VIRY.CZ

Dobrý den,
mám problém: při spuštění některých aplikací mi píše error, že ta aplikace není platná typu Win32. Co s tím mám dělat? Prosím pomožte

Zdravím!
Zkusíme prověřit. Dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .

Ok děkuji moc za odpověď!

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:22-05-2016 01
Ran by Magda (administrator) on SESTRA (22-05-2016 18:52:09)
Running from C:\Documents and Settings\Magda\Dokumenty\Downloads
Loaded Profiles: Magda (Available Profiles: Magda)
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) Language: Čeština
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\PROGRA~1\AVG\AVG2013\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgcsrvx.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(Intel Corporation) C:\Program Files\Intel\AMT\atchk.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgui.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files\Intel\AMT\atchksrv.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgwdsvc.exe
(HP) C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgnsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgemcx.exe
(HP) C:\WINDOWS\system32\HPSIsvc.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Intel) C:\Program Files\Intel\AMT\LMS.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
(Intel) C:\Program Files\Intel\AMT\UNS.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\tv_w32.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgcsrvx.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SoundMAXPnP] => C:\Program Files\Analog Devices\Core\smax4pnp.exe [1036288 2007-08-01] (Analog Devices, Inc.)
HKLM\...\Run: [atchk] => C:\Program Files\Intel\AMT\atchk.exe [408344 2007-06-12] (Intel Corporation)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [HPUsageTrackingLEDM] => C:\Program Files\HP\HP UT LEDM\bin\hppusg.exe [30264 2009-10-15] (Hewlett-Packard Company)
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2013\avgui.exe [4431848 2015-12-15] (AVG Technologies CZ, s.r.o.)
HKLM\...\RunOnce: [Malwarebytes Anti-Malware] => C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [532040 2013-04-04] (Malwarebytes Corporation)
Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll [2011-07-08] (ATI Technologies Inc.)
HKU\S-1-5-18\...\Run: [DWQueuedReporting] => C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE [437160 2007-08-24] (Microsoft Corporation)
BootExecute: autocheck autochk * C:\PROGRA~1\AVG\AVG2013\avgrsx.exe /sync /restart

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{15C26D64-0EF7-48D7-99E0-7582A44C5CE1}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08] (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2013-12-10] (Oracle Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-28] (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-12-10] (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-28] (Google Inc.)

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2013-12-10] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2013-12-10] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-16] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-16] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2011-09-13] [not signed]
FF HKLM\...\Firefox\Extensions: [quickprint@hp.com] - C:\Program Files\Hewlett-Packard\SmartPrint\QPExtension => not found

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR Profile: C:\Documents and Settings\Magda\Local Settings\Data aplikací\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Documents and Settings\Magda\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-05-19]
CHR Extension: (Dokumenty Google) - C:\Documents and Settings\Magda\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-05-19]
CHR Extension: (Disk Google) - C:\Documents and Settings\Magda\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-05-19]
CHR Extension: (YouTube) - C:\Documents and Settings\Magda\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-05-19]
CHR Extension: (Tabulky Google) - C:\Documents and Settings\Magda\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-05-19]
CHR Extension: (Dokumenty Google offline) - C:\Documents and Settings\Magda\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-19]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Documents and Settings\Magda\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-19]
CHR Extension: (Gmail) - C:\Documents and Settings\Magda\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-05-19]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

"FGLPMCLA" => service was unlocked. <===== ATTENTION
"FGLPMKER" => service was unlocked. <===== ATTENTION

R2 atchksrv; C:\Program Files\Intel\AMT\atchksrv.exe [183064 2007-06-12] (Intel Corporation)
R2 AVGIDSAgent; C:\Program Files\AVG\AVG2013\avgidsagent.exe [4948456 2015-10-06] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2013\avgwdsvc.exe [283136 2013-11-20] (AVG Technologies CZ, s.r.o.)
R2 HP LaserJet Service; C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe [136192 2009-10-15] (HP) [File not signed]
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2013-12-10] (Oracle Corporation)
R2 LMS; C:\Program Files\Intel\AMT\LMS.exe [109336 2007-06-12] (Intel)
R2 UNS; C:\Program Files\Intel\AMT\UNS.exe [2521880 2007-06-12] (Intel)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AVGIDSDriver; C:\WINDOWS\System32\DRIVERS\avgidsdriverx.sys [208184 2013-11-25] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\WINDOWS\System32\DRIVERS\avgidshx.sys [122320 2015-05-21] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\WINDOWS\System32\DRIVERS\avgidsshimx.sys [32672 2015-11-25] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\WINDOWS\System32\DRIVERS\avgldx86.sys [172856 2014-11-04] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\WINDOWS\System32\DRIVERS\avglogx.sys [278992 2015-05-21] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\WINDOWS\System32\DRIVERS\avgmfx86.sys [159648 2016-03-03] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\WINDOWS\System32\DRIVERS\avgrkx86.sys [39224 2013-10-23] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\WINDOWS\System32\DRIVERS\avgtdix.sys [191440 2015-05-26] (AVG Technologies CZ, s.r.o.)
S3 E1000; C:\WINDOWS\System32\DRIVERS\e1000nt5.sys [51231 2001-10-24] (Intel Corporation)
S3 FGLPMCLA; C:\WINDOWS\System32\DRIVERS\fglpmcla.sys [26160 2008-06-09] (Microsoft Corporation) [File not signed]
S3 FGLPMKER; C:\WINDOWS\System32\DRIVERS\fglpmkervault.sys [351488 2008-06-09] (Microsoft Corporation) [File not signed]
R3 MonitorFunction; C:\WINDOWS\System32\DRIVERS\TVMonitor.sys [13304 2013-06-06] (TeamViewer GmbH)
R3 SenFiltService; C:\WINDOWS\System32\drivers\Senfilt.sys [392960 2006-03-17] (Sensaura)
R3 teamviewervpn; C:\WINDOWS\System32\DRIVERS\teamviewervpn.sys [25088 2013-06-06] (TeamViewer GmbH)
S3 AIDA64Driver; \??\C:\Documents and Settings\User\Plocha\aida64extreme170\kerneld.x32 [X]
S4 IntelIde; no ImagePath
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
U1 WS2IFSL; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-05-22 18:52 - 2016-05-22 18:52 - 00000000 ____D C:\FRST
2016-05-22 18:34 - 2016-05-22 18:34 - 00000784 _____ C:\Documents and Settings\All Users\Plocha\Malwarebytes Anti-Malware.lnk
2016-05-22 18:34 - 2016-05-22 18:34 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2016-05-22 18:34 - 2016-05-22 18:34 - 00000000 ____D C:\Documents and Settings\Magda\Data aplikací\Malwarebytes
2016-05-22 18:34 - 2016-05-22 18:34 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Malwarebytes' Anti-Malware
2016-05-22 18:34 - 2016-05-22 18:34 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2016-05-22 18:34 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2016-05-22 18:01 - 2016-05-22 18:47 - 00000000 ____D C:\Program Files\trend micro
2016-05-22 18:01 - 2016-05-22 18:01 - 00000000 ____D C:\rsit
2016-05-21 20:58 - 2016-05-21 20:58 - 00000000 ____D C:\Documents and Settings\Magda\Plocha\kocar na prodej
2016-05-21 20:46 - 2016-05-21 20:46 - 00000104 _____ C:\Documents and Settings\Magda\Plocha\Tento počítač.lnk
2016-05-21 20:42 - 2008-04-14 04:21 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ptpusd.dll
2016-05-21 20:42 - 2001-10-24 12:25 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ptpusb.dll
