prosim o kontrolu logu

[Feringo]

Ten Zoek po dokonceni ma restartovat pc sam alebo to mam vypnut a restartovat ja? Pretoze posledny riadok v tom okne Zoek je "Create Backups 10:11:25,04", co uz je 30 minut odvtedy a nevsimol som si, ze ci to este dalej pracuje, tak sa radej spytam, ze ci to moze trvat aj tolko alebo to mam vypnut?

[Feringo]

Tak nic sa nemenilo, tak som nakoniec restartoval pc sam, po restarte otvoril Zoek a bola tam moznost C:\zoek-result.log. Tak kopirujem tento log.


Zoek.exe v5.0.0.0 Updated 10-September-2014
Tool run by Monika on pi 12.09.2014 at 10:01:49,54.
Systém Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Documents and Settings\Monika\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

12.9.2014 10:03:02 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Explorer Bars\{32683183-48a0-441b-a342-7c2a440a9478} deleted successfully
HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Explorer Bars\{32683183-48a0-441b-a342-7c2a440a9478} deleted successfully
HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Explorer Bars\{32683183-48a0-441b-a342-7c2a440a9478} deleted successfully
HKEY_USERS\S-1-5-21-1229272821-1500820517-839522115-1003\Software\Microsoft\Internet Explorer\Explorer Bars\{32683183-48a0-441b-a342-7c2a440a9478} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{32683183-48a0-441b-a342-7c2a440a9478} deleted successfully

==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\Program Files\ComPlus Applications deleted

[vyosek]

Poprosim o FRST http://forum.viry.cz/viewtopic.php?f=13&t=133100

[Feringo]

Nech sa paci, log z FRST

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-09-2014
Ran by Monika (administrator) on HOME-NB on 12-09-2014 21:44:18
Running from C:\Documents and Settings\Monika\Desktop
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Angličtina (USA)
Internet Explorer Version 6
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
(Intel Corporation ) C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
() C:\WINDOWS\ATK0100\HControl.exe
(Intel Corporation) C:\WINDOWS\system32\igfxtray.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(Motorola Inc.) C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files\Wireless Console 2\wcourier.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe
(ATK) C:\Program Files\Asus\Splendid\ACMON.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(ASUSTeK) C:\WINDOWS\system32\ACEngSvr.exe
() C:\WINDOWS\ATK0100\ATKOSD.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
() C:\WINDOWS\system32\acovcnt.exe
(forum.viry.cz) C:\Documents and Settings\Monika\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [HControl] => C:\WINDOWS\ATK0100\HControl.exe [110592 2006-08-23] ()
HKLM\...\Run: [igfxhkcmd] => C:\WINDOWS\System32\hkcmd.exe [77824 2006-02-07] (Intel Corporation)
HKLM\...\Run: [igfxpers] => C:\WINDOWS\System32\igfxpers.exe [118784 2006-02-07] (Intel Corporation)
HKLM\...\Run: [SigmatelSysTrayApp] => stsystra.exe
HKLM\...\Run: [SMSERIAL] => C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [573440 2006-08-07] (Motorola Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [786521 2006-05-25] (Synaptics, Inc.)
HKLM\...\Run: [Wireless Console 2] => C:\Program Files\Wireless Console 2\wcourier.exe [987136 2005-10-17] ()
HKLM\...\Run: [IntelZeroConfig] => C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe [802816 2006-08-02] (Intel Corporation)
HKLM\...\Run: [IntelWireless] => C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [696320 2006-08-02] (Intel Corporation)
HKLM\...\Run: [ACMON] => C:\Program Files\ASUS\Splendid\ACMON.exe [811008 2006-05-30] (ATK)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5110672 2013-09-12] (ESET)
HKLM\...99B7938DA9E4}\LocalServer32: [Default-wmiprvse] <==== ATTENTION!
HKU\S-1-5-21-1229272821-1500820517-839522115-1003\...\MountPoints2: {bf8c7386-7a23-11e3-97c8-001a92c70923} - E:\urDrive.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: 192.168.1.2:3128
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... R}&ar=home
SearchScopes: HKCU - {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\System32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2014-01-09]

