VIRY.CZ

Dobrý den,

v poslední době mám problém s prohlížeči, kdy mi někdy prostě z ničeho nic nereagují a se zpomalením pc.

Děkuji předem za rady

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 21-12-2016
Ran by zakaznik (administrator) on USER (01-01-2017 13:57:54)
Running from C:\Documents and Settings\zakaznik\Plocha
Loaded Profiles: zakaznik (Available Profiles: zakaznik & Administrator)
Platform: SystĂ©m Microsoft Windows XP Professional Service Pack 3 (X86) Language: ÄŚeĹˇtina
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(Check Point Software Technologies Ltd.) C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe
(Comodo) C:\Program Files\Comodo\Dragon\dragon_updater.exe
(Teruten) C:\WINDOWS\system32\FsUsbExService.Exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Check Point Software Technologies, Ltd.) C:\Program Files\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
(Canon Inc.) C:\Program Files\Canon\CAL\CALMAIN.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Check Point Software Technologies Ltd.) C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe
(forum.viry.cz) C:\Documents and Settings\zakaznik\Plocha\FRSTLauncher.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ZoneAlarm] => C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe [137352 2014-08-13] (Check Point Software Technologies Ltd.)
Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll [2009-02-25] (ATI Technologies Inc.)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2009-02-09] (Autodesk, Inc.)
BootExecute: autocheck autochk * sdnclean.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 94.74.192.252 94.74.192.244
Tcpip\..\Interfaces\{AF426A88-4E87-4378-A11C-AE6CA70FBAD9}: [DhcpNameServer] 94.74.192.252 94.74.192.244

