- Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:
Kód: Vybrat vše
Start CloseProcesses: CreateRestorePoint: HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = SearchScopes: HKU\S-1-5-21-1243976712-1797555765-2480249262-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 2018-03-04 10:05 - 2017-12-02 11:21 - 000000000 ____D C:\Users\Josef\AppData\Roaming\Seznam.cz 2018-03-04 10:05 - 2017-12-02 11:21 - 000000000 ____D C:\Program Files (x86)\Seznam.cz ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0] AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm [0] HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe" C:\ProgramData\NERO\NERO TUNEITUP C:\Users\All Users\NERO\NERO TUNEITUP DeleteKey: HKU\S-1-5-21-1243976712-1797555765-2480249262-1001\Software\Burn4Free DeleteKey: HKCU\Software\Burn4Free DeleteKey: HKLM\SOFTWARE\Classes\CLSID\{8BF0126F-A5B7-4720-ABB2-2414A0AF5474} DeleteKey: HKU\S-1-5-21-1243976712-1797555765-2480249262-1001\Software\csastats DeleteKey: HKCU\Software\csastats DeleteKey: HKU\S-1-5-21-1243976712-1797555765-2480249262-1001\Software\PRODUCTSETUP DeleteKey: HKCU\Software\PRODUCTSETUP Hosts: EmptyTemp: End
- Uloz na plochu s nazvom fixlist.txt
- Spusti znovu FRST a klikni na Fix
- Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
- Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
pomalý prohlížeč
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: pomalý prohlížeč
Otvor poznamkovy blok (Win+R -> notepad -> enter)
Naposledy upravil(a) Conder dne 18 bře 2018 20:20, celkem upraveno 2 x.
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Re: pomalý prohlížeč
Fix result of Farbar Recovery Scan Tool (x64) Version: 14.03.2018
Ran by Josef (18-03-2018 20:06:48) Run:2
Running from C:\Users\Josef\Desktop
Loaded Profiles: Josef (Available Profiles: Josef)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
SearchScopes: HKU\S-1-5-21-1243976712-1797555765-2480249262-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
2018-03-04 10:05 - 2017-12-02 11:21 - 000000000 ____D C:\Users\Josef\AppData\Roaming\Seznam.cz
2018-03-04 10:05 - 2017-12-02 11:21 - 000000000 ____D C:\Program Files (x86)\Seznam.cz
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm [0]
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
C:\ProgramData\NERO\NERO TUNEITUP
C:\Users\All Users\NERO\NERO TUNEITUP
DeleteKey: HKU\S-1-5-21-1243976712-1797555765-2480249262-1001\Software\Burn4Free
DeleteKey: HKCU\Software\Burn4Free
DeleteKey: HKLM\SOFTWARE\Classes\CLSID\{8BF0126F-A5B7-4720-ABB2-2414A0AF5474}
DeleteKey: HKU\S-1-5-21-1243976712-1797555765-2480249262-1001\Software\csastats
DeleteKey: HKCU\Software\csastats
DeleteKey: HKU\S-1-5-21-1243976712-1797555765-2480249262-1001\Software\PRODUCTSETUP
DeleteKey: HKCU\Software\PRODUCTSETUP
Hosts:
EmptyTemp:
End
*****************
Processes closed successfully.