Chrome:
=======
CHR HomePage: Default ->
CHR CustomProfile: C:\Documents and Settings\Monika\Local Settings\Application Data\Google\Chrome\User Data\Default
CHR Extension: (Peňaženka Google) - C:\Documents and Settings\Monika\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-12]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [1337752 2013-09-12] (ESET)
R2 EvtEng; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [434176 2006-08-02] (Intel Corporation) [File not signed]
R2 MDM; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
R2 RegSrvc; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [327680 2006-08-02] (Intel Corporation) [File not signed]
R2 S24EventMonitor; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [937984 2006-08-02] (Intel Corporation ) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AegisP; C:\WINDOWS\System32\DRIVERS\AegisP.sys [21419 2014-01-09] (Meetinghouse Data Communications) [File not signed]
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
R1 eamon; C:\WINDOWS\System32\DRIVERS\eamon.sys [184664 2013-09-17] (ESET)
R1 ehdrv; C:\WINDOWS\System32\DRIVERS\ehdrv.sys [134248 2013-09-17] (ESET)
R2 epfw; C:\WINDOWS\System32\DRIVERS\epfw.sys [174400 2013-09-17] (ESET)
R3 Epfwndis; C:\WINDOWS\System32\DRIVERS\Epfwndis.sys [38952 2013-09-17] (ESET)
R1 epfwtdi; C:\WINDOWS\System32\DRIVERS\epfwtdi.sys [61600 2013-09-17] (ESET)
S3 M3AD; C:\WINDOWS\System32\drivers\m3aux.sys [136832 2006-08-10] (Motorola Inc)
R3 MTsensor; C:\WINDOWS\System32\DRIVERS\ATKACPI.sys [5632 2005-02-17] ()
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
R3 NETw3x32; C:\WINDOWS\System32\DRIVERS\NETw3x32.sys [1709696 2006-09-27] (Intel® Corporation)
R3 RTL8023xp; C:\WINDOWS\System32\DRIVERS\Rtlnicxp.sys [70144 2005-02-16] (Realtek Semiconductor Corporation )
S3 rtl8139; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [20992 2008-04-13] (Realtek Semiconductor Corporation)
R2 s24trans; C:\WINDOWS\System32\DRIVERS\s24trans.sys [12544 2006-08-02] (Intel Corporation) [File not signed]
R3 STHDA; C:\WINDOWS\System32\drivers\sthda.sys [1164600 2006-04-27] (SigmaTel, Inc.)
R3 SynMini; C:\WINDOWS\System32\Drivers\SynMini.sys [1116544 2006-08-09] ()
R3 SynScan; C:\WINDOWS\System32\Drivers\SynScan.sys [7808 2006-08-09] ()
S3 toshidpt; C:\WINDOWS\System32\drivers\Toshidpt.sys [3712 2005-07-11] (TOSHIBA Corporation.) [File not signed]
R3 tosporte; C:\WINDOWS\System32\DRIVERS\tosporte.sys [47488 2006-04-19] (TOSHIBA Corporation) [File not signed]
S3 Tosrfbd; C:\WINDOWS\System32\Drivers\tosrfbd.sys [110976 2006-05-18] (TOSHIBA CORPORATION) [File not signed]
S3 Tosrfbnp; C:\WINDOWS\System32\Drivers\tosrfbnp.sys [37632 2006-03-16] (TOSHIBA Corporation) [File not signed]
R1 Tosrfcom; C:\WINDOWS\System32\Drivers\tosrfcom.sys [64896 2005-08-01] (TOSHIBA Corporation) [File not signed]
S3 Tosrfhid; C:\WINDOWS\System32\DRIVERS\Tosrfhid.sys [62848 2006-05-09] (TOSHIBA Corporation.) [File not signed]
S3 tosrfnds; C:\WINDOWS\System32\DRIVERS\tosrfnds.sys [18612 2005-01-06] (TOSHIBA Corporation.) [File not signed]
