VIRY.CZ

Zdravím, chtěl bych poprosit ještě o kontrolu druhého ntb. Díky moc.

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 15-01-2017
Ran by doma (administrator) on DOMOV (17-01-2017 09:17:24)
Running from C:\Documents and Settings\doma\Local Settings\Temp\scoped_dir3092_18335
Loaded Profiles: doma (Available Profiles: doma & Terka & Adlos & adel)
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) Language: Čeština
Internet Explorer Version 8 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Lenovo.) C:\WINDOWS\system32\ibmpmsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Atheros) C:\WINDOWS\system32\acs.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe
(Intel Corporation) C:\WINDOWS\system32\igfxtray.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
(Microsoft Corporation) C:\Program Files\Windows Desktop Search\WindowsSearch.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Microsoft Corporation) C:\WINDOWS\system32\osk.exe
(Microsoft Corporation) C:\WINDOWS\system32\msswchx.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SoundMAXPnP] => C:\Program Files\Analog Devices\Core\smax4pnp.exe [925696 2005-05-20] (Analog Devices, Inc.)
HKLM\...\Run: [SoundMAX] => C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [716800 2005-05-06] (Analog Devices, Inc.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [948440 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1323008 2008-07-03] (Synaptics, Inc.)
HKU\S-1-5-21-842925246-436374069-1606980848-1003\...\Run: [MSMSGS] => C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-21-842925246-436374069-1606980848-1003\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [7175384 2016-12-06] (Piriform Ltd)
HKU\S-1-5-18\...\Run: [DWQueuedReporting] => c:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE [437160 2007-02-26] (Microsoft Corporation)
ShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [304128 2009-05-24] (Microsoft Corporation)
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Windows Search.lnk [2016-04-26]
ShortcutTarget: Windows Search.lnk -> C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{1BF0DCBC-4FF1-4C28-A1F0-F45405E00DBF}: [DhcpNameServer] 192.168.8.1 192.168.8.1

Internet Explorer:
==================
HKU\S-1-5-21-842925246-436374069-1606980848-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=i ... ar=msnhome
HKU\S-1-5-21-842925246-436374069-1606980848-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2016-04-25] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2016-04-25] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-842925246-436374069-1606980848-1003 -> &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll [2013-09-23] (Společnost Microsoft)