Restore point was successfully created.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Local Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Local Page => value restored successfully
"HKU\S-1-5-21-1243976712-1797555765-2480249262-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
C:\Users\Josef\AppData\Roaming\Seznam.cz => moved successfully
C:\Program Files (x86)\Seznam.cz => moved successfully
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui" => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
C:\ProgramData\Reprise => ":wupeogjxlctlfudivq`qsp`28hfm" ADS removed successfully
C:\ProgramData\Reprise => ":wupeogjxldtlfudivq`qsp`26hfm" ADS removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32\\Wondershare Helper Compact.exe" => removed successfully
"HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Wondershare Helper Compact.exe" => not found
C:\ProgramData\NERO\NERO TUNEITUP => moved successfully
"C:\Users\All Users\NERO\NERO TUNEITUP" => not found
"HKU\S-1-5-21-1243976712-1797555765-2480249262-1001\Software\Burn4Free" => removed successfully
HKCU\Software\Burn4Free => not found
HKLM\SOFTWARE\Classes\CLSID\{8BF0126F-A5B7-4720-ABB2-2414A0AF5474} => not found
"HKU\S-1-5-21-1243976712-1797555765-2480249262-1001\Software\csastats" => removed successfully
HKCU\Software\csastats => not found
"HKU\S-1-5-21-1243976712-1797555765-2480249262-1001\Software\PRODUCTSETUP" => removed successfully
HKCU\Software\PRODUCTSETUP => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 9199616 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 106897237 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 513528 B
Edge => 95232 B
Chrome => 389991377 B
Firefox => 16341129 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 3266 B
NetworkService => 49152 B
Josef => 10898228 B
RecycleBin => 8288925 B
EmptyTemp: => 517.2 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 20:08:38 ====
Ran by Josef (18-03-2018 20:06:48) Run:2
Running from C:\Users\Josef\Desktop
Loaded Profiles: Josef (Available Profiles: Josef)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
SearchScopes: HKU\S-1-5-21-1243976712-1797555765-2480249262-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
2018-03-04 10:05 - 2017-12-02 11:21 - 000000000 ____D C:\Users\Josef\AppData\Roaming\Seznam.cz
2018-03-04 10:05 - 2017-12-02 11:21 - 000000000 ____D C:\Program Files (x86)\Seznam.cz
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm [0]
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
C:\ProgramData\NERO\NERO TUNEITUP
C:\Users\All Users\NERO\NERO TUNEITUP
DeleteKey: HKU\S-1-5-21-1243976712-1797555765-2480249262-1001\Software\Burn4Free
DeleteKey: HKCU\Software\Burn4Free
DeleteKey: HKLM\SOFTWARE\Classes\CLSID\{8BF0126F-A5B7-4720-ABB2-2414A0AF5474}
DeleteKey: HKU\S-1-5-21-1243976712-1797555765-2480249262-1001\Software\csastats
DeleteKey: HKCU\Software\csastats
DeleteKey: HKU\S-1-5-21-1243976712-1797555765-2480249262-1001\Software\PRODUCTSETUP
DeleteKey: HKCU\Software\PRODUCTSETUP
Hosts:
EmptyTemp:
End
*****************
Processes closed successfully.
Restore point was successfully created.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Local Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Local Page => value restored successfully
"HKU\S-1-5-21-1243976712-1797555765-2480249262-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
C:\Users\Josef\AppData\Roaming\Seznam.cz => moved successfully
C:\Program Files (x86)\Seznam.cz => moved successfully
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui" => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
C:\ProgramData\Reprise => ":wupeogjxlctlfudivq`qsp`28hfm" ADS removed successfully
C:\ProgramData\Reprise => ":wupeogjxldtlfudivq`qsp`26hfm" ADS removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32\\Wondershare Helper Compact.exe" => removed successfully
"HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Wondershare Helper Compact.exe" => not found
C:\ProgramData\NERO\NERO TUNEITUP => moved successfully
"C:\Users\All Users\NERO\NERO TUNEITUP" => not found
"HKU\S-1-5-21-1243976712-1797555765-2480249262-1001\Software\Burn4Free" => removed successfully
HKCU\Software\Burn4Free => not found
HKLM\SOFTWARE\Classes\CLSID\{8BF0126F-A5B7-4720-ABB2-2414A0AF5474} => not found
