VIRY.CZ

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 29-03-2020
Ran by Dušan (administrator) on DUŠAN-PC (Acer Aspire 3690) (04-04-2020 17:47:13)
Running from C:\Users\Dušan\Desktop
Loaded Profiles: Dušan (Available Profiles: Dušan)
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IObit Information Technology -> IObit) C:\Program Files\IObit\Advanced SystemCare\ASCService.exe
(IObit Information Technology -> IObit) C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
(IObit Information Technology -> IObit) C:\Program Files\IObit\IObit Uninstaller\UninstallMonitor.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Windows Hardware Compatibility Publisher -> Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\67.0.3575.115\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\67.0.3575.115\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\67.0.3575.115\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\67.0.3575.115\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\67.0.3575.115\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\67.0.3575.115\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\67.0.3575.115\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\67.0.3575.115\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\67.0.3575.115\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\67.0.3575.115\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\67.0.3575.115\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\67.0.3575.115\opera_crashreporter.exe
(Seznam.cz, a.s. -> ) C:\Users\Dušan\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Opera Browser Assistant] => C:\Program Files\Opera\assistant\browser_assistant.exe [3024920 2020-03-27] (Opera Software AS -> Opera Software)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-530079562-2313805981-1276691295-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Dušan\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [109808 2018-03-27] (Seznam.cz, a.s. -> )
HKU\S-1-5-21-530079562-2313805981-1276691295-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Dušan\AppData\Roaming\Seznam.cz\szninstall.exe [1069296 2018-03-27] (Seznam.cz, a.s. -> )
HKU\S-1-5-21-530079562-2313805981-1276691295-1001\...\Run: [Skype for Desktop] => C:\Program Files\Microsoft\Skype for Desktop\Skype.exe [91584872 2020-03-12] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-530079562-2313805981-1276691295-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-530079562-2313805981-1276691295-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04042020153216012\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Dušan\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [109808 2018-03-27] (Seznam.cz, a.s. -> )
HKU\S-1-5-21-530079562-2313805981-1276691295-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04042020153216012\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Dušan\AppData\Roaming\Seznam.cz\szninstall.exe [1069296 2018-03-27] (Seznam.cz, a.s. -> )
HKU\S-1-5-21-530079562-2313805981-1276691295-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04042020153216012\...\Run: [Skype for Desktop] => C:\Program Files\Microsoft\Skype for Desktop\Skype.exe [91584872 2020-03-12] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-530079562-2313805981-1276691295-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04042020153216012\...\Run: [Advanced SystemCare Ultimate] => "C:\Program Files\IObit\Advanced SystemCare Ultimate\ASCTray.exe" /Auto
HKU\S-1-5-21-530079562-2313805981-1276691295-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04042020153216012\...\Policies\Explorer: [NolowDiskSpaceChecks] 1

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {05D110C2-7A39-4F6D-AA7D-B0880DC42D7B} - System32\Tasks\Driver Booster Scheduler => C:\Program Files\IObit\Driver Booster\7.1.0\Scheduler.exe [149776 2019-11-14] (IObit Information Technology -> IObit)
Task: {07FF58C3-B987-47A3-80FE-38DF53B53AAB} - System32\Tasks\Opera scheduled Autoupdate 1500969307 => C:\Program Files\Opera\launcher.exe [1355800 2020-03-27] (Opera Software AS -> Opera Software)
Task: {12C4B599-398C-44A3-8AC6-CE34CA79B448} - System32\Tasks\IMF_SkipUAC_Dušan => C:\Program Files\IObit\IObit Malware Fighter\IMF.exe [5151504 2019-10-12] (IObit Information Technology -> IObit)
Task: {1F9897FB-6C13-4068-B530-39E235F24607} - System32\Tasks\{6E7CE394-DB95-4F86-A541-0C40C2F0A31C} => D:\aser\Camera_Bison_v5.0.0.10\Setup.exe [168448 2001-09-05] (InstallShield Software Corporation) [File not signed]
Task: {2779FB69-74FD-4889-BD76-99A7C9F41B9E} - System32\Tasks\Opera scheduled assistant Autoupdate 1580109408 => C:\Program Files\Opera\launcher.exe [1355800 2020-03-27] (Opera Software AS -> Opera Software)
Task: {2AB5132F-5A02-4726-88DF-C1F0BC328E59} - System32\Tasks\Software Updater Scheduler => C:\Program Files\IObit\Software Updater\SUInit.exe [1791248 2019-08-16] (IObit Information Technology -> IObit Software updater) <==== ATTENTION
Task: {2C59ECAF-3A27-4640-9F4B-519B05BDD70F} - \Microsoft\Windows\MUI\LPRemove -> No File <==== ATTENTION
Task: {36E05F95-45C0-4381-BFB9-DB3E5F58663B} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\avast software\overseer\overseer.exe [1410152 2020-02-28] (Avast Software s.r.o. -> Avast Software)
Task: {4834E3D4-D73A-49D5-AC1A-9B3E83728E8B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [272384 2017-07-25] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {612D1E5E-BC96-403B-BBF8-D8E003782BDA} - System32\Tasks\Driver Booster SkipUAC (Dušan) => C:\Program Files\IObit\Driver Booster\7.1.0\DriverBooster.exe [7757072 2019-11-14] (IObit Information Technology -> IObit)
Task: {65445682-F156-4495-B3A1-D798FAD6EA07} - System32\Tasks\SU_AutoUpdate => C:\Program Files\IObit\Software Updater\SoftwareUpdater.exe [4177680 2019-08-23] (IObit Information Technology -> IObit)
Task: {7423E44B-0931-42DC-AAC4-C71114A12A3D} - System32\Tasks\ISU3 Pre Task (One-Time) => C:\Program Files\IObit\Software Updater\prepop.exe [2120976 2020-03-27] (IObit Information Technology -> IObit)
Task: {778AAF4D-479F-4C87-9992-805E9E43D19F} - System32\Tasks\{8859F1D9-B7CB-47D6-8AFB-4BBC416CCF89} => D:\aser\Camera_Bison_v5.0.0.10\Setup.exe [168448 2001-09-05] (InstallShield Software Corporation) [File not signed]
Task: {83E9F544-4F39-4D27-BDAB-87151FC92C71} - System32\Tasks\{CC553340-6672-4BC0-B594-F5BE2C429E36} => D:\aser\Camera_Bison_v5.0.0.10\Setup.exe [168448 2001-09-05] (InstallShield Software Corporation) [File not signed]
Task: {9DA9393B-7CC5-416F-81B7-29CF1E179DB4} - System32\Tasks\Uninstaller_SkipUac_Dušan => C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe [5900560 2019-08-27] (IObit Information Technology -> IObit)
Task: {ABEBE8E9-0CF8-4241-B10D-53C491F914B1} - System32\Tasks\{79E8EAB9-48CC-4886-9E66-00E0543E7DCB} => D:\aser\Camera_Bison_v5.0.0.10\Setup.exe [168448 2001-09-05] (InstallShield Software Corporation) [File not signed]
Task: {BD2FE11A-18FC-4D9C-9739-A1E7030F58F1} - System32\Tasks\Software Updater SkipUAC(Dušan) => C:\Program Files\IObit\Software Updater\SoftwareUpdater.exe [4177680 2019-08-23] (IObit Information Technology -> IObit) <==== ATTENTION
Task: {F494142C-49D6-49FC-9AB0-7ADA2EC9E792} - System32\Tasks\{D31D95B3-B817-45D1-9BD1-157A6AC627E1} => C:\Program Files\Opera\launcher.exe [1355800 2020-03-27] (Opera Software AS -> Opera Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{75E330F7-8AAE-4F18-B93E-89795EAEAB04}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-530079562-2313805981-1276691295-1001 -> {22A5E7B8-C347-431C-A907-E79CFBBCCE81} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_12454
SearchScopes: HKU\S-1-5-21-530079562-2313805981-1276691295-1001 -> {35774986-93D9-4F12-BF1C-9FE0B06E1D00} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-530079562-2313805981-1276691295-1001 -> {42366311-28D7-494B-A6D0-96BD81FCDD14} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_12454
SearchScopes: HKU\S-1-5-21-530079562-2313805981-1276691295-1001 -> {45577F3D-726B-4F4E-917A-D3968336AB87} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-530079562-2313805981-1276691295-1001 -> {616B326E-BCCD-4158-BD96-FFE233D60A73} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_12454
SearchScopes: HKU\S-1-5-21-530079562-2313805981-1276691295-1001 -> {A92C7A80-E4B5-4777-97D5-19EE6379429E} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-530079562-2313805981-1276691295-1001 -> {D1595B73-A395-4F4A-9689-41B100A1856C} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-530079562-2313805981-1276691295-1001 -> {E35EB041-30B1-4B98-B44B-686D623B5AE4} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-530079562-2313805981-1276691295-1001 -> {E714C401-C8BC-4740-A2E0-FD6A4C04F9B2} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_12454
SearchScopes: HKU\S-1-5-21-530079562-2313805981-1276691295-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04042020153216012 -> {22A5E7B8-C347-431C-A907-E79CFBBCCE81} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_12454
SearchScopes: HKU\S-1-5-21-530079562-2313805981-1276691295-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04042020153216012 -> {35774986-93D9-4F12-BF1C-9FE0B06E1D00} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-530079562-2313805981-1276691295-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04042020153216012 -> {42366311-28D7-494B-A6D0-96BD81FCDD14} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_12454
SearchScopes: HKU\S-1-5-21-530079562-2313805981-1276691295-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04042020153216012 -> {45577F3D-726B-4F4E-917A-D3968336AB87} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-530079562-2313805981-1276691295-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04042020153216012 -> {616B326E-BCCD-4158-BD96-FFE233D60A73} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_12454
SearchScopes: HKU\S-1-5-21-530079562-2313805981-1276691295-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04042020153216012 -> {A92C7A80-E4B5-4777-97D5-19EE6379429E} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-530079562-2313805981-1276691295-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04042020153216012 -> {D1595B73-A395-4F4A-9689-41B100A1856C} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-530079562-2313805981-1276691295-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04042020153216012 -> {E35EB041-30B1-4B98-B44B-686D623B5AE4} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-530079562-2313805981-1276691295-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04042020153216012 -> {E714C401-C8BC-4740-A2E0-FD6A4C04F9B2} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_12454
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer.dll [2019-06-20] (IObit Information Technology -> IObit)

Opera:
=======
OPR Notifications: hxxps://clarify.infocenter.support; hxxps://postovnezdarma.cz; hxxps://www.kupi.cz

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

# -------------------------------
# Malwarebytes AdwCleaner 8.0.4.0
# -------------------------------
# Build: 04-03-2020
# Database: 2020-04-08.2 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 04-16-2020
# Duration: 00:00:15
# OS: Windows 7 Professional
# Cleaned: 33
# Failed: 0

***** [ Services ] *****

Deleted IMFservice

***** [ Folders ] *****

Deleted C:\Program Files\Common Files\IObit\Advanced SystemCare
Deleted C:\Program Files\IObit\Advanced SystemCare
Deleted C:\Program Files\Seznam.cz
Deleted C:\ProgramData\IObit\Advanced SystemCare
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare
Deleted C:\Users\Dušan\AppData\LocalLow\IObit\Advanced SystemCare
Deleted C:\Users\Dušan\AppData\Roaming\IObit\Advanced SystemCare
Deleted C:\Users\Dušan\AppData\Roaming\Seznam.cz
Deleted C:\Windows\System32\config\systemprofile\AppData\LocalLow\IObit\Advanced SystemCare
Deleted C:\Windows\System32\config\systemprofile\AppData\Roaming\IObit\Advanced SystemCare

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted C:\Windows\System32\Tasks\DRIVER BOOSTER SCHEDULER

***** [ Registry ] *****

Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|cz.seznam.software.autoupdate
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|cz.seznam.software.szndesktop
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SeznamInstall
Deleted HKCU\Software\Mozilla\NativeMessagingHosts\sznpp_nm
Deleted HKCU\Software\Seznam.cz
Deleted HKLM\SOFTWARE\CLASSES\DIRECTORY\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
Deleted HKLM\SOFTWARE\CLASSES\DRIVE\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
Deleted HKLM\SOFTWARE\CLASSES\LNKFILE\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
Deleted HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\Advanced SystemCare
Deleted HKLM\SOFTWARE\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\shellex\ContextMenuHandlers\Advanced SystemCare
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{05D110C2-7A39-4F6D-AA7D-B0880DC42D7B}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster Scheduler
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{11D592E5-548C-47B1-BC6B-68F6D497D7F8}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{886A4B04-2830-4689-937B-FA5DF749A1C2}
Deleted HKLM\Software\Classes\CLSID\{2803063F-4B8D-4dc6-8874-D1802487FE2D}
Deleted HKLM\Software\Classes\Interface\{BA935377-E17C-4475-B1BF-DE3110613A99}
Deleted HKLM\Software\Classes\TypeLib\{60AD0991-ECD4-49DC-B170-8B7E7C60F51B}
Deleted HKLM\Software\IOBIT\ASC
Deleted HKLM\Software\IObit\Advanced SystemCare
Deleted HKLM\Software\IObit\RealTimeProtector
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Advanced SystemCare_is1

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.

*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [4599 octets] - [16/04/2020 11:11:40]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Dejte nové logy FRST+Addition.

VIRY.CZ

Prosim o kontrolu pomaly pocitac

Prosim o kontrolu pomaly pocitac

Re: Prosim o kontrolu pomaly pocitac

Re: Prosim o kontrolu pomaly pocitac

Re: Prosim o kontrolu pomaly pocitac