FireFox:
========
FF DefaultProfile: 4s4drohi.default
FF ProfilePath: C:\Documents and Settings\doma\Data aplikací\Mozilla\Firefox\Profiles\4s4drohi.default [2017-01-17]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2016-04-26] [not signed]
FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw_1224194.dll [2016-02-19] (Adobe Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2016-04-25] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2016-04-25] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-01-21] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://seznam.cz/
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Documents and Settings\doma\Local Settings\Data aplikací\Google\Chrome\User Data\Default [2017-01-17]
CHR Extension: (Prezentace Google) - C:\Documents and Settings\doma\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-04-25]
CHR Extension: (Dokumenty Google) - C:\Documents and Settings\doma\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-04-25]
CHR Extension: (Disk Google) - C:\Documents and Settings\doma\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-25]
CHR Extension: (YouTube) - C:\Documents and Settings\doma\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-25]
CHR Extension: (Tabulky Google) - C:\Documents and Settings\doma\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-04-25]
CHR Extension: (Dokumenty Google offline) - C:\Documents and Settings\doma\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-25]
CHR Extension: (AdBlock) - C:\Documents and Settings\doma\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-01-14]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Documents and Settings\doma\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-25]
CHR Extension: (Gmail) - C:\Documents and Settings\doma\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-04-25]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 acs; C:\WINDOWS\system32\acs.exe [475220 2009-09-24] (Atheros) [File not signed]
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2016-04-25] (Oracle Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22208 2013-10-23] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AEAudioService; C:\WINDOWS\System32\drivers\AEAudio.sys [93952 2006-08-07] (Andrea Electronics Corporation)
R3 AR5416; C:\WINDOWS\System32\DRIVERS\athw.sys [1347168 2009-04-03] (Atheros Communications, Inc.)
R3 atmeltpm; C:\WINDOWS\System32\DRIVERS\atmeltpm.sys [15872 2005-05-17] (Atmel, Inc.)
R3 BTKRNL; C:\WINDOWS\System32\DRIVERS\btkrnl.sys [993576 2010-09-23] (Broadcom Corporation.)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [388824 2016-10-24] (Symantec Corporation)
R3 HSFHWAZL; C:\WINDOWS\System32\DRIVERS\HSFHWAZL.sys [209664 2006-12-21] (Conexant Systems, Inc.)
R3 HSF_DPV; C:\WINDOWS\System32\DRIVERS\HSF_DPV.sys [988800 2006-12-21] (Conexant Systems, Inc.)
S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2015-03-17] (Malwarebytes Corporation)
R0 MpFilter; C:\WINDOWS\System32\DRIVERS\MpFilter.sys [214696 2013-09-27] (Microsoft Corporation)
R3 Rasirda; C:\WINDOWS\System32\DRIVERS\rasirda.sys [19584 2001-08-17] (Microsoft Corporation)
R3 WSIMD; C:\WINDOWS\System32\DRIVERS\wsimd.sys [57408 2008-02-08] (Atheros Communications, Inc.) [File not signed]
S4 IntelIde; no ImagePath
U1 WS2IFSL; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-01-17 09:14 - 2017-01-17 09:17 - 00000000 ____D C:\FRST
2017-01-17 09:12 - 2017-01-17 09:13 - 01730048 _____ (Farbar) C:\Documents and Settings\doma\Dokumenty\FRST.exe
2017-01-17 08:35 - 2017-01-17 08:35 - 00000777 _____ C:\Documents and Settings\All Users\Plocha\Malwarebytes Anti-Malware.lnk
2017-01-17 08:35 - 2017-01-17 08:35 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2017-01-17 08:35 - 2017-01-17 08:35 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Malwarebytes Anti-Malware
2017-01-17 08:35 - 2017-01-17 08:35 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2017-01-17 08:35 - 2015-03-17 06:15 - 00120024 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2017-01-17 08:35 - 2015-03-17 06:15 - 00023256 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2017-01-17 08:33 - 2017-01-17 08:33 - 21540440 _____ (Malwarebytes Corporation ) C:\Documents and Settings\doma\Dokumenty\mbam-setup-2.1.4.1018.exe
2017-01-17 08:31 - 2017-01-17 08:31 - 00000682 _____ C:\Documents and Settings\All Users\Plocha\CCleaner.lnk
2017-01-17 08:31 - 2017-01-17 08:31 - 00000000 ____D C:\Program Files\CCleaner
2017-01-17 08:31 - 2017-01-17 08:31 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\CCleaner
2017-01-17 08:28 - 2017-01-17 08:30 - 08803648 _____ (Piriform Ltd) C:\Documents and Settings\doma\Dokumenty\ccsetup525.exe
2017-01-17 08:20 - 2017-01-17 08:20 - 00000000 ____D C:\Documents and Settings\doma\Local Settings\Data aplikací\Opera Software
2017-01-17 08:20 - 2017-01-17 08:20 - 00000000 ____D C:\Documents and Settings\doma\Data aplikací\Opera Software