"HKU\S-1-5-21-1243976712-1797555765-2480249262-1001\Software\csastats" => removed successfully
HKCU\Software\csastats => not found
"HKU\S-1-5-21-1243976712-1797555765-2480249262-1001\Software\PRODUCTSETUP" => removed successfully
HKCU\Software\PRODUCTSETUP => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 9199616 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 106897237 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 513528 B
Edge => 95232 B
Chrome => 389991377 B
Firefox => 16341129 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 3266 B
NetworkService => 49152 B
Josef => 10898228 B
RecycleBin => 8288925 B
EmptyTemp: => 517.2 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 20:08:38 ====
Re: pomalý prohlížeč
Spusti este tento fixlist:
Otvor poznamkovy blok (Win+R -> notepad -> enter)
Otvor poznamkovy blok (Win+R -> notepad -> enter)
- Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:
Kód: Vybrat vše
Start CloseProcesses: Folder: C:\Users\Josef\AppData\Roaming\Macromedia File: C:\Users\Josef\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\ErrorCheck.exe VirusTotal: C:\Users\Josef\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\ErrorCheck.exe File: C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIHJE.EXE Task: {B87308E6-9001-41BE-A5D7-F55683A08569} - System32\Tasks\Macromedia\ErrorCheck => C:\Users\Josef\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\ErrorCheck.exe C:\Users\Josef\AppData\Roaming\Macromedia\Flash Player\macromedia.com EmptyTemp: End
- Uloz na plochu s nazvom fixlist.txt
- Spusti znovu FRST a klikni na Fix
- Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
- Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Re: pomalý prohlížeč
Fix result of Farbar Recovery Scan Tool (x64) Version: 14.03.2018
Ran by Josef (18-03-2018 20:52:04) Run:4
Running from C:\Users\Josef\Desktop
Loaded Profiles: Josef (Available Profiles: Josef)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
Folder: C:\Users\Josef\AppData\Roaming\Macromedia
File: C:\Users\Josef\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\ErrorCheck.exe
VirusTotal: C:\Users\Josef\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\ErrorCheck.exe
File: C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIHJE.EXE
Task: {B87308E6-9001-41BE-A5D7-F55683A08569} - System32\Tasks\Macromedia\ErrorCheck => C:\Users\Josef\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\ErrorCheck.exe
C:\Users\Josef\AppData\Roaming\Macromedia\Flash Player\macromedia.com
EmptyTemp:
End
*****************
Ran by Josef (18-03-2018 20:52:04) Run:4
Running from C:\Users\Josef\Desktop
Loaded Profiles: Josef (Available Profiles: Josef)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
Folder: C:\Users\Josef\AppData\Roaming\Macromedia
File: C:\Users\Josef\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\ErrorCheck.exe
VirusTotal: C:\Users\Josef\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\ErrorCheck.exe
File: C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIHJE.EXE
Task: {B87308E6-9001-41BE-A5D7-F55683A08569} - System32\Tasks\Macromedia\ErrorCheck => C:\Users\Josef\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\ErrorCheck.exe
C:\Users\Josef\AppData\Roaming\Macromedia\Flash Player\macromedia.com
EmptyTemp:
End
*****************
Re: pomalý prohlížeč
Fixlog nie je cely. Skus spustit fixlist este raz.
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Re: pomalý prohlížeč
Fix result of Farbar Recovery Scan Tool (x64) Version: 14.03.2018
Ran by Josef (18-03-2018 21:18:39) Run:5
Running from C:\Users\Josef\Desktop
Loaded Profiles: Josef (Available Profiles: Josef)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
Folder: C:\Users\Josef\AppData\Roaming\Macromedia
File: C:\Users\Josef\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\ErrorCheck.exe
VirusTotal: C:\Users\Josef\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\ErrorCheck.exe
File: C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIHJE.EXE
Task: {B87308E6-9001-41BE-A5D7-F55683A08569} - System32\Tasks\Macromedia\ErrorCheck => C:\Users\Josef\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\ErrorCheck.exe
C:\Users\Josef\AppData\Roaming\Macromedia\Flash Player\macromedia.com
EmptyTemp:
End
*****************
Processes closed successfully.
