivileges
C:\WINDOWS\tasks\PC SpeedUp Service Deactivator.job - C:\Program Files\Zrychleni Pocitace\PCSUSD.exe /dev0 /idle

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\f93g3wdm.default

prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"

"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.296 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_16_0_0_296.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.15.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\WINDOWS\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.15.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\f93g3wdm.default\extensions\
{ea614400-e918-4741-9a97-7a972ff7c30b}

C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\f93g3wdm.default\searchplugins\
yandex.ru-190052.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{647FD14A-C4F1-46F4-8FC3-0B40F54226F7}]
jZip Webmail plugin - C:\Program Files\jZip\WebmailPlugin.dll [2008-07-02 591296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-03-01 461216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-01-18 586968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-09-16 4502400]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-03-01 170912]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2012-08-30 15512424]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-01-18 5227112]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-06-27 152872]
"Facebook Update"=C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe [2013-03-19 138096]
"PCSpeedUp"=C:\Program Files\Zrychleni Pocitace\PCSUNotifier.exe [2015-06-29 354760]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2015-04-17 31280256]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 66560]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableCAD"=1
"DisableStatusMessages"=0
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoSMHelp"=1
"NoResolveTrack"=1
"NoResolveSearch"=1
"NoInstrumentation"=1
"NoStartMenuMFUprogramsList"=1
"NoSMMyPictures"=1
"NoSMConfigurePrograms"=1
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDesktopCleanupWizard"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"="C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe:*:Enabled:Daemonu.exe"
"C:\Program Files\AVG\AVG2014\avgmfapx.exe"="C:\Program Files\AVG\AVG2014\avgmfapx.exe:*:Enabled:Instalátor AVG"
"C:\Program Files\Google\Chrome\Application\chrome.exe"="C:\Program Files\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome"
"C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Facebook\Video\Skype\FacebookVideoCalling.exe"="C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Facebook\Video\Skype\FacebookVideoCalling.exe:*:Enabled:Facebook Video Calling Plugin"
"C:\Documents and Settings\Administrator\Data aplikací\Dropbox\bin\Dropbox.exe"="C:\Documents and Settings\Administrator\Data aplikací\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox (C:\Program Files\Mozilla Firefox)"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jabswitch.exe]
"Debugger=""C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\java-rmi.exe]
"Debugger=""C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\java.exe]
"Debugger=""C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\javacpl.exe]
"Debugger=""C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\javaw.exe]
"Debugger=""C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\javaws.exe]
"Debugger=""C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jp2launcher.exe]
"Debugger=""C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kinit.exe]
"Debugger=""C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\klist.exe]
"Debugger=""C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ktab.exe]
"Debugger=""C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\orbd.exe]
"Debugger=""C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pack200.exe]
"Debugger=""C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\policytool.exe]
"Debugger=""C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rmid.exe]
"Debugger=""C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rmiregistry.exe]
"Debugger=""C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\servertool.exe]
"Debugger=""C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ssvagent.exe]
"Debugger=""C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tnameserv.exe]
"Debugger=""C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\unpack200.exe]
"Debugger=""C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"msacm.l3fhg"=mp3fhg.acm
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=xvidvfw.dll
"msacm.ac3acm"=ac3acm.acm
"VIDC.FFDS"=ff_vfw.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux1"=wdmaud.drv

======List of files/folders created in the last 1 month======

2015-07-21 14:50:21 ----D---- C:\Program Files\trend micro
2015-07-21 14:50:20 ----D---- C:\rsit
2015-07-21 14:38:44 ----D---- C:\WINDOWS\LastGood
2015-07-05 23:12:33 ----D---- C:\Program Files\Mozilla Firefox
2015-07-03 15:23:32 ----SHD---- C:\found.000

======List of files/folders modified in the last 1 month======

2015-07-21 14:50:21 ----RD---- C:\Program Files
2015-07-21 14:40:04 ----D---- C:\WINDOWS
2015-07-21 14:40:03 ----D---- C:\WINDOWS\Temp
2015-07-21 14:40:03 ----D---- C:\WINDOWS\system32\drivers
2015-07-21 14:39:52 ----D---- C:\WINDOWS\system32
2015-07-21 14:39:19 ----D---- C:\Program Files\Zrychleni Pocitace
2015-07-21 14:36:39 ----D---- C:\WINDOWS\system32\CatRoot2
2015-07-20 14:41:19 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Skype
2015-07-20 13:31:13 ----SD---- C:\WINDOWS\Tasks
2015-07-18 19:00:46 ----AC---- C:\WINDOWS\NeroDigital.ini
2015-07-18 16:21:13 ----SHD---- C:\WINDOWS\Installer
2015-07-06 14:56:28 ----D---- C:\Program Files\Mozilla Maintenance Service

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2015-01-18 49944]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2015-01-18 206248]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2015-01-18 55240]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2015-01-18 787800]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2015-01-18 423784]
R1 aswTdi;aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [2015-01-18 57928]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-08-17 12032]
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2015-01-18 24184]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2015-01-18 73480]
R2 irda;Protokol IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-14 88192]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 irsir;Microsoft Serial Infrared Driver; C:\WINDOWS\system32\DRIVERS\irsir.sys [2001-08-17 18688]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2012-08-30 12555680]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda32.sys [2012-07-03 124264]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-10-30 117888]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\WINDOWS\system32\drivers\viahduaa.sys [2009-11-24 1617408]
S3 AMBFilt;AMBFilt; C:\WINDOWS\system32\drivers\AMBFilt.sys [2009-06-26 1656960]
S3 catchme;catchme; \??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\catchme.sys []
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2005-03-08 51120]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2005-03-08 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-03-08 21744]
S3 LVRS;Logitech RightSound Filter Driver; C:\WINDOWS\system32\DRIVERS\lvrs.sys [2012-09-21 310504]
S3 MonFilt;MonFilt; C:\WINDOWS\system32\drivers\MonFilt.sys [2008-12-02 1389056]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2008-04-13 20992]
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2004-08-11 18944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-01-18 50344]
R2 Irmon;Sledování infračerveného přenosu; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\system32\nvsvc32.exe [2012-08-30 164200]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-08-30 1258856]
R2 PCSUService;PC Speed Up Service; C:\Program Files\Zrychleni Pocitace\PCSUService.exe [2015-06-29 445384]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-09-29 69632]
R2 Skype C2C Service;Skype C2C Service; C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-09-16 3273088]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-29 107912]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2015-02-18 315488]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-27 267440]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe []
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-29 107912]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-12-17 194032]
S3 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2013-03-01 170912]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2015-07-05 148136]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 800040]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

-----------------EOF-----------------

#2 Příspěvek od **vyosek** » 21 črc 2015 14:06

Zdravim

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

Ulozte nejlepe na plochu
Ukoncete vsechny programy
Po spusteni probehne stazeni databaze
Kliknete na Scan a nasledne Clean
Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