Internet Explorer:
==================
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2052111302-2077806209-1801674531-1003 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2052111302-2077806209-1801674531-1003 -> {A3DD4E2F-70A3-483C-93B4-99593AD1FF7B} URL = hxxp://www.google.cz/search?q={searchTerms}&rl ... {startPage}
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-2052111302-2077806209-1801674531-1003 -> &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll [2008-04-14] (SpoleÄŤnost Microsoft)
DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} hxxp://icq.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2006-10-26] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: ksvtzl3d.default
FF ProfilePath: C:\Documents and Settings\zakaznik\Data aplikacĂ\Philips-Songbird\Profiles\auc2qxnj.default [2015-12-20]
FF NewTab: C:\Documents and Settings\zakaznik\Data aplikacĂ\Philips-Songbird\Profiles\auc2qxnj.default -> about:newtab
FF Homepage: C:\Documents and Settings\zakaznik\Data aplikacĂ\Philips-Songbird\Profiles\auc2qxnj.default -> about:home
FF NetworkProxy: C:\Documents and Settings\zakaznik\Data aplikacĂ\Philips-Songbird\Profiles\auc2qxnj.default -> no_proxies_on", "127.0.0.1;localhost"
FF Extension: (No Name) - C:\Program Files\Philips\Philips Songbird\extensions\albumart@songbirdnest.com [not found]
FF Extension: (No Name) - C:\Program Files\Philips\Philips Songbird\extensions\cd-rip@songbirdnest.com [not found]
FF Extension: (No Name) - C:\Program Files\Philips\Philips Songbird\extensions\ewaacdec@songbirdnest.com [not found]
FF Extension: (No Name) - C:\Program Files\Philips\Philips Songbird\extensions\ewmp3enc@songbirdnest.com [not found]
FF Extension: (No Name) - C:\Program Files\Philips\Philips Songbird\extensions\fileassociation@philips.com [not found]
FF Extension: (No Name) - C:\Program Files\Philips\Philips Songbird\extensions\gogear@songbirdnest.com [not found]
FF Extension: (No Name) - C:\Program Files\Philips\Philips Songbird\extensions\gonzo@songbirdnest.com [not found]
FF Extension: (No Name) - C:\Program Files\Philips\Philips Songbird\extensions\gracenote@songbirdnest.com [not found]
FF Extension: (No Name) - C:\Program Files\Philips\Philips Songbird\extensions\langpack-cs@songbirdnest.com [not found]
FF Extension: (No Name) - C:\Program Files\Philips\Philips Songbird\extensions\mashTape@songbirdnest.com [not found]
FF Extension: (No Name) - C:\Program Files\Philips\Philips Songbird\extensions\msc@songbirdnest.com [not found]
FF Extension: (No Name) - C:\Program Files\Philips\Philips Songbird\extensions\mtp@songbirdnest.com [not found]
FF Extension: (No Name) - C:\Program Files\Philips\Philips Songbird\extensions\philips-addon-manager@philips.com [not found]
FF Extension: (No Name) - C:\Program Files\Philips\Philips Songbird\extensions\philips-branding@philips.com [not found]
FF Extension: (No Name) - C:\Program Files\Philips\Philips Songbird\extensions\philips-likemusic@philips.com [not found]
FF Extension: (No Name) - C:\Program Files\Philips\Philips Songbird\extensions\philips-msc-mtp-switch@philips.com [not found]
FF Extension: (No Name) - C:\Program Files\Philips\Philips Songbird\extensions\philips-promotions@philips.com [not found]
FF Extension: (No Name) - C:\Program Files\Philips\Philips Songbird\extensions\philips-skin@philips.com [not found]
FF Extension: (No Name) - C:\Program Files\Philips\Philips Songbird\extensions\philips-ui@philips.com [not found]
FF Extension: (No Name) - C:\Program Files\Philips\Philips Songbird\extensions\purplerain@songbirdnest.com [not found]
FF Extension: (No Name) - C:\Program Files\Philips\Philips Songbird\extensions\windowsmedia@songbirdnest.com [not found]
FF ProfilePath: C:\Documents and Settings\zakaznik\Data aplikacĂ\Mozilla\Firefox\Profiles\ksvtzl3d.default [2017-01-01]
FF NewTab: C:\Documents and Settings\zakaznik\Data aplikacĂ\Mozilla\Firefox\Profiles\ksvtzl3d.default -> about:newtab
FF Homepage: C:\Documents and Settings\zakaznik\Data aplikacĂ\Mozilla\Firefox\Profiles\ksvtzl3d.default -> hxxp://google.com/
FF Session Restore: C:\Documents and Settings\zakaznik\Data aplikacĂ\Mozilla\Firefox\Profiles\ksvtzl3d.default -> is enabled.
FF Extension: (Adblock Plus) - C:\Documents and Settings\zakaznik\Data aplikacĂ\Mozilla\Firefox\Profiles\ksvtzl3d.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-23]
FF SearchPlugin: C:\Documents and Settings\zakaznik\Data aplikacĂ\Mozilla\Firefox\Profiles\ksvtzl3d.default\searchplugins\firmycz.xml [2015-08-04]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-01-10] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-25] ()
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @pages.tvunetworks.com/WebPlayer -> C:\Program Files\TVUPlayer\npTVUAx.dll [No File]
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [269504 2016-05-25] (Adobe Systems Incorporated) [File not signed]
S2 ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [593920 2009-02-25] () [File not signed]
R2 CCALib8; C:\Program Files\Canon\CAL\CALMAIN.exe [96370 2007-01-31] (Canon Inc.) [File not signed]
R2 DragonUpdater; C:\Program Files\Comodo\Dragon\dragon_updater.exe [2060848 2016-02-05] (Comodo)
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2009-10-17] (Macrovision Europe Ltd.) [File not signed]
R2 FsUsbExService; C:\WINDOWS\system32\FsUsbExService.Exe [217088 2010-11-15] (Teruten) [File not signed]
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 vsmon; C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe [3596752 2014-08-13] (Check Point Software Technologies Ltd.)
R2 ZAPrivacyService; C:\Program Files\CheckPoint\ZoneAlarm\ZaPrivacyService.exe [96272 2014-08-13] (Check Point Software Technologies, Ltd.)
S2 wmcmgc; C:\Program Files\Common Files\\System\icm64.dll [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1684736 2008-08-05] (Creative)
S3 BlueletAudio; C:\WINDOWS\System32\DRIVERS\blueletaudio.sys [20480 2005-05-31] (IVT Corporation) [File not signed]
S3 BT; C:\WINDOWS\System32\DRIVERS\btnetdrv.sys [10804 2005-04-30] (IVT Corporation) [File not signed]
S3 Btcsrusb; C:\WINDOWS\System32\Drivers\btcusb.sys [23000 2005-05-31] (IVT Corporation) [File not signed]
S3 BTHidEnum; C:\WINDOWS\System32\DRIVERS\vbtenum.sys [11860 2005-04-30] () [File not signed]
R0 BTHidMgr; C:\WINDOWS\System32\Drivers\BTHidMgr.sys [28271 2005-04-30] (IVT Corporation) [File not signed]
S3 BTNetFilter; C:\WINDOWS\system32\drivers\BTNetFilter.sys [13304 2004-12-16] () [File not signed]
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R3 FETNDIS; C:\WINDOWS\System32\DRIVERS\fetnd5.sys [27165 2001-08-17] (VIA Technologies, Inc. )
R3 FsUsbExDisk; C:\WINDOWS\system32\FsUsbExDisk.SYS [36640 2010-11-15] () [File not signed]
S3 LUsbFilt; C:\WINDOWS\System32\Drivers\LUsbFilt.Sys [28816 2008-12-18] (Logitech, Inc.)
S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1389056 2006-01-04] (Creative Technology Ltd.)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R2 null_flt; C:\WINDOWS\System32\Drivers\null_flt.sys [4736 2009-11-12] (null_flt) [File not signed]
R0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [721904 2009-10-21] () [File not signed]
S3 VComm; C:\WINDOWS\System32\DRIVERS\VComm.sys [61312 2004-10-19] (IVT Corporation) [File not signed]
S3 VcommMgr; C:\WINDOWS\System32\Drivers\VcommMgr.sys [82148 2005-03-25] (IVT Corporation) [File not signed]
R1 Vsdatant; C:\WINDOWS\System32\vsdatant.sys [534024 2014-08-13] (Check Point Software Technologies Ltd.)
U3 aidwo2vx; C:\WINDOWS\system32\Drivers\aidwo2vx.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
S4 IntelIde; no ImagePath
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
U5 Tcpip6; C:\Windows\System32\Drivers\Tcpip6.sys [226880 2010-02-11] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