========================= Folder: C:\Users\Josef\AppData\Roaming\Macromedia ========================
2017-11-25 13:22 - 2018-03-18 20:44 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Josef\AppData\Roaming\Macromedia\Flash Player
2017-11-25 13:22 - 2018-03-18 20:08 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Josef\AppData\Roaming\Macromedia\Flash Player\#SharedObjects
2017-11-25 13:22 - 2017-11-25 13:22 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Josef\AppData\Roaming\Macromedia\Flash Player\openssl
2017-11-25 13:22 - 2018-03-04 12:03 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Josef\AppData\Roaming\Macromedia\Flash Player\openssl\cache
====== End of Folder: ======
========================= File: C:\Users\Josef\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\ErrorCheck.exe ========================
"C:\Users\Josef\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\ErrorCheck.exe" => not found
====== End of File: ======
"VirusTotal: C:\Users\Josef\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\ErrorCheck.exe" => not found
========================= File: C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIHJE.EXE ========================
C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIHJE.EXE
File is digitally signed
MD5: 2287DAEA100837E40232FD9053F635D8
Creation and modification date: 2017-12-04 09:50 - 2017-12-04 09:49
Size: 000283232
Attributes: ----A
Company Name: SEIKO EPSON CORPORATION
Internal Name: E_S50ICB
Original Name: E_S50ICB.EXE
Product: EPSON Status Monitor 3
Description: EPSON Status Monitor 3
File Version: 7.03
Product Version: 7.03
Copyright: Copyright (C) SEIKO EPSON CORP. 2012
VirusTotal: https://www.virustotal.com/file/8e905b8 ... 521159638/
====== End of File: ======
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B87308E6-9001-41BE-A5D7-F55683A08569} => could not remove. Access Denied.
"C:\WINDOWS\System32\Tasks\Macromedia\ErrorCheck" => not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Macromedia\ErrorCheck => could not remove. Access Denied.
"C:\Users\Josef\AppData\Roaming\Macromedia\Flash Player\macromedia.com" => not found
=========== EmptyTemp: ==========
BITS transfer queue => 9199616 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 10501024 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 513528 B
Edge => 0 B
Chrome => 12876929 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 818 B
NetworkService => 0 B
Josef => 112306 B
RecycleBin => 4632 B
EmptyTemp: => 31.7 MB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 18-03-2018 21:20:53)
Result of scheduled keys to remove after reboot:
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B87308E6-9001-41BE-A5D7-F55683A08569} => could not remove. Access Denied.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Macromedia\ErrorCheck => could not remove. Access Denied.
==== End of Fixlog 21:20:53 ====
Ran by Josef (18-03-2018 21:18:39) Run:5
Running from C:\Users\Josef\Desktop
Loaded Profiles: Josef (Available Profiles: Josef)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
Folder: C:\Users\Josef\AppData\Roaming\Macromedia
File: C:\Users\Josef\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\ErrorCheck.exe
VirusTotal: C:\Users\Josef\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\ErrorCheck.exe
File: C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIHJE.EXE
Task: {B87308E6-9001-41BE-A5D7-F55683A08569} - System32\Tasks\Macromedia\ErrorCheck => C:\Users\Josef\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\ErrorCheck.exe
C:\Users\Josef\AppData\Roaming\Macromedia\Flash Player\macromedia.com
EmptyTemp:
End
*****************
Processes closed successfully.
========================= Folder: C:\Users\Josef\AppData\Roaming\Macromedia ========================
2017-11-25 13:22 - 2018-03-18 20:44 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Josef\AppData\Roaming\Macromedia\Flash Player
2017-11-25 13:22 - 2018-03-18 20:08 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Josef\AppData\Roaming\Macromedia\Flash Player\#SharedObjects
2017-11-25 13:22 - 2017-11-25 13:22 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Josef\AppData\Roaming\Macromedia\Flash Player\openssl
2017-11-25 13:22 - 2018-03-04 12:03 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Josef\AppData\Roaming\Macromedia\Flash Player\openssl\cache
====== End of Folder: ======
========================= File: C:\Users\Josef\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\ErrorCheck.exe ========================
"C:\Users\Josef\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\ErrorCheck.exe" => not found
====== End of File: ======
"VirusTotal: C:\Users\Josef\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\ErrorCheck.exe" => not found
========================= File: C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIHJE.EXE ========================
C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIHJE.EXE
File is digitally signed
MD5: 2287DAEA100837E40232FD9053F635D8
Creation and modification date: 2017-12-04 09:50 - 2017-12-04 09:49
Size: 000283232
Attributes: ----A
Company Name: SEIKO EPSON CORPORATION
Internal Name: E_S50ICB
Original Name: E_S50ICB.EXE
Product: EPSON Status Monitor 3
Description: EPSON Status Monitor 3
File Version: 7.03
Product Version: 7.03
Copyright: Copyright (C) SEIKO EPSON CORP. 2012
VirusTotal: https://www.virustotal.com/file/8e905b8 ... 521159638/
====== End of File: ======
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B87308E6-9001-41BE-A5D7-F55683A08569} => could not remove. Access Denied.