Archicz · #3 Příspěvek od **Archicz** » 21 črc 2015 14:17

# AdwCleaner v4.208 - Log vytvořen 21/07/2015 v 15:12:34
# Aktualizováno 09/07/2015 by Xplode
# Databáze : 2015-07-15.1 [Server]
# Operační system : Microsoft Windows XP Service Pack 3 (x86)
# Uživatelské jméno : Administrator - SLECHTOVI-PC
# Spuštěno z : C:\Documents and Settings\Administrator\Plocha\adwcleaner_4.208.exe
# Nastavení : Čištění

***** [ Služby ] *****

[#] Služba Smazáno : pcsuservice

***** [ Soubory / Složky ] *****

Složka Smazáno : C:\Documents and Settings\All Users\Nabídka Start\Programy\jZip
Složka Smazáno : C:\Documents and Settings\All Users\Nabídka Start\Programy\Zrychleni Pocitace
Složka Smazáno : C:\Program Files\jZip
Složka Smazáno : C:\Program Files\Zrychleni Pocitace
Složka Smazáno : C:\Documents and Settings\Administrator\Local Settings\Data aplikací\jZip
Složka Smazáno : C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Microsoft\Silverlight\OutOfBrowser\Speedchecker.PCSpeedUp
Složka Smazáno : C:\Documents and Settings\Administrator\Dokumenty\PCSpeedUp
Složka Smazáno : C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\f93g3wdm.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
Soubor Smazáno : C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Chromium\User Data\Default\Local Storage\chrome-extension_nkcpopggjcjkiicpenikeogioednjeac_0.localstorage
Soubor Smazáno : C:\Documents and Settings\Administrator\Data aplikací\HPSU_48BitScanUpdate.log
Soubor Smazáno : C:\Documents and Settings\Administrator\Data aplikací\PatchUpdate_HP_CounterReport_Update_HPSU.log
Soubor Smazáno : C:\Documents and Settings\Administrator\Data aplikací\Update_HP_RedboxHprblog_HPSU.log
Soubor Smazáno : C:\Documents and Settings\Administrator\Data aplikací\Microsoft\Internet Explorer\Quick Launch\jZip.lnk
Soubor Smazáno : C:\Documents and Settings\Administrator\Plocha\jZip.lnk

***** [ Naplánované úlohy ] *****

Úloha Smazáno : PC SpeedUp Service Deactivator

***** [ Zástupci ] *****

***** [ Registry ] *****

Hodnota Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [pcspeedup]
Klíč Smazáno : HKLM\SOFTWARE\Classes\jZip.file
Klíč Smazáno : HKLM\SOFTWARE\Classes\PCSU.Registry
Klíč Smazáno : HKLM\SOFTWARE\Classes\PCSU.SysUtils
Klíč Smazáno : HKLM\SOFTWARE\Classes\PCSU.SysUtils.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\PCSU.Registry.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{059EACC2-1ABE-49E8-928D-DC8BD355B7A9}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{B89F5C49-51DB-4974-AB5A-E25901AA339C}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{E9B5B0D2-D08A-49FC-8B5C-159B60BAA268}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3614D305-2DBB-4991-9297-750DD60FFC73}
Klíč Smazáno : HKCU\Software\Speedchecker Limited
Klíč Smazáno : HKLM\SOFTWARE\Driver-Soft
Klíč Smazáno : HKLM\SOFTWARE\jZip
Klíč Smazáno : HKLM\SOFTWARE\Speedchecker Limited
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\jZip
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PCSU-SL_is1
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\jZip
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\PCSU-SL_is1

***** [ Prohlížeče ] *****

-\\ Internet Explorer v8.0.6001.18702

-\\ Mozilla Firefox v39.0 (x86 cs)

-\\ Google Chrome v43.0.2357.134

-\\ Chromium v

-\\ Comodo Dragon v

*************************

AdwCleaner[R0].txt - [4074 bytů] - [21/07/2015 15:08:55]
AdwCleaner[S0].txt - [3965 bytů] - [21/07/2015 15:12:34]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4023 bytů] ##########

#4 Příspěvek od **vyosek** » 21 črc 2015 14:50

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize

Kód: Vybrat vše

autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;

Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Archicz · #5 Příspěvek od **Archicz** » 21 črc 2015 17:58

Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by Administrator on út 21.07.2015 at 15:54:16,78.
Systém Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Documents and Settings\Administrator\Plocha\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

21.7.2015 15:56:57 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Empty Folders Check ======================

C:\Program Files\GUM9.tmp deleted successfully
C:\Documents and Settings\Administrator\Data aplikací\Media Player Classic deleted successfully
C:\Documents and Settings\Administrator\Data aplikací\WinRAR deleted successfully
C:\Documents and Settings\NetworkService\Data aplikací\QuickScan deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-602162358-1004336348-1801674531-500\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{647FD14A-C4F1-46F4-8FC3-0B40F54226F7} deleted successfully
HKEY_USERS\S-1-5-21-602162358-1004336348-1801674531-500\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{647FD14A-C4F1-46F4-8FC3-0B40F54226F7} deleted successfully
HKEY_USERS\S-1-5-21-602162358-1004336348-1801674531-500\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{647FD14A-C4F1-46F4-8FC3-0B40F54226F7} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{647FD14A-C4F1-46F4-8FC3-0B40F54226F7} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-602162358-1004336348-1801674531-500\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully

==== Deleting Services ======================

==== FireFox Fix ======================

Deleted from C:\Documents and Settings\ADMINI~1\Data aplikací\Mozilla\Firefox\Profiles\f93g3wdm.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.seznam.cz/");

Added to C:\Documents and Settings\ADMINI~1\Data aplikací\Mozilla\Firefox\Profiles\f93g3wdm.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Deleting Files \ Folders ======================

C:\Program Files\GUM9.tmp not found
C:\Program Files\ComPlus Applications deleted
C:\Program Files\WindowsUpdate deleted
C:\Program Files\Driver-Soft deleted
C:\found.000 deleted
C:\WINDOWS\WININIT.INI deleted
"C:\Program Files\movie maker" not deleted
"C:\Program Files\netmeeting" not deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Documents and Settings\ADMINI~1\Data aplikací\Mozilla\Firefox\Profiles\f93g3wdm.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [18.01.2015 20:22]

==== Firefox Extensions ======================

AppDir: C:\Program Files\Mozilla Firefox
- Skype Click to Call - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
- Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\f93g3wdm.default
77B09C2C6F407531447DA75E3ACD1C5B - C:\Program Files\Adobe\Reader 10.0\Reader\browser\nppdf32.dll - Adobe Acrobat
04ACC61B47857E779CD92D1D88770BF1 - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll - Adobe Acrobat
1F352B5944AF5C2204D9EFF7F845C5AF - C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll - Google Update
8E151A2A185DAF9852322028ABE55534 - C:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll - Silverlight Plug-In
AFD9010DC500096809C2784551909304 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java(TM) Platform SE 7 U15
1B197A0ED28DB310AB67591567C3787A - C:\WINDOWS\system32\npdeployJava1.dll - Java Deployment Toolkit 7.0.150.3
5B4DA1113F240C3F06FFF9D52761528B - C:\Program Files\Google\Picasa3\npPicasa3.dll - Picasa
0FC325593893749364EC4A733E7D9100 - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_16_0_0_296.dll - Shockwave Flash
8B93EF56BEF58F2EB6B6D92B57715131 - C:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrlui.dll - Microsoft (R) Silverlight
6B47E809D91DF30D028CF4F1B11A6616 - C:\WINDOWS\system32\npptools.dll - Operační systém Microsoft® Windows®