NETSVC: wmcmgc -> C:\Program Files\Common Files\\System\icm64.dll ==> No File

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-01-01 13:57 - 2017-01-01 13:58 - 00013050 _____ C:\Documents and Settings\zakaznik\Plocha\FRST.txt
2017-01-01 13:57 - 2017-01-01 13:57 - 00000000 ____D C:\FRST
2017-01-01 13:52 - 2017-01-01 13:52 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\zakaznik\Plocha\FRSTLauncher.exe
2017-01-01 13:48 - 2017-01-01 13:48 - 01762816 _____ (Farbar) C:\Documents and Settings\zakaznik\Plocha\FRST.exe
2016-12-25 17:45 - 2016-12-25 17:45 - 00106169 _____ C:\Documents and Settings\zakaznik\Plocha\01.jpg
2016-12-25 10:00 - 2016-12-25 10:00 - 00061654 _____ C:\Documents and Settings\zakaznik\Plocha\i3w7ba.jpeg
2016-12-24 20:14 - 2016-12-24 20:14 - 00024720 _____ C:\Documents and Settings\zakaznik\Plocha\877f8c61212d49af4a7f9e02e2143d79.jpg
2016-12-23 15:38 - 2016-12-27 14:06 - 00000000 ____D C:\Documents and Settings\zakaznik\Plocha\regalis
2016-12-10 13:19 - 2016-12-10 13:19 - 00025078 _____ C:\Documents and Settings\zakaznik\Plocha\Black-Books-S03E05-The-Travel-Writer(0000050344).srt

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-01-01 13:58 - 2015-12-20 18:04 - 00000000 ____D C:\Documents and Settings\zakaznik\Local Settings\Temp
2017-01-01 13:58 - 2015-09-26 06:57 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-01-01 13:57 - 2009-06-01 17:01 - 00000000 ___HD C:\Documents and Settings\zakaznik\Local Settings\Data aplikacĂ
2017-01-01 13:57 - 2009-06-01 17:01 - 00000000 ____D C:\Documents and Settings\zakaznik\Plocha
2017-01-01 13:53 - 2009-06-01 17:01 - 00000000 ___RD C:\Documents and Settings\zakaznik\Dokumenty
2017-01-01 13:50 - 2011-05-13 21:28 - 00000000 ____D C:\Documents and Settings\zakaznik\Dokumenty\StaĹľenĂ© soubory
2017-01-01 12:46 - 2015-12-18 23:09 - 00000000 ____D C:\Program Files\Mozilla Firefox
2017-01-01 05:41 - 2016-04-18 13:29 - 00000228 _____ C:\WINDOWS\Tasks\PĹ™ihlĂˇĹˇenĂ k oznamovĂˇnĂ konce poskytovĂˇnĂ sluĹľeb pro Microsoft Windows XP.job
2017-01-01 05:41 - 2009-06-01 17:00 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-01-01 01:50 - 2009-06-01 17:00 - 00032584 _____ C:\WINDOWS\SchedLgU.Txt
2017-01-01 01:49 - 2009-06-01 17:01 - 00000178 ___SH C:\Documents and Settings\zakaznik\ntuser.ini
2016-12-31 20:49 - 2014-10-29 07:00 - 00001024 ____H C:\Documents and Settings\Administrator\NTUSER.DAT.LOG
2016-12-31 16:00 - 2009-06-07 19:55 - 00000000 ____D C:\Documents and Settings\zakaznik\Dokumenty\Downloads
2016-12-31 08:22 - 2001-10-25 13:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2016-12-13 21:28 - 2016-09-07 06:35 - 00000000 ____D C:\Documents and Settings\zakaznik\Plocha\NovĂˇ sloĹľka
2016-12-11 12:01 - 2015-05-19 10:40 - 00000000 ___RD C:\Documents and Settings\zakaznik\Plocha\FB
2016-12-08 15:18 - 2016-04-18 13:29 - 00000222 _____ C:\WINDOWS\Tasks\MÄ›sĂÄŤnĂ oznamovĂˇnĂ konce poskytovĂˇnĂ sluĹľeb pro Microsoft Windows XP.job
2016-12-02 08:41 - 2016-06-03 11:11 - 00000000 ____D C:\Documents and Settings\zakaznik\Plocha\fleĹˇhka

==================== Files in the root of some directories =======

2009-06-01 18:40 - 2009-06-01 19:10 - 0000760 _____ () C:\Documents and Settings\zakaznik\Data aplikacĂ\setup_ldm.iss
2009-06-12 14:38 - 2014-02-05 17:15 - 0065536 _____ () C:\Documents and Settings\zakaznik\Local Settings\Data aplikacĂ\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-10-25 08:03 - 2014-10-25 08:03 - 0207277 _____ () C:\Documents and Settings\All Users\Data aplikacĂ\1414220415.bdinstall.bin
2014-10-26 10:18 - 2014-10-26 10:18 - 0037179 _____ () C:\Documents and Settings\All Users\Data aplikacĂ\1414315113.bdinstall.bin
2014-10-26 10:19 - 2014-10-26 10:19 - 0096249 _____ () C:\Documents and Settings\All Users\Data aplikacĂ\1414315122.bdinstall.bin
2014-10-26 11:21 - 2014-10-26 11:21 - 0207273 _____ () C:\Documents and Settings\All Users\Data aplikacĂ\1414318805.bdinstall.bin
2014-10-26 15:37 - 2014-10-26 15:37 - 0037179 _____ () C:\Documents and Settings\All Users\Data aplikacĂ\1414334224.bdinstall.bin
2014-10-26 15:37 - 2014-10-26 15:37 - 0008071 _____ () C:\Documents and Settings\All Users\Data aplikacĂ\1414334232.1204.bin
2014-10-26 15:37 - 2014-10-26 15:38 - 0038964 _____ () C:\Documents and Settings\All Users\Data aplikacĂ\1414334232.1640.bin
2014-10-26 15:37 - 2014-10-26 15:38 - 0001301 _____ () C:\Documents and Settings\All Users\Data aplikacĂ\1414334232.3944.bin
2014-10-26 15:37 - 2014-10-26 15:37 - 0002405 _____ () C:\Documents and Settings\All Users\Data aplikacĂ\1414334232.592.bin
2014-10-26 15:50 - 2014-10-26 15:50 - 0031683 _____ () C:\Documents and Settings\All Users\Data aplikacĂ\1414335042.bdinstall.bin
2014-10-26 15:55 - 2014-10-26 15:55 - 0179684 _____ () C:\Documents and Settings\All Users\Data aplikacĂ\1414335266.bdinstall.bin
2014-11-08 07:23 - 2014-11-08 07:23 - 0037195 _____ () C:\Documents and Settings\All Users\Data aplikacĂ\1415427801.bdinstall.bin
2014-11-08 07:26 - 2014-11-08 07:26 - 0094635 _____ () C:\Documents and Settings\All Users\Data aplikacĂ\1415427808.bdinstall.bin
2014-11-08 07:38 - 2014-11-08 07:38 - 0044826 _____ () C:\Documents and Settings\All Users\Data aplikacĂ\1415428693.bdinstall.bin
2014-11-08 07:39 - 2014-11-08 07:43 - 0043812 _____ () C:\Documents and Settings\All Users\Data aplikacĂ\1415428771.2448.bin
2014-11-08 07:39 - 2014-11-08 07:39 - 0002055 _____ () C:\Documents and Settings\All Users\Data aplikacĂ\1415428771.2668.bin
2014-11-08 07:39 - 2014-11-08 07:43 - 0000798 _____ () C:\Documents and Settings\All Users\Data aplikacĂ\1415428771.2680.bin
2014-11-08 07:49 - 2014-11-08 07:49 - 0205917 _____ () C:\Documents and Settings\All Users\Data aplikacĂ\1415429242.bdinstall.bin
2014-11-17 09:42 - 2014-11-17 09:42 - 0037179 _____ () C:\Documents and Settings\All Users\Data aplikacĂ\1416213722.bdinstall.bin
2014-11-17 09:43 - 2014-11-17 09:43 - 0059465 _____ () C:\Documents and Settings\All Users\Data aplikacĂ\1416213728.bdinstall.bin
2014-11-17 09:45 - 2014-11-17 09:46 - 0043856 _____ () C:\Documents and Settings\All Users\Data aplikacĂ\1416213950.3204.bin
2014-11-17 09:45 - 2014-11-17 09:46 - 0003557 _____ () C:\Documents and Settings\All Users\Data aplikacĂ\1416213950.3348.bin
2014-11-17 09:45 - 2014-11-17 09:46 - 0003804 _____ () C:\Documents and Settings\All Users\Data aplikacĂ\1416213950.3352.bin
2014-11-17 09:46 - 2014-11-17 09:46 - 0039517 _____ () C:\Documents and Settings\All Users\Data aplikacĂ\1416213950.3412.bin

Some files in TEMP:
====================
C:\Documents and Settings\zakaznik\Local Settings\Temp\SkypeSetup.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

==================== MBR and Partition Table ==================

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\MÄ›sĂÄŤnĂ oznamovĂˇnĂ konce poskytovĂˇnĂ sluĹľeb pro Microsoft Windows XP.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\PĹ™ihlĂˇĹˇenĂ k oznamovĂˇnĂ konce poskytovĂˇnĂ sluĹľeb pro Microsoft Windows XP.job => C:\WINDOWS\system32\xp_eos.exe

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: ZoneAlarm Antivirus (Disabled - Up to date) {5D467B10-818C-4CAB-9FF7-6893B5B8F3CF}
FW: ZoneAlarm Firewall (Disabled) {829BDA32-94B3-44F4-8446-F8FCFF809F8B}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Documents and Settings\zakaznik\Plocha" je 574 MB.

***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe
C:\WINDOWS\system32\ctfmon.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL
"C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotPostWindows10UpgradeReInstall
"C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC
Režim ECHO je vypnut.

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^zakaznik^Nabídka Start^Programy^Po spuštění^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
C:\PROGRA~1\MICROS~2\Office12\ONENOTEM.EXE

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x0
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\ICQ7.2\\ICQ.exe"="C:\\Program Files\\ICQ7.2\\ICQ.exe:*:Enabled:ICQ7.2"
"C:\\Program Files\\ICQ7.2\\aolload.exe"="C:\\Program Files\\ICQ7.2\\aolload.exe:*:Enabled:aolload.exe"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\CheckPoint\\ZoneAlarm\\vsmon.exe"="C:\\Program Files\\CheckPoint\\ZoneAlarm\\vsmon.exe:*:Enabled:True Vector"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\\Program Files\\Steam\\Steam.exe"="C:\\Program Files\\Steam\\Steam.exe:*:Enabled:Steam"
"C:\\Program Files\\ICQ7.2\\ICQ.exe"="C:\\Program Files\\ICQ7.2\\ICQ.exe:*:Enabled:ICQ7.2"
"C:\\Program Files\\ICQ7.2\\aolload.exe"="C:\\Program Files\\ICQ7.2\\aolload.exe:*:Enabled:aolload.exe"
"C:\\Program Files\\Opera\\opera.exe"="C:\\Program Files\\Opera\\opera.exe:*:Enabled:Opera Internet Browser"
"C:\\Program Files\\Steam\\steamapps\\poorfox\\counter-strike\\hl.exe"="C:\\Program Files\\Steam\\steamapps\\poorfox\\counter-strike\\hl.exe:*:Enabled:Counter-Strike"
"C:\\Program Files\\Opera\\pluginwrapper\\opera_plugin_wrapper.exe"="C:\\Program Files\\Opera\\pluginwrapper\\opera_plugin_wrapper.exe:*:Enabled:Opera Internet Browser - Plugin wrapper"
"C:\\Documents and Settings\\zakaznik\\Plocha\\uTorrent.exe"="C:\\Documents and Settings\\zakaznik\\Plocha\\uTorrent.exe:*:Enabled:µTorrent"
"C:\\Documents and Settings\\zakaznik\\Data aplikací\\uTorrent\\uTorrent.exe"="C:\\Documents and Settings\\zakaznik\\Data aplikací\\uTorrent\\uTorrent.exe:*:Enabled:µTorrent"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\CheckPoint\\ZoneAlarm\\vsmon.exe"="C:\\Program Files\\CheckPoint\\ZoneAlarm\\vsmon.exe:*:Enabled:True Vector"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"="C:\\Program Files\\Mozilla Firefox\\firefox.exe:*:Enabled:'Firefox' (C:\\Program Files\\Mozilla Firefox)"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000

==================== End Of Log ==============================

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

# AdwCleaner v6.041 - Log vytvořen 02/01/2017 v 17:15:19
# Aktualizováno dne 16/12/2016 z Malwarebytes
# Databáze : 2017-01-02.1 [Server]
# Operační systém : Microsoft Windows XP Service Pack 3 (X86)
# Uživatelské jméno : zakaznik - USER
# Spuštěno z : C:\Documents and Settings\zakaznik\Plocha\adwcleaner_6.041.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support

***** [ Služby ] *****

***** [ Složky ] *****

***** [ Soubory ] *****

***** [ DLL ] *****

***** [ WMI ] *****

***** [ Zástupci ] *****

***** [ Naplánované úlohy ] *****

***** [ Registry ] *****

***** [ Prohlížeče ] *****

*************************

:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [829 Bajty] - [02/01/2017 17:15:19]
C:\AdwCleaner\AdwCleaner[S0].txt - [1400 Bajty] - [02/01/2017 17:14:52]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [974 Bajty] ##########

Nic nenalezeno. Znamená to teda, že by všechno mělo být teoreticky v pořádku?

Toto je OK. Otevřte poznámkový blok a zkopírujte do něj:

Start
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF Plugin: @pages.tvunetworks.com/WebPlayer -> C:\Program Files\TVUPlayer\npTVUAx.dll [No File]
S4 IntelIde; no ImagePath
NETSVC: wmcmgc -> C:\Program Files\Common Files\\System\icm64.dll ==> No File
C:\Documents and Settings\zakaznik\Local Settings\Temp

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Fix result of Farbar Recovery Scan Tool (x86) Version: 21-12-2016
Ran by zakaznik (03-01-2017 08:52:15) Run:1
Running from C:\Documents and Settings\zakaznik\Plocha
Loaded Profiles: zakaznik (Available Profiles: zakaznik & Administrator)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF Plugin: @pages.tvunetworks.com/WebPlayer -> C:\Program Files\TVUPlayer\npTVUAx.dll [No File]
S4 IntelIde; no ImagePath
NETSVC: wmcmgc -> C:\Program Files\Common Files\\System\icm64.dll ==> No File
C:\Documents and Settings\zakaznik\Local Settings\Temp

EmptyTemp:
End
*****************

HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully.
"HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer" => key removed successfully.
IntelIde => service removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\\netsvcs wmcmgc => value removed successfully.

"C:\Documents and Settings\zakaznik\Local Settings\Temp" folder move:

Could not move "C:\Documents and Settings\zakaznik\Local Settings\Temp" => Scheduled to move on reboot.

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache => 42653 B
Java, Flash, Steam htmlcache => 3522 B
Windows/system/dllcache/drivers => 55540077 B
Edge => 0 B
Chrome => 0 B
Firefox => 394563887 B
Opera => 8739616 B

Temp, IE cache, history, cookies, recent:
Documents and Settings => 0 B
Default User => 66228 B
All Users => 0 B
systemprofile => 292549380 B
LocalService => 66552 B
NetworkService => 66228 B
zakaznik => 215903549 B
Administrator => 0 B

RecycleBin => 12128650 B
EmptyTemp: => 934.3 MB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 03-01-2017 08:56:05)

C:\Documents and Settings\zakaznik\Local Settings\Temp => moved successfully

==== End of Fixlog 08:56:06 ====

Smazáno. Nastala nějaká změna?

Počítač reaguje rychleji, jen mě nejspíš zlobí asi Firefox, protože mám někdy problém třeba s načítáním emailové schránky, nebo nereaguje tlačítko na které kliknu.

Vyčistáíme ještě prohlížeče. Spusťte tyto skeny:

1. Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize

autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;

Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.

a

2. Junkware removal tool: http://thisisudax.org/downloads/JRT.exe
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.

Vyčistí mi to i historii navštívených odkazů na youtube?

Vyčistí to všechno kompletně.

Moc děkuji za rady. Snažil jsem se o tom něco dozvědět a nejspíš zkusím obnovení profilu. Zachová mi to v prohlížeči záložky a navštívené stránky, které bych si rád uchoval.

Co si o tom myslíte? Zajímal by mě Váš názor než se do toho pustím.

Pokud to váš problém vyřeší, směle do toho. Občas to ale takto nefunguje.

VIRY.CZ

Zasekávání prohlížečů - prosím o pomoc s logem

Zasekávání prohlížečů - prosím o pomoc s logem

Re: Zasekávání prohlížečů - prosím o pomoc s logem

Re: Zasekávání prohlížečů - prosím o pomoc s logem

Re: Zasekávání prohlížečů - prosím o pomoc s logem

Re: Zasekávání prohlížečů - prosím o pomoc s logem

Re: Zasekávání prohlížečů - prosím o pomoc s logem

Re: Zasekávání prohlížečů - prosím o pomoc s logem

Re: Zasekávání prohlížečů - prosím o pomoc s logem

Re: Zasekávání prohlížečů - prosím o pomoc s logem

Re: Zasekávání prohlížečů - prosím o pomoc s logem

Re: Zasekávání prohlížečů - prosím o pomoc s logem

Re: Zasekávání prohlížečů - prosím o pomoc s logem