"C:\WINDOWS\System32\Tasks\Macromedia\ErrorCheck" => not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Macromedia\ErrorCheck => could not remove. Access Denied.
"C:\Users\Josef\AppData\Roaming\Macromedia\Flash Player\macromedia.com" => not found
=========== EmptyTemp: ==========
BITS transfer queue => 9199616 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 10501024 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 513528 B
Edge => 0 B
Chrome => 12876929 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 818 B
NetworkService => 0 B
Josef => 112306 B
RecycleBin => 4632 B
EmptyTemp: => 31.7 MB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 18-03-2018 21:20:53)
Result of scheduled keys to remove after reboot:
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B87308E6-9001-41BE-A5D7-F55683A08569} => could not remove. Access Denied.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Macromedia\ErrorCheck => could not remove. Access Denied.
==== End of Fixlog 21:20:53 ====
Re: pomalý prohlížeč
Ako to vyzera s PC, nastala nejaka zmena, pripadne su este nejake problemy?
Poprosim spustit este tento fixlist:
Otvor poznamkovy blok (Win+R -> notepad -> enter)
Poprosim spustit este tento fixlist:
Otvor poznamkovy blok (Win+R -> notepad -> enter)
- Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:
Kód: Vybrat vše
Start CloseProocesses: File: C:\FRST\Quarantine\C\Users\Josef\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\ErrorCheck.exe.xBAD VirusTotal: C:\FRST\Quarantine\C\Users\Josef\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\ErrorCheck.exe.xBAD DeleteKey: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B87308E6-9001-41BE-A5D7-F55683A08569} DeleteKey: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Macromedia\ErrorCheck End
- Uloz na plochu s nazvom fixlist.txt
- Spusti znovu FRST a klikni na Fix
- Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
- Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Re: pomalý prohlížeč
Fix result of Farbar Recovery Scan Tool (x64) Version: 14.03.2018
Ran by Josef (18-03-2018 21:47:53) Run:6
Running from C:\Users\Josef\Desktop
Loaded Profiles: Josef (Available Profiles: Josef)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProocesses:
File: C:\FRST\Quarantine\C\Users\Josef\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\ErrorCheck.exe.xBAD
VirusTotal: C:\FRST\Quarantine\C\Users\Josef\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\ErrorCheck.exe.xBAD
DeleteKey: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B87308E6-9001-41BE-A5D7-F55683A08569}
DeleteKey: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Macromedia\ErrorCheck
End
*****************
CloseProocesses: => Error: No automatic fix found for this entry.
========================= File: C:\FRST\Quarantine\C\Users\Josef\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\ErrorCheck.exe.xBAD ========================
"C:\FRST\Quarantine\C\Users\Josef\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\ErrorCheck.exe.xBAD" => not found
====== End of File: ======
"VirusTotal: C:\FRST\Quarantine\C\Users\Josef\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\ErrorCheck.exe.xBAD" => not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B87308E6-9001-41BE-A5D7-F55683A08569} => could not remove. Access Denied.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Macromedia\ErrorCheck => could not remove. Access Denied.
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 18-03-2018 21:49:36)
Result of scheduled keys to remove after reboot:
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B87308E6-9001-41BE-A5D7-F55683A08569} => could not remove. Access Denied.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Macromedia\ErrorCheck => could not remove. Access Denied.