==== Chromium Look ======================

Google Chrome Version: 43.0.2357.134

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
eofcbnmajmjmplflapaojjnihcjkigck - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx[18.01.2015 20:22]
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[18.01.2015 20:22]
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[16.09.2013 12:31]

Avast SafePrice - Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
Avast Online Security - Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
Skype Click to Call - Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.msn.com/?pc=UP97&ocid=UP97DHP&dt=071813"
"Search Page"="http://www.google.com"
"Search Bar"="http://www.google.com/ie"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
@="http://www.google.com/search?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\g]
@="http://www.google.com/search?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\y]
@="http://yandex.ru/yandsearch?win=81&clid=1946583&text=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]
"SearchAssistant"="http://www.google.com/ie"
"Default_Search_URL"="http://www.google.com/ie"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"SearchAssistant"="http://www.google.com/ie"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://www.msn.com/?pc=UP97&ocid=UP97DHP&dt=071813"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/ ... chasst.htm"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/ ... chasst.htm"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchT ... VJ_csCZ530"

==== Reset Google Chrome ======================

C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Chromium\User Data\Default\Preferences was reset successfully
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Preferences.bad was reset successfully
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Nichrome\User Data\Default\Preferences was reset successfully
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Xpom\User Data\Default\Preferences was reset successfully
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Chromium\User Data\Default\Web Data was reset successfully
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Nichrome\User Data\Default\Web Data was reset successfully
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Xpom\User Data\Default\Web Data was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jabswitch.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\java-rmi.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\java.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\javacpl.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\javaw.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\javaws.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jp2launcher.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kinit.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\klist.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ktab.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\orbd.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pack200.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\policytool.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rmid.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rmiregistry.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\servertool.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ssvagent.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tnameserv.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\unpack200.exe deleted successfully

==== Empty IE Cache ======================

C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\UpdatusUser\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Mozilla\Firefox\Profiles\f93g3wdm.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=27 folders=10 24910442 bytes)

==== Empty Temp Folders ======================

C:\Documents and Settings\Administrator\Local Settings\Temp will be emptied at reboot
C:\Documents and Settings\Default User\Local Settings\temp emptied successfully
C:\Documents and Settings\LocalService\Local Settings\temp emptied successfully
C:\Documents and Settings\NetworkService\Local Settings\temp emptied successfully
C:\Documents and Settings\UpdatusUser\Local Settings\temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\RECYCLER successfully emptied

==== Deleting Files / Folders ======================

"C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Program Files\movie maker" not deleted
"C:\Program Files\netmeeting" not deleted

==== EOF on út 21.07.2015 at 17:24:05,76 ======================

#6 Příspěvek od **vyosek** » 21 črc 2015 18:04

Poprosim o log z FRST http://forum.viry.cz/viewtopic.php?f=24&t=132509

Archicz · #7 Příspěvek od **Archicz** » 21 črc 2015 18:26

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 20-07-2015
Ran by Administrator (administrator) on SLECHTOVI-PC on 21-07-2015 19:22:36
Running from C:\Documents and Settings\Administrator\Plocha
Loaded Profiles: UpdatusUser & Administrator (Available Profiles: UpdatusUser & Administrator)
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Čeština
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(HP) C:\WINDOWS\system32\HPZipm12.exe
(Skype Technologies S.A.) C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Nero AG) C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
(Facebook Inc.) C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Nero AG) C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
(Nero AG) C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-18] (AVAST Software)
HKLM\...\Policies\Explorer: [NoDesktopCleanupWizard] 1
HKU\S-1-5-21-602162358-1004336348-1801674531-1001\...\RunOnce: [_nltide_3] => rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
HKU\S-1-5-21-602162358-1004336348-1801674531-1001\...\RunOnce: [NeroHomeFirstStart] => C:\Program Files\Common Files\Ahead\Lib\NMFirstStart.exe [16680 2007-06-27] (Nero AG)
HKU\S-1-5-21-602162358-1004336348-1801674531-500\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [152872 2007-06-27] (Nero AG)
HKU\S-1-5-21-602162358-1004336348-1801674531-500\...\Run: [Facebook Update] => C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe [138096 2013-03-19] (Facebook Inc.)
HKU\S-1-5-21-602162358-1004336348-1801674531-500\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [31280256 2015-04-17] (Skype Technologies S.A.)
HKU\S-1-5-21-602162358-1004336348-1801674531-500\...\Policies\Explorer: [NoSMHelp] 1
HKU\S-1-5-21-602162358-1004336348-1801674531-500\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-21-602162358-1004336348-1801674531-500\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-602162358-1004336348-1801674531-500\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-602162358-1004336348-1801674531-500\...\Policies\Explorer: [NoInstrumentation] 1
HKU\S-1-5-21-602162358-1004336348-1801674531-500\...\Policies\Explorer: [NoStartMenuMFUprogramsList] 1
HKU\S-1-5-21-602162358-1004336348-1801674531-500\...\Policies\Explorer: [NoRecentDocsMenu] 1
HKU\S-1-5-21-602162358-1004336348-1801674531-500\...\Policies\Explorer: [NoRecentDocsHistory] 1
HKU\S-1-5-21-602162358-1004336348-1801674531-500\...\Policies\Explorer: [NoSMMyPictures] 1
HKU\S-1-5-21-602162358-1004336348-1801674531-500\...\Policies\Explorer: [NoSMConfigurePrograms] 1
HKU\S-1-5-21-602162358-1004336348-1801674531-500\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\GPhotos.scr [4558848 2014-01-06] (Google Inc.)
HKU\S-1-5-18\...\Run: [Google Update] => C:\WINDOWS\system32\config\systemprofile\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [116648 2014-02-08] (Google Inc.)
HKU\S-1-5-18\...\RunOnce: [_nltide_3] => rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
HKU\S-1-5-18\...\Policies\Explorer: [NoSMHelp] 1
HKU\S-1-5-18\...\Policies\Explorer: [ForceClassicControlPanel] 1
HKU\S-1-5-18\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-18\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-18\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-18\...\Policies\Explorer: [NoInstrumentation] 1
HKU\S-1-5-18\...\Policies\Explorer: [NoStartMenuMFUprogramsList] 1
HKU\S-1-5-18\...\Policies\Explorer: [NoRecentDocsMenu] 1
HKU\S-1-5-18\...\Policies\Explorer: [NoRecentDocsHistory] 1
HKU\S-1-5-18\...\Policies\Explorer: [NoSMMyPictures] 1
HKU\S-1-5-18\...\Policies\Explorer: [NoSMConfigurePrograms] 1
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> logon.scr
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-01-18] (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-602162358-1004336348-1801674531-500\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\S-1-5-21-602162358-1004336348-1801674531-500\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=UP97&ocid=UP97DHP&dt=071813
HKU\S-1-5-21-602162358-1004336348-1801674531-500\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1ewenusDefaultPack/UP97_FRPage
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "about:newtab" <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-602162358-1004336348-1801674531-500 -> yandex.ru-190049 URL = http://yandex.ru/yandsearch?win=81&clid ... earchTerms}
SearchScopes: HKU\S-1-5-21-602162358-1004336348-1801674531-500 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2013-03-01] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-01-18] (AVAST Software)
BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-09-16] (Skype Technologies S.A.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-03-01] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-602162358-1004336348-1801674531-500 -> &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll [2013-10-12] (Společnost Microsoft)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-09-16] (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{35BCA4EA-64D6-4A96-B619-27ABBEB6CBFA}: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\f93g3wdm.default
FF Homepage: http://www.seznam.cz
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_16_0_0_296.dll [2015-01-27] ()
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.15.2 -> C:\WINDOWS\system32\npDeployJava1.dll [2013-03-01] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.15.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2013-03-01] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll [2011-03-09] ( Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-18] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-18] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2013-09-03] (Adobe Systems Inc.)
FF Plugin HKU\.DEFAULT: @tools.google.com/Google Update;version=3 -> C:\WINDOWS\system32\config\systemprofile\Local Settings\Data aplikací\Google\Update\1.3.22.3\npGoogleUpdate3.dll [2014-02-08] (Google Inc.)
FF Plugin HKU\.DEFAULT: @tools.google.com/Google Update;version=9 -> C:\WINDOWS\system32\config\systemprofile\Local Settings\Data aplikací\Google\Update\1.3.22.3\npGoogleUpdate3.dll [2014-02-08] (Google Inc.)
FF Plugin HKU\S-1-5-21-602162358-1004336348-1801674531-500: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-602162358-1004336348-1801674531-500: @unity3d.com/UnityPlayer,version=1.0 -> C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Unity\WebPlayer\loader\npUnity3D32.dll [2014-08-05] (Unity Technologies ApS)
FF SearchPlugin: C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\f93g3wdm.default\searchplugins\yandex.ru-190052.xml [2013-07-18]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-07-05]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-07-05]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-01-18]