S3 TosRfSnd; C:\WINDOWS\System32\drivers\TosRfSnd.sys [52864 2006-03-15] (TOSHIBA Corporation) [File not signed]
S3 Tosrfusb; C:\WINDOWS\System32\Drivers\tosrfusb.sys [40192 2006-05-09] (TOSHIBA CORPORATION) [File not signed]
S4 IntelIde; No ImagePath
S3 MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-12 21:44 - 2014-09-12 21:44 - 00010604 _____ () C:\Documents and Settings\Monika\Desktop\FRST.txt
2014-09-12 10:10 - 2014-09-12 10:10 - 00000021 _____ () C:\folders.log
2014-09-12 10:02 - 2014-09-12 10:11 - 00002239 _____ () C:\zoek-results.log
2014-09-12 10:01 - 2014-09-12 10:11 - 00000000 ____D () C:\zoek_backup
2014-09-12 09:58 - 2014-09-12 09:58 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2014-09-12 09:55 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\system32\sqlite3.dll
2014-09-12 09:54 - 2014-09-12 09:56 - 00000000 ____D () C:\AdwCleaner
2014-09-12 09:52 - 2014-09-12 09:52 - 01370467 _____ () C:\Documents and Settings\Monika\Desktop\adwcleaner_3.309.exe
2014-09-12 09:52 - 2014-09-12 09:52 - 01290240 _____ () C:\Documents and Settings\Monika\Desktop\zoek.exe
2014-09-12 09:46 - 2014-09-12 21:41 - 00045056 _____ () C:\WINDOWS\system32\acovcnt.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-12 21:44 - 2014-09-12 21:44 - 00010604 _____ () C:\Documents and Settings\Monika\Desktop\FRST.txt
2014-09-12 21:44 - 2014-01-09 19:43 - 00000000 ____D () C:\Documents and Settings\Monika\Local Settings\Temp
2014-09-12 21:44 - 2007-02-21 05:49 - 00000000 ____D () C:\FRST
2014-09-12 21:41 - 2014-09-12 09:46 - 00045056 _____ () C:\WINDOWS\system32\acovcnt.exe
2014-09-12 14:57 - 2014-01-09 21:10 - 01271334 _____ () C:\WINDOWS\WindowsUpdate.log
2014-09-12 14:29 - 2014-01-09 21:34 - 00000924 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-12 13:56 - 2014-01-09 21:34 - 00000920 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-12 13:56 - 2014-01-09 20:29 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-09-12 13:56 - 2014-01-09 20:29 - 00000051 _____ () C:\WINDOWS\wiaservc.log
2014-09-12 13:56 - 2014-01-09 19:39 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-09-12 13:56 - 2002-08-29 14:00 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl
2014-09-12 13:55 - 2014-01-09 19:43 - 00000178 ___SH () C:\Documents and Settings\Monika\ntuser.ini
2014-09-12 13:55 - 2014-01-09 19:42 - 00032562 _____ () C:\WINDOWS\SchedLgU.Txt
2014-09-12 10:11 - 2014-09-12 10:02 - 00002239 _____ () C:\zoek-results.log
2014-09-12 10:11 - 2014-09-12 10:01 - 00000000 ____D () C:\zoek_backup
2014-09-12 10:10 - 2014-09-12 10:10 - 00000021 _____ () C:\folders.log
2014-09-12 09:58 - 2014-09-12 09:58 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2014-09-12 09:56 - 2014-09-12 09:54 - 00000000 ____D () C:\AdwCleaner
2014-09-12 09:52 - 2014-09-12 09:52 - 01370467 _____ () C:\Documents and Settings\Monika\Desktop\adwcleaner_3.309.exe
2014-09-12 09:52 - 2014-09-12 09:52 - 01290240 _____ () C:\Documents and Settings\Monika\Desktop\zoek.exe
2014-09-12 09:48 - 2014-01-09 20:27 - 00360124 _____ () C:\WINDOWS\system32\PerfStringBackup.INI