==== End of Fixlog 21:49:36 ====
Ran by Josef (18-03-2018 21:47:53) Run:6
Running from C:\Users\Josef\Desktop
Loaded Profiles: Josef (Available Profiles: Josef)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProocesses:
File: C:\FRST\Quarantine\C\Users\Josef\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\ErrorCheck.exe.xBAD
VirusTotal: C:\FRST\Quarantine\C\Users\Josef\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\ErrorCheck.exe.xBAD
DeleteKey: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B87308E6-9001-41BE-A5D7-F55683A08569}
DeleteKey: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Macromedia\ErrorCheck
End
*****************
CloseProocesses: => Error: No automatic fix found for this entry.
========================= File: C:\FRST\Quarantine\C\Users\Josef\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\ErrorCheck.exe.xBAD ========================
"C:\FRST\Quarantine\C\Users\Josef\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\ErrorCheck.exe.xBAD" => not found
====== End of File: ======
"VirusTotal: C:\FRST\Quarantine\C\Users\Josef\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\ErrorCheck.exe.xBAD" => not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B87308E6-9001-41BE-A5D7-F55683A08569} => could not remove. Access Denied.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Macromedia\ErrorCheck => could not remove. Access Denied.
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 18-03-2018 21:49:36)
Result of scheduled keys to remove after reboot:
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B87308E6-9001-41BE-A5D7-F55683A08569} => could not remove. Access Denied.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Macromedia\ErrorCheck => could not remove. Access Denied.
==== End of Fixlog 21:49:36 ====
Re: pomalý prohlížeč
Ako to vyzera s PC, nastala nejaka zmena, pripadne su este nejake problemy?
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Re: pomalý prohlížeč
na začátku je to stejné ,čekám než se to načte, ale pak už je to něco rychlejší
Re: pomalý prohlížeč
Stiahni Zoek: http://download.bleepingcomputer.com/smeenk/zoek.exe
- Uloz na plochu a spusti ako spravca
- Do okna skopiruj nasledujuci script:
Kód: Vybrat vše
autoclean; resethosts; emptyclsid; IEdefaults; FFdefaults; CHRdefaults; emptyIEcache; emptyFFcache; emptyCHRcache; emptyalltemp; emptyflash; emptyjava; emptyrecycle.bin;
- Klikni na Run script
- Pockaj na dokoncenie a restartovanie PC
- Po restartovani vyskoci log (pripadne bude v C:\zoek-results.log), jeho obsah sem skopiruj
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Re: pomalý prohlížeč
tak jsem to stáhl a instaloval ale udělalo se jen tohle ani se to nerestartovalo. Tak nevím.
Re: pomalý prohlížeč
Zoek.exe is still running.
Do not start any browser windows, they may get closed automatically.
Please wait! This window will close when finished.
A logfile will open afterwards and can also be found on your systemdrive as zoek-results.log
Do not start any browser windows, they may get closed automatically.
Please wait! This window will close when finished.
A logfile will open afterwards and can also be found on your systemdrive as zoek-results.log
Re: pomalý prohlížeč
Ten script si tam skopiroval? Ako dlho to je v takomto stave?
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Re: pomalý prohlížeč
Zoek.exe v5.0.0.2 Updated 21-Februari-2018(online version)
Tool run by Josef on 19.03.2018 at 15:56:29,68.