2017-01-17 08:19 - 2017-01-17 08:20 - 00000392 _____ C:\WINDOWS\Tasks\Opera scheduled Autoupdate 1484637572.job
2017-01-17 08:19 - 2017-01-17 08:19 - 00000675 _____ C:\Documents and Settings\All Users\Nabídka Start\Programy\Opera.lnk
2017-01-17 08:16 - 2017-01-17 08:20 - 00000000 ____D C:\Program Files\Opera
2017-01-14 10:57 - 2017-01-14 10:57 - 00000000 ____D C:\Documents and Settings\adel\Local Settings\Data aplikací\Adobe
2017-01-14 10:57 - 2017-01-14 10:57 - 00000000 ____D C:\Documents and Settings\adel\Data aplikací\Adobe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-01-17 09:21 - 2016-04-25 10:40 - 00000940 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2017-01-17 09:19 - 2016-04-25 09:42 - 00000000 ____D C:\Documents and Settings\doma\Local Settings\Temp
2017-01-17 09:12 - 2016-04-25 09:42 - 00000000 ___RD C:\Documents and Settings\doma\Dokumenty
2017-01-17 08:43 - 2016-04-25 09:42 - 00000000 ____D C:\Documents and Settings\doma
2017-01-17 08:37 - 2016-04-25 11:20 - 00000000 ___RD C:\Documents and Settings\All Users\Nabídka Start\Programy
2017-01-17 08:37 - 2016-04-25 11:20 - 00000000 ____D C:\Documents and Settings\All Users\Plocha
2017-01-17 08:37 - 2016-04-25 09:46 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2017-01-17 08:35 - 2016-04-25 12:51 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-01-17 08:35 - 2016-04-25 11:19 - 00000000 __RHD C:\Documents and Settings\All Users\Data aplikací
2017-01-17 08:35 - 2016-04-25 09:41 - 00032584 ____N C:\WINDOWS\SchedLgU.Txt
2017-01-17 08:20 - 2016-04-25 09:42 - 00000000 __RHD C:\Documents and Settings\doma\Data aplikací
2017-01-17 08:20 - 2016-04-25 09:42 - 00000000 ___HD C:\Documents and Settings\doma\Local Settings\Data aplikací
2017-01-17 08:17 - 2016-04-25 09:42 - 00000000 ____D C:\Documents and Settings\doma\Plocha
2017-01-17 07:28 - 2016-04-30 09:57 - 00015360 _____ C:\Documents and Settings\doma\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-01-17 07:25 - 2016-11-25 20:04 - 00000000 ___RD C:\Documents and Settings\adel\Dokumenty\Hudba
2017-01-17 07:25 - 2016-11-25 20:04 - 00000000 ___RD C:\Documents and Settings\adel\Dokumenty
2017-01-17 07:21 - 2016-04-25 09:38 - 00000000 ____D C:\Documents and Settings\NetworkService\Local Settings\Temp
2017-01-17 07:01 - 2016-04-27 06:07 - 00000396 ____H C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job
2017-01-17 06:53 - 2016-04-26 05:46 - 00000220 _____ C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
2017-01-17 06:53 - 2016-04-25 10:40 - 00000936 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2017-01-17 06:53 - 2004-08-18 13:00 - 00012984 _____ C:\WINDOWS\system32\wpa.dbl
2017-01-17 06:51 - 2016-04-25 09:41 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-01-14 15:41 - 2016-11-25 20:04 - 00000178 ___SH C:\Documents and Settings\adel\ntuser.ini
2017-01-14 15:41 - 2016-04-25 11:52 - 00458752 _____ C:\WINDOWS\system32\config\ACS.evt
2017-01-14 15:40 - 2016-04-25 09:42 - 00000178 ___SH C:\Documents and Settings\doma\ntuser.ini
2017-01-14 15:38 - 2016-05-01 16:37 - 00000000 ____D C:\Documents and Settings\doma\Data aplikací\vlc
2017-01-14 15:21 - 2016-04-25 12:51 - 00000958 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2017-01-14 11:11 - 2016-11-25 20:04 - 00000000 ____D C:\Documents and Settings\adel\Local Settings\Temp
2017-01-14 11:08 - 2016-11-25 20:04 - 00000000 ____D C:\Documents and Settings\adel\Plocha
2017-01-14 10:57 - 2016-11-25 20:04 - 00000000 __RHD C:\Documents and Settings\adel\Data aplikací
2017-01-14 10:57 - 2016-11-25 20:04 - 00000000 ___HD C:\Documents and Settings\adel\Local Settings\Data aplikací
2017-01-07 12:56 - 2016-04-27 05:38 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Skype
2016-12-23 20:04 - 2016-11-25 21:53 - 00000000 ____D C:\Documents and Settings\adel\Data aplikací\vlc
2016-12-23 18:04 - 2016-11-25 21:49 - 00005632 _____ C:\Documents and Settings\adel\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-12-23 16:07 - 2016-04-30 06:20 - 00000434 ____H C:\WINDOWS\Tasks\Norton Security Scan for doma.job
2016-12-22 11:44 - 2016-04-25 09:42 - 00000000 ___SD C:\Documents and Settings\doma\Data aplikací\Microsoft
2016-12-19 16:13 - 2016-05-11 15:54 - 00000000 ____D C:\Documents and Settings\Terka\Data aplikací\Skype
2016-12-19 16:07 - 2016-05-01 15:11 - 00000000 ____D C:\Documents and Settings\Terka\Local Settings\Temp
2016-12-19 15:48 - 2016-05-12 17:36 - 00000000 ____D C:\Documents and Settings\Terka\Data aplikací\Spotify
2016-12-19 15:19 - 2016-05-01 15:11 - 00000000 __SHD C:\Documents and Settings\Terka\Cookies
2016-12-19 14:54 - 2016-05-12 17:39 - 00000000 ____D C:\Documents and Settings\Terka\Local Settings\Data aplikací\Spotify
2016-12-19 14:53 - 2016-05-01 15:11 - 00000000 ___HD C:\Documents and Settings\Terka\Local Settings\Data aplikací
2016-12-19 14:51 - 2016-05-01 15:11 - 00000062 ___SH C:\Documents and Settings\Terka\Local Settings\desktop.ini