2016-05-19 19:38 - 2016-05-19 19:38 - 00073352 _____ C:\Documents and Settings\Magda\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT
2016-05-19 17:19 - 2016-05-19 17:19 - 00000000 ____D C:\Documents and Settings\Magda\Local Settings\Data aplikací\Sun
2016-05-19 17:19 - 2016-05-19 17:19 - 00000000 ____D C:\Documents and Settings\Magda\Data aplikací\Sun
2016-05-19 17:19 - 2016-05-19 17:19 - 00000000 ____D C:\Documents and Settings\Magda\Data aplikací\Ashampoo
2016-05-19 17:14 - 2016-05-22 18:52 - 00000000 ____D C:\Documents and Settings\Magda\Local Settings\Temp
2016-05-19 17:14 - 2016-05-22 18:34 - 00000000 __RHD C:\Documents and Settings\Magda\Data aplikací
2016-05-19 17:14 - 2016-05-22 17:24 - 00000000 ____D C:\Documents and Settings\Magda\Plocha
2016-05-19 17:14 - 2016-05-22 17:09 - 00000000 ____D C:\Documents and Settings\Magda
2016-05-19 17:14 - 2016-05-21 21:54 - 00000178 ___SH C:\Documents and Settings\Magda\ntuser.ini
2016-05-19 17:14 - 2016-05-21 20:58 - 00000000 ___RD C:\Documents and Settings\Magda\Dokumenty\Obrázky
2016-05-19 17:14 - 2016-05-19 19:38 - 00000000 ___HD C:\Documents and Settings\Magda\Local Settings\Data aplikací
2016-05-19 17:14 - 2016-05-19 18:08 - 00000000 ____D C:\Documents and Settings\Magda\Local Settings\Data aplikací\Google
2016-05-19 17:14 - 2016-05-19 17:34 - 00000000 ___RD C:\Documents and Settings\Magda\Dokumenty
2016-05-19 17:14 - 2016-05-19 17:14 - 00000803 _____ C:\Documents and Settings\Magda\Nabídka Start\Programy\Internet Explorer.lnk
2016-05-19 17:14 - 2016-05-19 17:14 - 00000788 _____ C:\Documents and Settings\Magda\Nabídka Start\Programy\Windows Media Player.lnk
2016-05-19 17:14 - 2016-05-19 17:14 - 00000738 _____ C:\Documents and Settings\Magda\Nabídka Start\Programy\Outlook Express.lnk
2016-05-19 17:14 - 2016-05-19 17:14 - 00000000 __SHD C:\Documents and Settings\Magda\IETldCache
2016-05-19 17:14 - 2016-05-19 17:14 - 00000000 ___RD C:\Documents and Settings\Magda\Oblíbené položky
2016-05-19 17:14 - 2016-05-19 17:14 - 00000000 ___RD C:\Documents and Settings\Magda\Nabídka Start\Programy\Příslušenství
2016-05-19 17:14 - 2016-05-19 17:14 - 00000000 ___RD C:\Documents and Settings\Magda\Nabídka Start\Programy
2016-05-19 17:14 - 2016-05-19 17:14 - 00000000 ___RD C:\Documents and Settings\Magda\Dokumenty\Hudba
2016-05-19 17:14 - 2016-05-19 17:14 - 00000000 ____D C:\Documents and Settings\Magda\Local Settings\Data aplikací\Avg2013
2016-05-19 17:14 - 2016-05-19 17:14 - 00000000 ____D C:\Documents and Settings\Magda\Data aplikací\AVG2013
2016-05-19 17:14 - 2009-03-16 13:15 - 00000000 ___RD C:\Documents and Settings\Magda\Nabídka Start\Programy\Po spuštění
2016-05-19 17:14 - 2009-03-16 13:15 - 00000000 ___RD C:\Documents and Settings\Magda\Nabídka Start
2016-05-19 17:14 - 2009-03-16 13:15 - 00000000 ___HD C:\Documents and Settings\Magda\Okolní tiskárny
2016-05-19 17:14 - 2009-03-16 13:15 - 00000000 ___HD C:\Documents and Settings\Magda\Okolní síť
2016-05-19 17:14 - 2009-03-16 12:24 - 00001599 _____ C:\Documents and Settings\Magda\Nabídka Start\Programy\Vzdálená pomoc.lnk
2016-05-19 17:14 - 2009-03-16 12:21 - 00000000 ___HD C:\Documents and Settings\Magda\Šablony
2016-05-19 17:14 - 2008-04-14 05:22 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpns.dll
2016-05-16 16:43 - 2016-05-16 16:47 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\F-Secure
2016-05-16 16:36 - 2016-05-16 16:36 - 05405376 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerInstaller.exe
2016-05-16 16:36 - 2001-10-24 11:15 - 00040027 _____ C:\WINDOWS\system32\CNBJHLP.HLP
2016-05-16 16:36 - 2001-10-24 11:15 - 00000866 _____ C:\WINDOWS\system32\CNBJHLP.CNT

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-05-22 18:40 - 2013-12-10 16:58 - 00000940 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-05-22 18:37 - 2015-06-04 13:01 - 00001022 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1004336348-1757981266-725345543-1003UA.job
2016-05-22 18:36 - 2013-12-09 15:42 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-05-22 18:34 - 2009-03-16 13:15 - 00000000 __RHD C:\Documents and Settings\All Users\Data aplikací
2016-05-22 18:34 - 2009-03-16 13:15 - 00000000 ___RD C:\Documents and Settings\All Users\Nabídka Start\Programy
2016-05-22 18:34 - 2009-03-16 13:15 - 00000000 ____D C:\Documents and Settings\All Users\Plocha
2016-05-22 17:24 - 2013-11-28 18:53 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-05-22 17:18 - 2011-01-13 14:16 - 136686448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-05-22 17:10 - 2013-12-09 17:59 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-05-22 17:10 - 2013-12-09 17:59 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Microsoft Silverlight
2016-05-22 17:03 - 2013-12-09 15:43 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\MFAData
2016-05-22 16:41 - 2004-09-14 23:03 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2016-05-22 16:40 - 2014-03-25 08:56 - 00000220 _____ C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
2016-05-22 16:40 - 2013-12-10 16:58 - 00000936 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-05-22 16:40 - 2009-03-16 12:30 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-05-21 21:54 - 2009-03-16 12:30 - 00032600 ____N C:\WINDOWS\SchedLgU.Txt
2016-05-21 20:52 - 2009-03-16 13:09 - 00000000 ____D C:\WINDOWS\Help
2016-05-19 17:17 - 2011-01-13 13:49 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2016-05-19 17:17 - 2009-03-16 13:15 - 00000000 ____D C:\Documents and Settings
2016-05-18 16:37 - 2015-06-04 13:01 - 00000970 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1004336348-1757981266-725345543-1003Core.job
2016-05-16 16:36 - 2013-12-09 15:42 - 00797376 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2016-05-16 16:36 - 2013-12-09 15:42 - 00142528 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2016-05-16 16:23 - 2013-12-10 12:57 - 00000000 ____D C:\TISK
2016-05-16 16:22 - 2009-03-16 13:09 - 00000000 ___HD C:\WINDOWS\inf
2016-05-02 07:41 - 2013-12-09 16:35 - 00000134 _____ C:\Documents and Settings\All Users\Data aplikací\Praktik.INI
2016-04-28 16:47 - 2009-03-16 13:16 - 01210072 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-04-28 16:47 - 2004-09-14 22:56 - 00497208 _____ C:\WINDOWS\system32\perfh005.dat
2016-04-28 16:47 - 2004-09-14 22:56 - 00103074 _____ C:\WINDOWS\system32\perfc005.dat

==================== Files in the root of some directories =======

2014-04-24 08:36 - 2012-08-31 10:49 - 0024772 _____ () C:\Documents and Settings\All Users\Data aplikací\P1210DEF.css
2014-04-24 08:36 - 2012-11-08 13:00 - 0003787 ____R () C:\Documents and Settings\All Users\Data aplikací\P1210OS.HTM
2014-04-24 08:36 - 2012-08-31 10:49 - 0002944 _____ () C:\Documents and Settings\All Users\Data aplikací\P1210SIG.GIF
2013-12-09 16:35 - 2016-05-02 07:41 - 0000134 _____ () C:\Documents and Settings\All Users\Data aplikací\Praktik.INI

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of FRST.txt ============================

Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

# AdwCleaner v5.117 - Log soubor vytvořen 22/05/2016 o 20:48:00
# Aktualizováno 15/05/2016 by Xplode
# Databáze : 2016-05-15.2 [Server]
# Operační systém : Microsoft Windows XP Service Pack 3 (X86)
# Jméno uživatele : Magda - SESTRA
# Spuštěno z : C:\Documents and Settings\Magda\Dokumenty\Downloads\adwcleaner_5.117.exe
# Volba : Čištění
# Podpora : http://toolslib.net/forum

***** [ Služby ] *****


***** [ Složky ] *****


***** [ Soubory ] *****


***** [ DLLs ] *****


***** [ WMI ] *****


***** [ Zástupci ] *****


***** [ Naplánované úkoly ] *****


***** [ Registr ] *****

[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\protector_dll.Protector
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\protector_dll.Protector.1
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\protector_dll.ProtectorBho
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\protector_dll.ProtectorBho.1
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib.1

***** [ Webové prohlížeče ] *****


*************************

:: "Tracing" odstraněných kláves
:: Nastavení Winsock odstraněno

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [1260 bytes] - [22/05/2016 20:48:00]
C:\AdwCleaner\AdwCleaner[S1].txt - [1281 bytes] - [22/05/2016 20:46:51]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1406 bytes] ##########

Toto je OK. Otevřte poznámkový blok a zkopírujte do něj:

Start
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [] => [X]
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-28] (Google Inc.)
C:\Program Files\Google\Google Toolbar
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-28] (Google Inc.)
"FGLPMCLA" => service was unlocked. <===== ATTENTION
"FGLPMKER" => service was unlocked. <===== ATTENTION
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1004336348-1757981266-725345543-1003UA.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1004336348-1757981266-725345543-1003Core.job
End

Uložte do C:\Documents and Settings\Magda\Dokumenty\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

A to mám otevřít úplně nový poznámkový blok?

magda310 píše:A to mám otevřít úplně nový poznámkový blok?

Ano.

Hotovo, co dál?

Budete mít ještě zítra čas? Dnes už to evidentně nestihneme. Kolik toho bude ještě zapotřebí udělat? Jinak moc děkuji za pomoc!

Zítra tu, předpokládám, večer budu. Zadáním skriptu do poznámkového bloku, jeho uložení do C:\Documents and Settings\Magda\Dokumenty\Downloads a spuštění mazání se smaží uvedené hodnoty a soubory. Pokud to nepomůže, budeme pokračovat dalšími skeny, které vám oznámím podle výsledku tohoto mazání.

Opět hotovo, jak mám pokračovat?

Pokud stav trvá, udělejte kompletní sken MBAM: http://filehippo.com/download_malwareby ... are/14815/ a dejte log. Předem nic nemažte. Výzvu ke stažení nové verze programu ignorujte, ta pod XP nefunguje.

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Verze: v2013.04.04.07

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Magda :: SESTRA [administrátor]

23.5.2016 15:03:35
mbam-log-2016-05-23 (15-03-35).txt

Typ: Kompletní kontrola (C:\|D:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 232302
Uplynulý čas: 14 minut, 27 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

Toto je OK, váš problém není virový. Zkuste obnovu systému k datu, kdy korketně fungoval.