Microsoft Windows 10 Pro 10.0.16299 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Josef\Desktop\zoek.exe [Scan all users] [Script inserted]
==== Older Logs ======================
C:\zoek-results2018-03-19-145009.log 406 bytes
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
127.0.0.1 localhost
==== FireFox Fix ======================
Deleted from C:\Users\Josef\AppData\Roaming\Mozilla\Firefox\Profiles\g8oxpwau.default\prefs.js:
user_pref("browser.startup.homepage", "https://www.seznam.cz/");
Added to C:\Users\Josef\AppData\Roaming\Mozilla\Firefox\Profiles\g8oxpwau.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
Deleted from C:\Users\Josef\AppData\Roaming\Mozilla\Firefox\Profiles\jugoxqbc.default-1520583012548\prefs.js:
Added to C:\Users\Josef\AppData\Roaming\Mozilla\Firefox\Profiles\jugoxqbc.default-1520583012548\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Firefox Start and Search pages ======================
ProfilePath: C:\Users\Josef\AppData\Roaming\Mozilla\Firefox\Profiles\g8oxpwau.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
ProfilePath: C:\Users\Josef\AppData\Roaming\Mozilla\Firefox\Profiles\jugoxqbc.default-1520583012548
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Firefox Extensions ======================
==== Firefox Plugins ======================
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
==== All HKLM and HKCU SearchScopes ======================
HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
==== Reset Google Chrome ======================
C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Web Data will be reset at reboot
C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal will be reset at reboot
==== Empty IE Cache ======================
C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Josef\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Josef\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
==== Empty FireFox Cache ======================
No FireFox Profiles found
==== Empty Edge Cache ======================
Edge Cache Emptied Successfully
==== Empty Chrome Cache ======================
C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Cache will be emptied at reboot
==== Empty All Flash Cache ======================
No Flash Cache Found
==== Empty All Java Cache ======================
No Java Cache Found
==== C:\zoek_backup content ======================
C:\zoek_backup (files=0 folders=0 0 bytes)
==== Empty Temp Folders ======================
C:\WINDOWS\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\WINDOWS\Temp successfully emptied
C:\Users\Josef\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Web Data" not found
"C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal" not found
"C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0" deleted
"C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1" deleted
"C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2" deleted
"C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3" deleted
"C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Cache\index" deleted
==== EOF on 19.03.2018 at 16:04:15,40 ======================
Tool run by Josef on 19.03.2018 at 15:56:29,68.
Microsoft Windows 10 Pro 10.0.16299 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Josef\Desktop\zoek.exe [Scan all users] [Script inserted]
==== Older Logs ======================
C:\zoek-results2018-03-19-145009.log 406 bytes
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
127.0.0.1 localhost
==== FireFox Fix ======================
Deleted from C:\Users\Josef\AppData\Roaming\Mozilla\Firefox\Profiles\g8oxpwau.default\prefs.js:
user_pref("browser.startup.homepage", "https://www.seznam.cz/");
Added to C:\Users\Josef\AppData\Roaming\Mozilla\Firefox\Profiles\g8oxpwau.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
Deleted from C:\Users\Josef\AppData\Roaming\Mozilla\Firefox\Profiles\jugoxqbc.default-1520583012548\prefs.js:
Added to C:\Users\Josef\AppData\Roaming\Mozilla\Firefox\Profiles\jugoxqbc.default-1520583012548\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Firefox Start and Search pages ======================
ProfilePath: C:\Users\Josef\AppData\Roaming\Mozilla\Firefox\Profiles\g8oxpwau.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
ProfilePath: C:\Users\Josef\AppData\Roaming\Mozilla\Firefox\Profiles\jugoxqbc.default-1520583012548
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Firefox Extensions ======================
==== Firefox Plugins ======================
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
==== All HKLM and HKCU SearchScopes ======================
HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
==== Reset Google Chrome ======================
C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Web Data will be reset at reboot
C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal will be reset at reboot
==== Empty IE Cache ======================
C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Josef\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Josef\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
==== Empty FireFox Cache ======================
No FireFox Profiles found
==== Empty Edge Cache ======================
Edge Cache Emptied Successfully
==== Empty Chrome Cache ======================
C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Cache will be emptied at reboot
==== Empty All Flash Cache ======================
No Flash Cache Found
==== Empty All Java Cache ======================
No Java Cache Found
==== C:\zoek_backup content ======================
C:\zoek_backup (files=0 folders=0 0 bytes)
==== Empty Temp Folders ======================
C:\WINDOWS\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\WINDOWS\Temp successfully emptied
C:\Users\Josef\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Web Data" not found
"C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal" not found
"C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0" deleted
"C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1" deleted
"C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2" deleted
"C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3" deleted
"C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Cache\index" deleted
==== EOF on 19.03.2018 at 16:04:15,40 ======================