Some content of TEMP:
====================
C:\Documents and Settings\Monika\Local Settings\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed




===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:111.78 GB) (Free:68.98 GB) NTFS ==>[Drive with boot components (Windows XP)]

Available physical RAM: 2169.8 MB
Total physical RAM: 2935.23 MB
Percentage of memory in use: 26%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows XP) (Size: 111.8 GB) (Disk ID: A8D32665)
Partition 1: (Active) - (Size=111.8 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: ESET Smart Security 7.0 (Disabled - Up to date) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall (Disabled) {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Documents and Settings\Monika\Desktop" je 26001 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
"C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS
"C:\Program Files\Messenger\msmsgs.exe" /background [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Bluetooth Manager.lnk
C:\PROGRA~1\Toshiba\BLUETO~1\TOSBTM~1.EXE


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x0


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe"="C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe:*:Enabled:Google Chrome"
"C:\\Program Files\\Opera\\opera.exe"="C:\\Program Files\\Opera\\opera.exe:*:Enabled:Opera Internet Browser"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000


==================== End Of Log ==============================

[vyosek]

Tvorba fixlistu pro FRST

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  Start
  CloseProcesses:
  
  HKLM\...99B7938DA9E4}\LocalServer32: [Default-wmiprvse] <==== ATTENTION!
  HKU\S-1-5-21-1229272821-1500820517-839522115-1003\...\MountPoints2: {bf8c7386-7a23-11e3-97c8-001a92c70923} - E:\urDrive.exe
  
  2014-09-12 10:10 - 2014-09-12 10:10 - 00000021 _____ () C:\folders.log
  2014-09-12 10:02 - 2014-09-12 10:11 - 00002239 _____ () C:\zoek-results.log
  2014-09-12 10:01 - 2014-09-12 10:11 - 00000000 ____D () C:\zoek_backup
  2014-09-12 09:55 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\system32\sqlite3.dll
  2014-09-12 09:54 - 2014-09-12 09:56 - 00000000 ____D () C:\AdwCleaner
  2014-09-12 09:52 - 2014-09-12 09:52 - 01370467 _____ () C:\Documents and Settings\Monika\Desktop\adwcleaner_3.309.exe
  2014-09-12 09:52 - 2014-09-12 09:52 - 01290240 _____ () C:\Documents and Settings\Monika\Desktop\zoek.exe
  
  Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
  Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
  Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe
  
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS" /f
  
  Hosts:
  EmptyTemp:
  Reboot:
  End
  

• Ulozte vytvoreny TXT jako fixlist.txt
• Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

• Kliknete na Fix
• Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

[Feringo]

Pripajam fixlog

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 11-09-2014
Ran by Monika at 2014-09-12 21:58:00 Run:1
Running from C:\Documents and Settings\Monika\Desktop
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
CloseProcesses:

HKLM\...99B7938DA9E4}\LocalServer32: [Default-wmiprvse] <==== ATTENTION!
HKU\S-1-5-21-1229272821-1500820517-839522115-1003\...\MountPoints2: {bf8c7386-7a23-11e3-97c8-001a92c70923} - E:\urDrive.exe

2014-09-12 10:10 - 2014-09-12 10:10 - 00000021 _____ () C:\folders.log
2014-09-12 10:02 - 2014-09-12 10:11 - 00002239 _____ () C:\zoek-results.log
2014-09-12 10:01 - 2014-09-12 10:11 - 00000000 ____D () C:\zoek_backup
2014-09-12 09:55 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\system32\sqlite3.dll
2014-09-12 09:54 - 2014-09-12 09:56 - 00000000 ____D () C:\AdwCleaner
2014-09-12 09:52 - 2014-09-12 09:52 - 01370467 _____ () C:\Documents and Settings\Monika\Desktop\adwcleaner_3.309.exe
2014-09-12 09:52 - 2014-09-12 09:52 - 01290240 _____ () C:\Documents and Settings\Monika\Desktop\zoek.exe

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe

REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS" /f

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
HKLM\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\LocalServer32\\Default => Value was restored successfully.
"HKU\S-1-5-21-1229272821-1500820517-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bf8c7386-7a23-11e3-97c8-001a92c70923}" => Key deleted successfully.
"HKCR\CLSID\{bf8c7386-7a23-11e3-97c8-001a92c70923}" => Key not found.
C:\folders.log => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\WINDOWS\system32\sqlite3.dll => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Documents and Settings\Monika\Desktop\adwcleaner_3.309.exe => Moved successfully.
C:\Documents and Settings\Monika\Desktop\zoek.exe => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => Moved successfully.

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f =========


Operácie skončila úspešne.


========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS" /f =========


Operácie skončila úspešne.


========= End of Reg: =========

C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 173.5 MB temporary data.


The system needed a reboot.

==== End of Fixlog ====

[vyosek]

Jak se chova PC

[Feringo]

PC vyzera byt v poriadku.

[vyosek]

Tak jeste uklidime

T-Cleaner http://vyosek.tym.cz/pro_usery/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stahnete a spustte
• Kliknete na CleanUp a potvrdte YES
• Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

[Feringo]

PC som prebehol tymto poslednym cistenim a vyzera byt vsetko v poriadku. Rad by som sa podakoval za ochotu, pomoc a cas, ktory ste mi venovali.

[vyosek]

Nemate zac, rad jsem pomohl Zase nekdy

A na zaklade Pravidla o zamykani temat