Chrome:
=======
CHR Profile: C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-21]
CHR Extension: (Google Docs) - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-21]
CHR Extension: (Google Drive) - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-07-21]
CHR Extension: (YouTube) - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-07-21]
CHR Extension: (Google Search) - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-07-21]
CHR Extension: (Avast SafePrice) - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2015-02-26]
CHR Extension: (Google Sheets) - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-21]
CHR Extension: (Avast Online Security) - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-01-19]
CHR Extension: (Skype Click to Call) - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-12-18]
CHR Extension: (Google Wallet) - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-18]
CHR Extension: (Gmail) - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-21]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-01-18]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-01-18]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-09-16]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-01-18] (AVAST Software)
S2 helpsvc; C:\WINDOWS\System32\svchost.exe [14336 2008-04-14] (Microsoft Corporation)
S3 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [170912 2013-03-01] (Oracle Corporation)
R2 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [69632 2004-09-29] (HP) [File not signed]
R2 Skype C2C Service; C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3273088 2013-09-16] (Skype Technologies S.A.)
S3 aspnet_state; %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [X]
S3 CiSvc; %SystemRoot%\system32\cisvc.exe [X]
S3 ClipSrv; %SystemRoot%\system32\clipsrv.exe [X]
S2 ERSvc; %SystemRoot%\System32\ersvc.dll [X]
S2 wscsvc; %SYSTEMROOT%\system32\wscsvc.dll [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AMBFilt; C:\WINDOWS\System32\drivers\AMBFilt.sys [1656960 2009-06-26] (Creative) [File not signed]
R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24184 2015-01-18] ()
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [73480 2015-01-18] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [55240 2015-01-18] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2015-01-18] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [787800 2015-01-18] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [423784 2015-01-18] (AVAST Software)
R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57928 2015-01-18] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [206248 2015-01-18] ()
S3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [51120 2005-03-08] (HP)
S3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2005-03-08] (HP)
S3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21744 2005-03-08] (HP)
R3 irsir; C:\WINDOWS\System32\DRIVERS\irsir.sys [18688 2001-08-17] (Microsoft Corporation)
S3 MonFilt; C:\WINDOWS\System32\drivers\MonFilt.sys [1389056 2008-12-02] (Creative Technology Ltd.)
R3 NVHDA; C:\WINDOWS\System32\drivers\nvhda32.sys [124264 2012-07-03] (NVIDIA Corporation)
R3 Rasirda; C:\WINDOWS\System32\DRIVERS\rasirda.sys [19584 2001-08-17] (Microsoft Corporation)
S3 rtl8139; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [20992 2008-04-13] (Realtek Semiconductor Corporation)
R1 Tcpip; C:\WINDOWS\System32\DRIVERS\tcpip.sys [361600 2011-05-01] (Microsoft Corporation) [File not signed]
R3 VIAHdAudAddService; C:\WINDOWS\System32\drivers\viahduaa.sys [1617408 2009-11-24] (VIA Technologies, Inc.) [File not signed]
S3 catchme; \??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\catchme.sys [X]
S4 IntelIde; No ImagePath
U5 Messenger; C:\WINDOWS\system32\svchost.exe [14336 2008-04-14] (Microsoft Corporation)
U4 NetDDE; No ImagePath
U4 NetDDEdsdm; No ImagePath
U3 NtmsSvc; %SystemRoot%\system32\svchost.exe -k netsvcs
U3 TlntSvr; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-21 19:22 - 2015-07-21 19:23 - 00017331 _____ C:\Documents and Settings\Administrator\Plocha\FRST.txt
2015-07-21 19:21 - 2015-07-21 19:22 - 00000000 ____D C:\FRST
2015-07-21 19:19 - 2015-07-21 19:19 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\Administrator\Plocha\FRSTLauncher.exe
2015-07-21 19:07 - 2015-07-21 19:08 - 01638912 _____ (Farbar) C:\Documents and Settings\Administrator\Plocha\FRST.exe
2015-07-21 17:23 - 2015-07-21 17:23 - 00000000 ____D C:\Program Files\netmeeting
2015-07-21 17:23 - 2015-07-21 17:23 - 00000000 ____D C:\Program Files\movie maker
2015-07-21 17:18 - 2015-07-21 19:23 - 00000000 ____D C:\Documents and Settings\Administrator\Local Settings\Temp
2015-07-21 17:18 - 2015-07-21 17:18 - 00000000 ____D C:\Documents and Settings\UpdatusUser\Local Settings\temp
2015-07-21 17:18 - 2015-07-21 17:18 - 00000000 ____D C:\Documents and Settings\NetworkService\Local Settings\temp
2015-07-21 17:18 - 2015-07-21 17:18 - 00000000 ____D C:\Documents and Settings\LocalService\Local Settings\temp
2015-07-21 17:18 - 2015-07-21 17:18 - 00000000 ____D C:\Documents and Settings\Default User\Local Settings\temp
2015-07-21 17:18 - 2015-07-21 15:54 - 00024064 _____ C:\WINDOWS\zoek-delete.exe
2015-07-21 15:56 - 2015-07-21 17:24 - 00015673 _____ C:\zoek-results.log
2015-07-21 15:54 - 2015-07-21 17:01 - 00000000 ____D C:\zoek_backup
2015-07-21 15:53 - 2015-07-21 15:53 - 01308672 _____ C:\Documents and Settings\Administrator\Plocha\zoek.exe
2015-07-21 15:08 - 2015-07-21 15:12 - 00000000 ____D C:\AdwCleaner
2015-07-21 15:08 - 2015-07-21 15:08 - 02248704 _____ C:\Documents and Settings\Administrator\Plocha\adwcleaner_4.208.exe
2015-07-21 14:50 - 2015-07-21 14:50 - 00000000 ____D C:\rsit
2015-07-21 14:50 - 2015-07-21 14:50 - 00000000 ____D C:\Program Files\trend micro
2015-07-21 14:49 - 2015-07-21 14:49 - 01107968 _____ C:\Documents and Settings\Administrator\Plocha\RSIT.exe
2015-07-21 14:40 - 2015-07-21 14:40 - 00000034 _____ C:\WINDOWS\setupact.log
2015-07-21 14:40 - 2015-07-21 14:40 - 00000000 _____ C:\WINDOWS\setuperr.log
2015-07-19 08:53 - 2015-07-21 14:45 - 00000000 ____D C:\Documents and Settings\Administrator\Plocha\babička
2015-07-19 08:52 - 2015-07-21 14:40 - 00048507 _____ C:\WINDOWS\setupapi.log
2015-07-18 21:55 - 2015-07-21 17:22 - 00002523 _____ C:\WINDOWS\WindowsUpdate.log
2015-07-18 16:21 - 2015-07-18 16:21 - 00000936 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d0c164fa269b84.job
2015-07-05 23:12 - 2015-07-06 14:56 - 00000000 ____D C:\Program Files\Mozilla Firefox

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-21 19:22 - 2012-02-10 13:36 - 00000000 ____D C:\Documents and Settings\Administrator\Plocha
2015-07-21 19:21 - 2012-02-10 15:03 - 00000000 ____D C:\Documents and Settings\Administrator\Dokumenty\Stažené soubory
2015-07-21 19:11 - 2012-02-18 19:36 - 00000000 ____D C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Temp
2015-07-21 17:25 - 2015-01-18 20:22 - 00000378 ____H C:\WINDOWS\Tasks\avast! Emergency Update.job
2015-07-21 17:24 - 2012-02-10 14:28 - 00000159 ____C C:\WINDOWS\wiadebug.log
2015-07-21 17:24 - 2012-02-10 14:28 - 00000049 ____C C:\WINDOWS\wiaservc.log
2015-07-21 17:22 - 2012-02-10 13:36 - 00000178 __SHC C:\Documents and Settings\Administrator\ntuser.ini
2015-07-21 17:22 - 2012-02-10 13:36 - 00000000 ____D C:\Documents and Settings\Administrator
2015-07-21 16:03 - 2012-02-10 13:36 - 00000000 __RHD C:\Documents and Settings\Administrator\Data aplikací
2015-07-21 16:03 - 2012-02-10 13:36 - 00000000 ____D C:\Documents and Settings\NetworkService\Data aplikací
2015-07-21 15:54 - 2012-02-10 13:34 - 00000000 ____D C:\WINDOWS\system32\Restore
2015-07-21 15:12 - 2012-12-15 20:56 - 00000178 __SHC C:\Documents and Settings\UpdatusUser\ntuser.ini
2015-07-21 15:12 - 2012-02-10 14:25 - 00000000 ___RD C:\Documents and Settings\All Users\Nabídka Start\Programy
2015-07-21 15:12 - 2012-02-10 13:36 - 00000178 __SHC C:\Documents and Settings\LocalService\ntuser.ini
2015-07-21 15:12 - 2012-02-10 13:36 - 00000000 ___RD C:\Documents and Settings\Administrator\Dokumenty
2015-07-21 15:12 - 2012-02-10 13:36 - 00000000 ___HD C:\Documents and Settings\Administrator\Local Settings\Data aplikací
2015-07-21 14:34 - 2001-07-21 22:17 - 00002206 ____C C:\WINDOWS\system32\wpa.dbl
2015-07-20 14:41 - 2014-03-16 11:31 - 00002283 _____ C:\Documents and Settings\All Users\Plocha\Skype.lnk
2015-07-20 14:41 - 2012-10-04 17:32 - 00000000 ____D C:\Documents and Settings\Administrator\Data aplikací\Skype
2015-07-20 13:30 - 2014-10-04 20:09 - 05088032 _____ (Optimal Software s.r.o. ) C:\Documents and Settings\Administrator\Dokumenty\PCSpeedUp-Silent-Update.exe
2015-07-19 08:54 - 2012-02-10 13:36 - 00000000 ___RD C:\Documents and Settings\Administrator\Dokumenty\Obrázky
2015-07-18 19:00 - 2012-07-08 18:28 - 00000069 ____C C:\WINDOWS\NeroDigital.ini
2015-07-18 16:21 - 2015-05-20 16:16 - 00000936 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d09307a0e0a378.job
2015-07-14 21:00 - 2013-12-18 18:53 - 00001813 ____C C:\Documents and Settings\All Users\Plocha\Google Chrome.lnk
2015-07-06 14:56 - 2012-05-08 09:53 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of log ============================

#8 Příspěvek od **vyosek** » 21 črc 2015 20:29

Tvorba fixlistu pro FRST

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

HKLM\...\Policies\Explorer: [NoDesktopCleanupWizard] 1
HKU\S-1-5-21-602162358-1004336348-1801674531-1001\...\RunOnce: [_nltide_3] => rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
HKU\S-1-5-21-602162358-1004336348-1801674531-1001\...\RunOnce: [NeroHomeFirstStart] => C:\Program Files\Common Files\Ahead\Lib\NMFirstStart.exe [16680 2007-06-27] (Nero AG)
HKU\S-1-5-21-602162358-1004336348-1801674531-500\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [152872 2007-06-27] (Nero AG)
HKU\S-1-5-21-602162358-1004336348-1801674531-500\...\Run: [Facebook Update] => C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe [138096 2013-03-19] (Facebook Inc.)
HKU\S-1-5-21-602162358-1004336348-1801674531-500\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [31280256 2015-04-17] (Skype Technologies S.A.)
HKU\S-1-5-21-602162358-1004336348-1801674531-500\...\Policies\Explorer: [NoSMHelp] 1
HKU\S-1-5-21-602162358-1004336348-1801674531-500\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-21-602162358-1004336348-1801674531-500\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-602162358-1004336348-1801674531-500\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-602162358-1004336348-1801674531-500\...\Policies\Explorer: [NoInstrumentation] 1
HKU\S-1-5-21-602162358-1004336348-1801674531-500\...\Policies\Explorer: [NoStartMenuMFUprogramsList] 1
HKU\S-1-5-21-602162358-1004336348-1801674531-500\...\Policies\Explorer: [NoRecentDocsMenu] 1
HKU\S-1-5-21-602162358-1004336348-1801674531-500\...\Policies\Explorer: [NoRecentDocsHistory] 1
HKU\S-1-5-21-602162358-1004336348-1801674531-500\...\Policies\Explorer: [NoSMMyPictures] 1
HKU\S-1-5-21-602162358-1004336348-1801674531-500\...\Policies\Explorer: [NoSMConfigurePrograms] 1
HKU\S-1-5-18\...\Run: [Google Update] => C:\WINDOWS\system32\config\systemprofile\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [116648 2014-02-08] (Google Inc.)
HKU\S-1-5-18\...\RunOnce: [_nltide_3] => rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
HKU\S-1-5-18\...\Policies\Explorer: [NoSMHelp] 1
HKU\S-1-5-18\...\Policies\Explorer: [ForceClassicControlPanel] 1
HKU\S-1-5-18\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-18\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-18\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-18\...\Policies\Explorer: [NoInstrumentation] 1
HKU\S-1-5-18\...\Policies\Explorer: [NoStartMenuMFUprogramsList] 1
HKU\S-1-5-18\...\Policies\Explorer: [NoRecentDocsMenu] 1
HKU\S-1-5-18\...\Policies\Explorer: [NoRecentDocsHistory] 1
HKU\S-1-5-18\...\Policies\Explorer: [NoSMMyPictures] 1
HKU\S-1-5-18\...\Policies\Explorer: [NoSMConfigurePrograms] 1
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> logon.scr

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-602162358-1004336348-1801674531-500\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\S-1-5-21-602162358-1004336348-1801674531-500\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=UP97&ocid=UP97DHP&dt=071813
HKU\S-1-5-21-602162358-1004336348-1801674531-500\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1ewenusDefaultPack/UP97_FRPage
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "about:newtab" <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-602162358-1004336348-1801674531-500 -> yandex.ru-190049 URL = http://yandex.ru/yandsearch?win=81&clid=1946580&text={searchTerms}
BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-09-16] (Skype Technologies S.A.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-09-16] (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

FF SearchPlugin: C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\f93g3wdm.default\searchplugins\yandex.ru-190052.xml [2013-07-18]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-07-05]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-07-05]

CHR Extension: (Skype Click to Call) - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-12-18]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-09-16]

R2 Skype C2C Service; C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3273088 2013-09-16] (Skype Technologies S.A.)
S3 aspnet_state; %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [X]
S3 CiSvc; %SystemRoot%\system32\cisvc.exe [X]
S3 ClipSrv; %SystemRoot%\system32\clipsrv.exe [X]
S2 ERSvc; %SystemRoot%\System32\ersvc.dll [X]
S2 wscsvc; %SYSTEMROOT%\system32\wscsvc.dll [X]
S3 catchme; \??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\catchme.sys [X]
S4 IntelIde; No ImagePath
U5 Messenger; C:\WINDOWS\system32\svchost.exe [14336 2008-04-14] (Microsoft Corporation)
U4 NetDDE; No ImagePath
U4 NetDDEdsdm; No ImagePath
U3 NtmsSvc; %SystemRoot%\system32\svchost.exe -k netsvcs
U3 TlntSvr; No ImagePath

c:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars
2015-07-21 19:22 - 2015-07-21 19:23 - 00017331 _____ C:\Documents and Settings\Administrator\Plocha\FRST.txt
2015-07-21 19:19 - 2015-07-21 19:19 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\Administrator\Plocha\FRSTLauncher.exe
2015-07-21 17:18 - 2015-07-21 15:54 - 00024064 _____ C:\WINDOWS\zoek-delete.exe
2015-07-21 15:56 - 2015-07-21 17:24 - 00015673 _____ C:\zoek-results.log
2015-07-21 15:54 - 2015-07-21 17:01 - 00000000 ____D C:\zoek_backup
2015-07-21 15:53 - 2015-07-21 15:53 - 01308672 _____ C:\Documents and Settings\Administrator\Plocha\zoek.exe
2015-07-21 15:08 - 2015-07-21 15:12 - 00000000 ____D C:\AdwCleaner
2015-07-21 15:08 - 2015-07-21 15:08 - 02248704 _____ C:\Documents and Settings\Administrator\Plocha\adwcleaner_4.208.exe
2015-07-21 14:50 - 2015-07-21 14:50 - 00000000 ____D C:\rsit
2015-07-21 14:50 - 2015-07-21 14:50 - 00000000 ____D C:\Program Files\trend micro
2015-07-21 14:49 - 2015-07-21 14:49 - 01107968 _____ C:\Documents and Settings\Administrator\Plocha\RSIT.exe
2015-07-21 14:40 - 2015-07-21 14:40 - 00000034 _____ C:\WINDOWS\setupact.log
2015-07-21 14:40 - 2015-07-21 14:40 - 00000000 _____ C:\WINDOWS\setuperr.log

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-602162358-1004336348-1801674531-500Core.job => C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-602162358-1004336348-1801674531-500UA.job => C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1cf9114a955f9f0.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1cff35adc857a18.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d000e745906722.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d042f49adb2150.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d09307a0e0a378.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d0c164fa269b84.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-18Core.job => C:\WINDOWS\system32\config\systemprofile\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job => C:\Program Files\Microsoft Security Client\MpCmdRun.exe

Hosts:
EmptyTemp:
Reboot:
End

Ulozte vytvoreny TXT jako fixlist.txt
Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

Kliknete na Fix
Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

Archicz · #9 Příspěvek od **Archicz** » 22 črc 2015 14:07

Zdravím a posílám log:

Fix result of Farbar Recovery Scan Tool (x86) Version: 20-07-2015
Ran by Administrator at 2015-07-22 14:40:21 Run:1
Running from C:\Documents and Settings\Administrator\Plocha
Loaded Profiles: UpdatusUser & Administrator (Available Profiles: UpdatusUser & Administrator)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKLM\...\Policies\Explorer: [NoDesktopCleanupWizard] 1
HKU\S-1-5-21-602162358-1004336348-1801674531-1001\...\RunOnce: [_nltide_3] => rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
HKU\S-1-5-21-602162358-1004336348-1801674531-1001\...\RunOnce: [NeroHomeFirstStart] => C:\Program Files\Common Files\Ahead\Lib\NMFirstStart.exe [16680 2007-06-27] (Nero AG)
HKU\S-1-5-21-602162358-1004336348-1801674531-500\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [152872 2007-06-27] (Nero AG)
HKU\S-1-5-21-602162358-1004336348-1801674531-500\...\Run: [Facebook Update] => C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe [138096 2013-03-19] (Facebook Inc.)
HKU\S-1-5-21-602162358-1004336348-1801674531-500\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [31280256 2015-04-17] (Skype Technologies S.A.)
HKU\S-1-5-21-602162358-1004336348-1801674531-500\...\Policies\Explorer: [NoSMHelp] 1
HKU\S-1-5-21-602162358-1004336348-1801674531-500\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-21-602162358-1004336348-1801674531-500\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-602162358-1004336348-1801674531-500\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-602162358-1004336348-1801674531-500\...\Policies\Explorer: [NoInstrumentation] 1
HKU\S-1-5-21-602162358-1004336348-1801674531-500\...\Policies\Explorer: [NoStartMenuMFUprogramsList] 1
HKU\S-1-5-21-602162358-1004336348-1801674531-500\...\Policies\Explorer: [NoRecentDocsMenu] 1
HKU\S-1-5-21-602162358-1004336348-1801674531-500\...\Policies\Explorer: [NoRecentDocsHistory] 1
HKU\S-1-5-21-602162358-1004336348-1801674531-500\...\Policies\Explorer: [NoSMMyPictures] 1
HKU\S-1-5-21-602162358-1004336348-1801674531-500\...\Policies\Explorer: [NoSMConfigurePrograms] 1
HKU\S-1-5-18\...\Run: [Google Update] => C:\WINDOWS\system32\config\systemprofile\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [116648 2014-02-08] (Google Inc.)
HKU\S-1-5-18\...\RunOnce: [_nltide_3] => rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
HKU\S-1-5-18\...\Policies\Explorer: [NoSMHelp] 1
HKU\S-1-5-18\...\Policies\Explorer: [ForceClassicControlPanel] 1
HKU\S-1-5-18\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-18\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-18\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-18\...\Policies\Explorer: [NoInstrumentation] 1
HKU\S-1-5-18\...\Policies\Explorer: [NoStartMenuMFUprogramsList] 1
HKU\S-1-5-18\...\Policies\Explorer: [NoRecentDocsMenu] 1
HKU\S-1-5-18\...\Policies\Explorer: [NoRecentDocsHistory] 1
HKU\S-1-5-18\...\Policies\Explorer: [NoSMMyPictures] 1
HKU\S-1-5-18\...\Policies\Explorer: [NoSMConfigurePrograms] 1
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> logon.scr

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-602162358-1004336348-1801674531-500\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\S-1-5-21-602162358-1004336348-1801674531-500\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=UP97&ocid=UP97DHP&dt=071813
HKU\S-1-5-21-602162358-1004336348-1801674531-500\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1ewenusDefaultPack/UP97_FRPage
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "about:newtab" <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-602162358-1004336348-1801674531-500 -> yandex.ru-190049 URL = http://yandex.ru/yandsearch?win=81&clid ... earchTerms}
BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-09-16] (Skype Technologies S.A.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-09-16] (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

FF SearchPlugin: C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\f93g3wdm.default\searchplugins\yandex.ru-190052.xml [2013-07-18]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-07-05]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-07-05]

CHR Extension: (Skype Click to Call) - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-12-18]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-09-16]

R2 Skype C2C Service; C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3273088 2013-09-16] (Skype Technologies S.A.)
S3 aspnet_state; %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [X]
S3 CiSvc; %SystemRoot%\system32\cisvc.exe [X]
S3 ClipSrv; %SystemRoot%\system32\clipsrv.exe [X]
S2 ERSvc; %SystemRoot%\System32\ersvc.dll [X]
S2 wscsvc; %SYSTEMROOT%\system32\wscsvc.dll [X]
S3 catchme; \??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\catchme.sys [X]
S4 IntelIde; No ImagePath
U5 Messenger; C:\WINDOWS\system32\svchost.exe [14336 2008-04-14] (Microsoft Corporation)
U4 NetDDE; No ImagePath
U4 NetDDEdsdm; No ImagePath
U3 NtmsSvc; %SystemRoot%\system32\svchost.exe -k netsvcs
U3 TlntSvr; No ImagePath

c:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars
2015-07-21 19:22 - 2015-07-21 19:23 - 00017331 _____ C:\Documents and Settings\Administrator\Plocha\FRST.txt
2015-07-21 19:19 - 2015-07-21 19:19 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\Administrator\Plocha\FRSTLauncher.exe
2015-07-21 17:18 - 2015-07-21 15:54 - 00024064 _____ C:\WINDOWS\zoek-delete.exe
2015-07-21 15:56 - 2015-07-21 17:24 - 00015673 _____ C:\zoek-results.log
2015-07-21 15:54 - 2015-07-21 17:01 - 00000000 ____D C:\zoek_backup
2015-07-21 15:53 - 2015-07-21 15:53 - 01308672 _____ C:\Documents and Settings\Administrator\Plocha\zoek.exe
2015-07-21 15:08 - 2015-07-21 15:12 - 00000000 ____D C:\AdwCleaner
2015-07-21 15:08 - 2015-07-21 15:08 - 02248704 _____ C:\Documents and Settings\Administrator\Plocha\adwcleaner_4.208.exe
2015-07-21 14:50 - 2015-07-21 14:50 - 00000000 ____D C:\rsit
2015-07-21 14:50 - 2015-07-21 14:50 - 00000000 ____D C:\Program Files\trend micro
2015-07-21 14:49 - 2015-07-21 14:49 - 01107968 _____ C:\Documents and Settings\Administrator\Plocha\RSIT.exe
2015-07-21 14:40 - 2015-07-21 14:40 - 00000034 _____ C:\WINDOWS\setupact.log
2015-07-21 14:40 - 2015-07-21 14:40 - 00000000 _____ C:\WINDOWS\setuperr.log

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-602162358-1004336348-1801674531-500Core.job => C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-602162358-1004336348-1801674531-500UA.job => C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1cf9114a955f9f0.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1cff35adc857a18.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d000e745906722.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d042f49adb2150.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d09307a0e0a378.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d0c164fa269b84.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-18Core.job => C:\WINDOWS\system32\config\systemprofile\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job => C:\Program Files\Microsoft Security Client\MpCmdRun.exe

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoDesktopCleanupWizard => value removed successfully.
HKU\S-1-5-21-602162358-1004336348-1801674531-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\_nltide_3 => value not found.
HKU\S-1-5-21-602162358-1004336348-1801674531-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\NeroHomeFirstStart => value not found.
HKU\S-1-5-21-602162358-1004336348-1801674531-500\Software\Microsoft\Windows\CurrentVersion\Run\\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} => value removed successfully.
HKU\S-1-5-21-602162358-1004336348-1801674531-500\Software\Microsoft\Windows\CurrentVersion\Run\\Facebook Update => value removed successfully.
HKU\S-1-5-21-602162358-1004336348-1801674531-500\Software\Microsoft\Windows\CurrentVersion\Run\\Skype => value removed successfully.
HKU\S-1-5-21-602162358-1004336348-1801674531-500\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoSMHelp => value removed successfully.
HKU\S-1-5-21-602162358-1004336348-1801674531-500\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\LinkResolveIgnoreLinkInfo => value removed successfully.
HKU\S-1-5-21-602162358-1004336348-1801674531-500\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoResolveSearch => value removed successfully.
HKU\S-1-5-21-602162358-1004336348-1801674531-500\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoLowDiskSpaceChecks => value removed successfully.
HKU\S-1-5-21-602162358-1004336348-1801674531-500\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoInstrumentation => value removed successfully.
HKU\S-1-5-21-602162358-1004336348-1801674531-500\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoStartMenuMFUprogramsList => value removed successfully.
HKU\S-1-5-21-602162358-1004336348-1801674531-500\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoRecentDocsMenu => value removed successfully.
HKU\S-1-5-21-602162358-1004336348-1801674531-500\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoRecentDocsHistory => value removed successfully.
HKU\S-1-5-21-602162358-1004336348-1801674531-500\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoSMMyPictures => value removed successfully.
HKU\S-1-5-21-602162358-1004336348-1801674531-500\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoSMConfigurePrograms => value removed successfully.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update => value removed successfully.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce\\_nltide_3 => value removed successfully.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoSMHelp => value removed successfully.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\ForceClassicControlPanel => value removed successfully.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\LinkResolveIgnoreLinkInfo => value removed successfully.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoResolveSearch => value removed successfully.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoLowDiskSpaceChecks => value removed successfully.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoInstrumentation => value removed successfully.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoStartMenuMFUprogramsList => value removed successfully.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoRecentDocsMenu => value removed successfully.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoRecentDocsHistory => value removed successfully.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoSMMyPictures => value removed successfully.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoSMConfigurePrograms => value removed successfully.
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE => value restored successfully
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully.
"HKU\S-1-5-21-602162358-1004336348-1801674531-500\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page => value removed successfully.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Search Page => value removed successfully.
HKU\S-1-5-21-602162358-1004336348-1801674531-500\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\S-1-5-21-602162358-1004336348-1801674531-500\Software\Microsoft\Internet Explorer\Main\\First Home Page => value removed successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs\\Tabs => value restored successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully.
"HKU\S-1-5-21-602162358-1004336348-1801674531-500\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\yandex.ru-190049" => key removed successfully.
HKCR\CLSID\yandex.ru-190049 => key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully.
"HKCR\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully.
"HKCR\PROTOCOLS\Handler\skype-ie-addon-data" => key removed successfully.
"HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => key removed successfully.
"HKCR\PROTOCOLS\Handler\skype4com" => key removed successfully.
"HKCR\CLSID\{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D}" => key removed successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\f93g3wdm.default\searchplugins\yandex.ru-190052.xml => moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} => moved successfully.
C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} => moved successfully.
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl => moved successfully.
"HKLM\SOFTWARE\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl" => key removed successfully.
C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx => moved successfully.
Skype C2C Service => Service removed successfully.
aspnet_state => Service removed successfully.
CiSvc => Service removed successfully.
ClipSrv => Service removed successfully.
ERSvc => Service removed successfully.
wscsvc => Service removed successfully.
catchme => Service removed successfully.
IntelIde => Service removed successfully.
Messenger => Service removed successfully.
NetDDE => Service removed successfully.
NetDDEdsdm => Service removed successfully.
NtmsSvc => Service removed successfully.
TlntSvr => Service removed successfully.
c:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars => moved successfully.
C:\Documents and Settings\Administrator\Plocha\FRST.txt => moved successfully.
C:\Documents and Settings\Administrator\Plocha\FRSTLauncher.exe => moved successfully.
C:\WINDOWS\zoek-delete.exe => moved successfully.
C:\zoek-results.log => moved successfully.
C:\zoek_backup => moved successfully.
C:\Documents and Settings\Administrator\Plocha\zoek.exe => moved successfully.
C:\AdwCleaner => moved successfully.
C:\Documents and Settings\Administrator\Plocha\adwcleaner_4.208.exe => moved successfully.
C:\rsit => moved successfully.
C:\Program Files\trend micro => moved successfully.
C:\Documents and Settings\Administrator\Plocha\RSIT.exe => moved successfully.
C:\WINDOWS\setupact.log => moved successfully.
C:\WINDOWS\setuperr.log => moved successfully.
C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => moved successfully.
C:\WINDOWS\Tasks\avast! Emergency Update.job => moved successfully.
C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-602162358-1004336348-1801674531-500Core.job => moved successfully.
C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-602162358-1004336348-1801674531-500UA.job => moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1cf9114a955f9f0.job => moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1cff35adc857a18.job => moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d000e745906722.job => moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d042f49adb2150.job => moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d09307a0e0a378.job => moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d0c164fa269b84.job => moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-18Core.job => moved successfully.
C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job => moved successfully.
C:\Windows\System32\Drivers\etc\hosts => moved successfully.
Hosts restored successfully.
EmptyTemp: => 698.5 MB temporary data Removed.

The system needed a reboot.

==== End of Fixlog 14:44:07 ====

#10 Příspěvek od **vyosek** » 23 črc 2015 08:25

Jak se chova PC???

Archicz · #11 Příspěvek od **Archicz** » 23 črc 2015 13:39

Dobrý den přeji, PC už se na své stáří chová celkem standardně. Videa z youtube jdou zase přehrávat relativně plynule.

#12 Příspěvek od **vyosek** » 23 črc 2015 13:56

Tak jeste uklidime

DelFix https://toolslib.net/downloads/finish/2/

Stahnete a spustte
Ponechte zatrzitkou pouze u volby Remove disinfection tools
Kliknete na Run

Stahnete Ccleaner https://www.piriform.com/ccleaner/download/standard
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

Archicz · #13 Příspěvek od **Archicz** » 23 črc 2015 15:49

Uklizeno děkuji za rady a za pomoc.

#14 Příspěvek od **vyosek** » 23 črc 2015 16:01

Nemate zac, rad jsem pomohl

A na zaklade Pravidla o zamykani temat

VIRY.CZ

Zpomalený prohlížeč Firefox

Zpomalený prohlížeč Firefox

Re: Zpomalený prohlížeč Firefox

Re: Zpomalený prohlížeč Firefox

Re: Zpomalený prohlížeč Firefox

Re: Zpomalený prohlížeč Firefox

Re: Zpomalený prohlížeč Firefox

Re: Zpomalený prohlížeč Firefox

Re: Zpomalený prohlížeč Firefox

Re: Zpomalený prohlížeč Firefox

Re: Zpomalený prohlížeč Firefox

Re: Zpomalený prohlížeč Firefox

Re: Zpomalený prohlížeč Firefox

Re: Zpomalený prohlížeč Firefox

Re: Zpomalený prohlížeč Firefox