==================== Files in the root of some directories =======

2016-04-30 09:57 - 2017-01-17 07:28 - 0015360 _____ () C:\Documents and Settings\doma\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-04-27 05:52 - 2016-04-27 05:52 - 0000124 _____ () C:\Documents and Settings\doma\Local Settings\Data aplikací\fusioncache.dat

Some files in TEMP:
====================
C:\Documents and Settings\doma\Local Settings\Temp\AtiCimUn.exe
C:\Documents and Settings\doma\Local Settings\Temp\OperaSetup xp (1).exe
C:\Documents and Settings\doma\Local Settings\Temp\OperaSetup xp.exe
C:\Documents and Settings\doma\Local Settings\Temp\Opera_installer_20171171457827.dll
C:\Documents and Settings\doma\Local Settings\Temp\{ITE_AWSetup}.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of FRST.txt ============================

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

Zdravím zasílám,

# AdwCleaner v6.042 - Log vytvořen 18/01/2017 v 07:11:35
# Aktualizováno dne 06/01/2017 z Malwarebytes
# Databáze : 2017-01-17.2 [Místní]
# Operační systém : Microsoft Windows XP Service Pack 3 (X86)
# Uživatelské jméno : doma - DOMOV
# Spuštěno z : C:\Documents and Settings\doma\Plocha\adwcleaner_6.042.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support

***** [ Služby ] *****

***** [ Složky ] *****

***** [ Soubory ] *****

***** [ DLL ] *****

***** [ WMI ] *****

***** [ Zástupci ] *****

***** [ Naplánované úlohy ] *****

***** [ Registry ] *****

***** [ Prohlížeče ] *****

*************************

:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [1357 Bajty] - [17/01/2017 22:09:28]
C:\AdwCleaner\AdwCleaner[C2].txt - [897 Bajty] - [18/01/2017 07:11:35]
C:\AdwCleaner\AdwCleaner[S0].txt - [1607 Bajty] - [17/01/2017 22:07:20]
C:\AdwCleaner\AdwCleaner[S1].txt - [1541 Bajty] - [18/01/2017 07:06:55]

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1115 Bajty] ##########

Toto je OK. Otevřte poznámkový blok a zkopírujte do něj:

Start
S4 IntelIde; no ImagePath
U1 WS2IFSL; no ImagePath
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\Documents and Settings\doma\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Documents and Settings\adel\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Documents and Settings\doma\Local Settings\Temp

EmptyTemp:
End

Uložte do C:\Documents and Settings\doma\Local Settings\Temp\scoped_dir3092_18335 jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Zdravím,

doma => 102078340 B
Terka => 78786585 B
Adlos => 34813 B

RecycleBin => 248494015 B
EmptyTemp: => 567.9 MB temporary data Removed.

================================

Toto není ten log.

Rudy píše:Po skončení akce se objeví log, který sem zkopírujte.

Fix result of Farbar Recovery Scan Tool (x86) Version: 18-01-2017
Ran by doma (19-01-2017 11:53:01) Run:1
Running from C:\Documents and Settings\doma\Plocha
Loaded Profiles: doma (Available Profiles: doma)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
S4 IntelIde; no ImagePath
U1 WS2IFSL; no ImagePath
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\Documents and Settings\doma\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Documents and Settings\adel\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Documents and Settings\doma\Local Settings\Temp

EmptyTemp:
End

*****************

IntelIde => Unable to stop service.
HKLM\System\CurrentControlSet\Services\IntelIde => key removed successfully.
IntelIde => service removed successfully.
HKLM\System\CurrentControlSet\Services\WS2IFSL => key removed successfully.
WS2IFSL => service removed successfully.
"C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job" => not found.
"C:\Documents and Settings\doma\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini" => not found.
"C:\Documents and Settings\adel\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini" => not found.
"C:\Documents and Settings\doma\Local Settings\Temp" => not found.

=========== EmptyTemp: ==========

BITS transfer queue => 9325 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache => 23734 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/dllcache/drivers => 412211 B
Edge => 0 B
Chrome => 0 B
Firefox => 0 B
Opera => 47835416 B

Temp, IE cache, history, cookies, recent:
Documents and Settings => 0 B
Default User => 0 B
All Users => 0 B
systemprofile => 0 B
LocalService => 904 B
NetworkService => 0 B
doma => 5287891 B

RecycleBin => 38079426 B
EmptyTemp: => 87.4 MB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 11:53:30 ====

Smazáno. Nastala nějaká změna?

Zdravím,
super. Díky moc

Nemáte zač!

VIRY.CZ

Prosím o kontrolu

Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu