prosím o kontrolu - pomalý firefox

Ghostwriter · Příspěvekod **Ghostwriter** » 03 říj 2016 21:12

Chování: Firefox se zdá běží lépe, ale vyskytl se nový problém: svchost.exe žere 50% CPU. Ručně jsem proces vypnul a poté zamrzl Firefox. Po vypnutí svchostu se znovu nezapne (resp. se pustí znovu ale už nežere 50%) a vše se zdá jede OK do příštího rebootu.

A ještě po každém naběhnutí systému automaticky vyskočí chyba programu Mbam - ta verze která je špatně nainstalovaná. Potřeboval bych ji buď kompletně odinstalovat (což přes uninstall nejde, hází chybu) anebo alespoň nastavit aby se program nezkoušel spouštět po naběhnutí Windows. Koukal jsem v msconfigu do "Po spuštění" a žádný proces týkající se mbam jsem tam nenašel..

Reklama

Příspěvekod **jaro3** » 03 říj 2016 22:58

svchost.exe musí být spuštěn u každého procesu , co máš přitom zvýšení CPU zapnuto?

Aktualizuj javu:
http://www.oracle.com/technetwork/java/ ... 33155.html
Java SE Runtime Environment 8

Klikni na Accept License Agreement
Vyber si OS (Windows nebo Windows x64, Offline Installation)
jre-8-windows-i586-p.exe nebo
jre-8-windows-x64.exe
Stáhni ( download) a nainstaluj.
Ostatní javy odeber v přidat/odebrat programy.

MBAM:

Stáhněte si a nainstalujte Revo Uninstaller FreePlease download and install Revo Uninstaller Free
http://www.revouninstaller.com/start_fr ... nload.html
Poklepáním na Revo Uninstaller jej spustit.
Podívej se , jestli je v programech Malwarebytes.

Ze seznamu programů klikněte dvakrát na programu odstranit
Až budete vyzváni, zda chcete odinstalovat klepněte na tlačítko Ano.
Ujistěte se, že je vybrána možnost Mírný potom klepněte na tlačítko Další.
Program bude probíhat, Pokud budete vyzváni znovu klepněte na tlačítko Ano
Při vestavěný Uninstaller je dokončena klepněte na tlačítko Další.
Jakmile program hledal zbytky klepněte na tlačítko Další.
Zkontrolujte / zaškrtněte položky Bolded jen na seznamu a potom klepněte na tlačítko Odstranit
Po vyzvání klepněte na Ano a pak na další.
dal šek na všechny složky, které se nachází a vyberte možnost odstranění
Po zobrazení výzvy vyberte ano, pak na další
Poté, co udělal na tlačítko Dokončit.

Sophos Virus Removal Tool je praktický softwarový nástroj, který by mohl odstranit infekce, které antivirový program nedetekuje .
Stáhněte si ho zde z některého odkazu:
http://www.majorgeeks.com/mg/get/sophos ... ool,1.html
http://www.majorgeeks.com/mg/getmirror/ ... ool,1.html
http://www.majorgeeks.com/mg/getmirror/ ... ool,2.html

Viry mohou zpomalit počítač, nebo se snaží ukrást vaše data, a ani nevíte , že je máte. Co potřebujete, je rychlý a snadný způsob, jak je najít a zbavit se jich, pokud již máte antivirový program v počítači nainstalován , můžete nainstalovat i nástroj Sophos Virus Removal , který identifikuje a vyčistí zbylé infekce, které mohl Váš antivirový program přehlédnout.
K použití Sophos Virus Removal Tool na něj poklepejte a stiskněte tlačítko „Start scanning“ . Pak bude Sophos Virus Removal Tool vyhledávat a odstraňovat viry, které najde. Může být vyžadován restart.

Stáhni si Zemana AntiMalware Free z tohoto odkazu:
https://www.zemana.com/Download/AntiMal ... .Setup.exe
a ulož si ho na plochu.
Poklepej na tento soubor na ploše a postupuj podle pokynů k instalaci programu.
Přijmi licenci k používání programu EULA , pokud se nabídne.
Pokud je k dispozici aktualizace programu , klepni na tlačítko „Update now“ ( aktualizovat nyní).
Na konci klepni na tlačítko Nastavení (ozubené kolo v rohu)> Advanced> ""
- "Přečetl jsem si upozornění a chci pokračovat stejně .....
Zaškrtnutí Auto Launch
Nezaškrtnutí Auto upload
Zaškrtnutí All Browser Extensions (Všechna rozšíření prohlížeče)
Inteligentní nastavení skenování jako náhrada za hloubkové prověření
Zavři všechny otevřené soubory, složky a prohlížeče
Klepni na tlačítko Scan now (Skenovat) a začne sken hrozeb.
Když je skenování dokončeno, objeví se tisková zpráva , zkopíruj sem celý obsah té zprávy.

Ghostwriter · Příspěvekod **Ghostwriter** » 04 říj 2016 02:52

svchost naběhne sám hned po načtení windowsů, hned žere 50% CPU. Jak jsem psal, pokud proces přes Správce úloh ručně zruším, pak už je vše na pohodu (tedy do dalšího restartu).

Btw těch svchost.exe je ve Správci úloh celkem 7 instancí - to ale vím že je běžné i u ostatních Windowsů. Dva jsou jako "network service", dva jako "local service" a čtyři jako "system" - z těch systémových jeden z nich jede na těch 50% CPU, všechny ostatní jsou na nule.

S Javou je problém - pokud si na odkaze co jsi dával stáhnu danou verzi, instalace je s chybou (asi není podpora pro XPčka?). Dole na liště mi bliká tray ikonka pro aktualizaci Javy, po kliku anglicky: Program nemůže stáhnout požadované soubory (internet samozřejmě ok).

Mbam jsem pomocí Reva úspěšně odinstaloval.

Zemana dokončil sken a po kliku na Next jsem očekával že se zobrazí zpráva, ono se místo toho začalo automaticky opravovat, tak když tak sorry.

Ghostwriter · Příspěvekod **Ghostwriter** » 04 říj 2016 02:53

Zemana AntiMalware 2.50.2.92 (Installed)

-------------------------------------------------------
Scan Result : Completed
Scan Date : 2016.10.4
Operating System : Windows XP 32-bit
Processor : 2X Intel(R) Core(TM)2 CPU T5500 @ 1.66GHz
BIOS Mode : Legacy
CUID : 14C782855B44449EB605DA
Scan Type : Smart Scan
Duration : 29m 10s
Scanned Objects : 63115
Detected Objects : 18
Excluded Objects : 0
Read Level : SCSI
Auto Upload : Disabled
Detect All Extensions : Enabled
Scan Documents : Disabled
Domain Info : SKUPINA,0,2

Detected Objects
-------------------------------------------------------

Tabs Hijack (System)
Status : Scanned
Object : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs\Tabs
MD5 : -
Publisher : -
Size : -
Version : -
Detection : Suspicious Setting
Cleaning Action : Repair
Related Objects :
Registry Entry - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs\Tabs

= about:newtab

Firefox Search
Status : Scanned
Object : mylucky123 - http://mylucky123.com
MD5 : -
Publisher : -
Size : -
Version : -
Detection : Suspicious Browser Setting
Cleaning Action : Repair
Related Objects :
Browser Setting - Firefox Search

Firefox Search
Status : Scanned
Object : mylucky123 - http://mylucky123.com
MD5 : -
Publisher : -
Size : -
Version : -
Detection : Suspicious Browser Setting
Cleaning Action : Repair
Related Objects :
Browser Setting - Firefox Search

{FBF6D7FB-F305-4445-BB3D-FEF66579A033}
Status : Scanned
Object :

%appdata%\mozilla\firefox\profiles\6hdvf7qt.default\extensions\{fbf6d7fb-f305-4445-bb3d-f

ef66579a033}.xpi
MD5 : 64A39DF9CBF7B13507101D4E3190E505
Publisher : -
Size : 81656
Version : -
Detection : Browser Extension
Cleaning Action : Repair
Related Objects :
Browser Extension - {FBF6D7FB-F305-4445-BB3D-FEF66579A033}
File -

%appdata%\mozilla\firefox\profiles\6hdvf7qt.default\extensions\{fbf6d7fb-f305-4445-bb3d-f

ef66579a033}.xpi

{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
Status : Scanned
Object :

%appdata%\mozilla\firefox\profiles\6hdvf7qt.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2

b9879e08c5d}.xpi
MD5 : B6F0DE7FEB9A69F0E337AB58BDF0C5AA
Publisher : -
Size : 1036367
Version : -
Detection : Browser Extension
Cleaning Action : Repair
Related Objects :
Browser Extension - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
File -

%appdata%\mozilla\firefox\profiles\6hdvf7qt.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2

b9879e08c5d}.xpi

{bee6eb20-01e0-ebd1-da83-080329fb9a3a}
Status : Scanned
Object :

%appdata%\mozilla\firefox\profiles\6hdvf7qt.default\extensions\{bee6eb20-01e0-ebd1-da83-0

80329fb9a3a}
MD5 : -
Publisher : -
Size : -
Version : -
Detection : Browser Extension
Cleaning Action : Repair
Related Objects :
Browser Extension - {bee6eb20-01e0-ebd1-da83-080329fb9a3a}

jid0-zXo3XFGyiDalgkeEO4UYJTUwo2I@jetpack
Status : Scanned
Object :

%appdata%\mozilla\firefox\profiles\6hdvf7qt.default\extensions\jid0-zxo3xfgyidalgkeeo4uyj

tuwo2i@jetpack.xpi
MD5 : 43D6453B8DB067113182031CA59A6517
Publisher : -
Size : 32430
Version : -
Detection : Browser Extension
Cleaning Action : Repair
Related Objects :
Browser Extension - jid0-zXo3XFGyiDalgkeEO4UYJTUwo2I@jetpack
File -

%appdata%\mozilla\firefox\profiles\6hdvf7qt.default\extensions\jid0-zxo3xfgyidalgkeeo4uyj

tuwo2i@jetpack.xpi

firefox-hotfix@mozilla.org
Status : Scanned
Object :

%appdata%\mozilla\firefox\profiles\6hdvf7qt.default\extensions\firefox-hotfix@mozilla.org

.xpi
MD5 : 2CC7CB51551F1F03AE356E07593E970E
Publisher : -
Size : 23373
Version : -
Detection : Browser Extension
Cleaning Action : Repair
Related Objects :
Browser Extension - firefox-hotfix@mozilla.org
File -

%appdata%\mozilla\firefox\profiles\6hdvf7qt.default\extensions\firefox-hotfix@mozilla.org

.xpi

abs@avira
Status : Scanned
Object :

%appdata%\mozilla\firefox\profiles\6hdvf7qt.default\extensions\abs@avira.com
MD5 : -
Publisher : -
Size : -
Version : -
Detection : Browser Extension
Cleaning Action : Repair
Related Objects :
Browser Extension - abs@avira

Default
Status : Scanned
Object : %programfiles%\mozilla

firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi
MD5 : B27916DB5C67310785DC029266E460CD
Publisher : -
Size : 4854
Version : -
Detection : Browser Extension
Cleaning Action : Repair
Related Objects :
Browser Extension - Default
File - %programfiles%\mozilla

firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi

Web Compat
Status : Scanned
Object : %programfiles%\mozilla

firefox\browser\features\webcompat@mozilla.org.xpi
MD5 : 164B22FC3D9B9290AAA7BE0E5E534EBD
Publisher : -
Size : 1073
Version : -
Detection : Browser Extension
Cleaning Action : Repair
Related Objects :
Browser Extension - Web Compat
File - %programfiles%\mozilla

firefox\browser\features\webcompat@mozilla.org.xpi

Pocket
Status : Scanned
Object : %programfiles%\mozilla

firefox\browser\features\firefox@getpocket.com.xpi
MD5 : 11FA99404D84CE33B50565D9C4CA211C
Publisher : -
Size : 671525
Version : -
Detection : Browser Extension
Cleaning Action : Repair
Related Objects :
Browser Extension - Pocket
File - %programfiles%\mozilla

firefox\browser\features\firefox@getpocket.com.xpi

Multi-process staged rollout
Status : Scanned
Object : %programfiles%\mozilla

firefox\browser\features\e10srollout@mozilla.org.xpi
MD5 : 9F472EB4855CEAC9B6D56685A8B65A84
Publisher : -
Size : 2584
Version : -
Detection : Browser Extension
Cleaning Action : Repair
Related Objects :
Browser Extension - Multi-process staged rollout
File - %programfiles%\mozilla

firefox\browser\features\e10srollout@mozilla.org.xpi

Avast Online Security
Status : Scanned
Object : %programfiles%\avast software\avast\webrep\ff
MD5 : -
Publisher : -
Size : -
Version : -
Detection : Browser Extension
Cleaning Action : Repair
Related Objects :
Browser Extension - Avast Online Security

Avast SafePrice
Status : Scanned
Object : %programfiles%\avast software\avast\safeprice\ff
MD5 : -
Publisher : -
Size : -
Version : -
Detection : Browser Extension
Cleaning Action : Repair
Related Objects :
Browser Extension - Avast SafePrice

Microsoft .NET Framework Assistant
Status : Scanned
Object : %systemroot%\microsoft.net\framework\v3.5\windows presentation

foundation\dotnetassistantextension
MD5 : -
Publisher : -
Size : -
Version : -
Detection : Browser Extension
Cleaning Action : Repair
Related Objects :
Browser Extension - Microsoft .NET Framework Assistant

MSNLNamespaceMgr.dll
Status : Scanned
Object : %programfiles%\windows desktop search\msnlnamespacemgr.dll
MD5 : 994AD0D8550B8B26990A6E3AA0791502
Publisher : -
Size : 304128
Version : 7.0.6001.18260
Detection : Adware:Win32/ShellHook-DJ!Intr
Cleaning Action : Delete
Related Objects :
Registry Entry -

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{56F9679E-7826-

4C84-81F3-532071A8BCC5} = C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll
File - %programfiles%\windows desktop search\msnlnamespacemgr.dll

etpfd9.bat
Status : Scanned
Object : NE->c:\program files\6rbfba\etpfd9.bat
MD5 : -
Publisher : -
Size : -
Version : -
Detection : Adware:Win32/Trotux.B!Neng
Cleaning Action : Quarantine
Related Objects :
(null) - (null)

Cleaning Result
-------------------------------------------------------
Cleaned : 16
Reported as safe : 0
Failed : 2

Failed Objects
-------------------------------------------------------
Avast SafePrice
Status : Scanned
Object : %programfiles%\avast software\avast\safeprice\ff
MD5 : -
Publisher : -
Size : -
Version : -
Detection : Browser Extension
Cleaning Action : Repair
Related Objects :
Browser Extension - Avast SafePrice

Avast Online Security
Status : Scanned
Object : %programfiles%\avast software\avast\webrep\ff
MD5 : -
Publisher : -
Size : -
Version : -
Detection : Browser Extension
Cleaning Action : Repair
Related Objects :
Browser Extension - Avast Online Security

Příspěvekod **jaro3** » 04 říj 2016 09:08

Je to OK.

Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.

Ghostwriter · Příspěvekod **Ghostwriter** » 04 říj 2016 20:16

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 03-10-2016
Ran by ets (administrator) on VASICZEE-7DF074 (04-10-2016 20:10:38)
Running from C:\Documents and Settings\ets\Plocha
Loaded Profiles: ets (Available Profiles: ets)
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) Language: Čeština
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
(Intel Corporation ) C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
(Zemana Ltd.) C:\Program Files\Zemana AntiMalware\ZAM.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Zemana Ltd.) C:\Program Files\Zemana AntiMalware\ZAM.exe
(Realtek Semiconductor Corp.) C:\DOCUME~1\ets\LOCALS~1\temp\RtkBtMnt.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Intel Corporation) C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Ghisler Software GmbH) C:\totalcmd\TOTALCMD.EXE
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [DWPersistentQueuedReporting] => C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE [434528 2006-10-26] (Microsoft Corporation)
HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [16248320 2006-06-28] (Realtek Semiconductor Corp.)
HKLM\...\Run: [SkyTel] => C:\WINDOWS\SkyTel.EXE [2879488 2006-05-16] (Realtek Semiconductor Corp.)
HKLM\...\Run: [AzMixerSel] => C:\Program Files\Realtek\InstallShield\AzMixerSel.exe [53248 2005-12-21] (Realtek Semiconductor Corp.)
HKLM\...\Run: [IntelZeroConfig] => C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe [667718 2006-04-14] (Intel Corporation)
HKLM\...\Run: [IntelWireless] => C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [602182 2006-04-14] (Intel Corporation)
HKLM\...\Run: [EOUApp] => C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe [569413 2006-04-14] (Intel Corporation)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9107616 2016-09-12] (AVAST Software)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [SwitchBoard] => C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeCS6ServiceManager] => C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [252136 2011-05-04] (Sun Microsystems, Inc.)
HKLM\...\Run: [ZAM] => C:\Program Files\Zemana AntiMalware\ZAM.exe [13812464 2016-09-30] (Zemana Ltd.)
HKU\S-1-5-21-790525478-57989841-1644491937-1004\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [3281600 2016-03-03] (Disc Soft Ltd)
HKU\S-1-5-18\...\Run: [KB976002-v5] => C:\WINDOWS\system32\advpack.dll [128512 2016-07-27] (Microsoft Corporation)
ShellExecuteHooks: - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No File [ ]
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2016-08-21] (AVAST Software)
BootExecute: autocheck autochk * bootdelete

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{196D062F-E810-4CBF-868F-9E8F0641C4A7}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-790525478-57989841-1644491937-1004\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-790525478-57989841-1644491937-1004\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKU\S-1-5-21-790525478-57989841-1644491937-1004 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-08-21] (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2016-07-28] (Oracle Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2006-10-27] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: 6hdvf7qt.default
FF ProfilePath: C:\Documents and Settings\ets\Data aplikací\Mozilla\Firefox\Profiles\6hdvf7qt.default [2016-10-04]
FF NewTab: C:\Documents and Settings\ets\Data aplikací\Mozilla\Firefox\Profiles\6hdvf7qt.default -> about:newtab
FF DefaultSearchEngine: C:\Documents and Settings\ets\Data aplikací\Mozilla\Firefox\Profiles\6hdvf7qt.default -> Google
FF DefaultSearchUrl: C:\Documents and Settings\ets\Data aplikací\Mozilla\Firefox\Profiles\6hdvf7qt.default -> hxxps://www.google.com/search?bcutc=sp-006
FF SearchEngineOrder.1: C:\Documents and Settings\ets\Data aplikací\Mozilla\Firefox\Profiles\6hdvf7qt.default -> Google
FF SelectedSearchEngine: C:\Documents and Settings\ets\Data aplikací\Mozilla\Firefox\Profiles\6hdvf7qt.default -> Google
FF Keyword.URL: C:\Documents and Settings\ets\Data aplikací\Mozilla\Firefox\Profiles\6hdvf7qt.default -> hxxps://www.google.com/search?bcutc=sp-006
FF NetworkProxy: C:\Documents and Settings\ets\Data aplikací\Mozilla\Firefox\Profiles\6hdvf7qt.default -> type", 0
FF Extension: (Adblock Plus) - C:\Documents and Settings\ets\Data aplikací\Mozilla\Firefox\Profiles\6hdvf7qt.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-10-04]
FF Extension: (Multirow Bookmarks Toolbar) - C:\Documents and Settings\ets\Data aplikací\Mozilla\Firefox\Profiles\6hdvf7qt.default\Extensions\{FBF6D7FB-F305-4445-BB3D-FEF66579A033}.xpi [2016-10-04]
FF SearchPlugin: C:\Documents and Settings\ets\Data aplikací\Mozilla\Firefox\Profiles\6hdvf7qt.default\searchplugins\google-avast.xml [2016-08-11]
FF ProfilePath: C:\Documents and Settings\ets\Data aplikací\Firefox\Firefox\Profiles\6hdvf7qt.default [2016-09-29]
FF NewTab: C:\Documents and Settings\ets\Data aplikací\Firefox\Firefox\Profiles\6hdvf7qt.default -> about:newtab
FF DefaultSearchEngine: C:\Documents and Settings\ets\Data aplikací\Firefox\Firefox\Profiles\6hdvf7qt.default -> Google
FF DefaultSearchUrl: C:\Documents and Settings\ets\Data aplikací\Firefox\Firefox\Profiles\6hdvf7qt.default -> hxxps://www.google.com/search?bcutc=sp-006
FF SearchEngineOrder.1: C:\Documents and Settings\ets\Data aplikací\Firefox\Firefox\Profiles\6hdvf7qt.default -> Google
FF SelectedSearchEngine: C:\Documents and Settings\ets\Data aplikací\Firefox\Firefox\Profiles\6hdvf7qt.default -> Google
FF Homepage: C:\Documents and Settings\ets\Data aplikací\Firefox\Firefox\Profiles\6hdvf7qt.default -> hxxp://www.searchinme.com/?type=hp&ts=1 ... MHEGK2MHEX
FF Keyword.URL: C:\Documents and Settings\ets\Data aplikací\Firefox\Firefox\Profiles\6hdvf7qt.default -> hxxps://www.google.com/search?bcutc=sp-006
FF NetworkProxy: C:\Documents and Settings\ets\Data aplikací\Firefox\Firefox\Profiles\6hdvf7qt.default -> type", 0
FF Extension: (SimilarWeb) - C:\Documents and Settings\ets\Data aplikací\Firefox\Firefox\Profiles\6hdvf7qt.default\Extensions\@DA3566E2-F709-11E5-8E87-A604BC8E7F8B.xpi [2016-09-29] [not signed]
FF Extension: (FF Adr) - C:\Documents and Settings\ets\Data aplikací\Firefox\Firefox\Profiles\6hdvf7qt.default\Extensions\@H99KV4DO-UCCF-9PFO-9ZLK-8RRP4FVOKD9O.xpi [2016-09-29] [not signed]
FF Extension: (Avira Browser Safety) - C:\Documents and Settings\ets\Data aplikací\Firefox\Firefox\Profiles\6hdvf7qt.default\Extensions\abs@avira.com [2016-09-20]
FF Extension: (Ant Video Downloader) - C:\Documents and Settings\ets\Data aplikací\Firefox\Firefox\Profiles\6hdvf7qt.default\Extensions\anttoolbar@ant.com [2016-08-27]
FF Extension: (Firefox Hotfix) - C:\Documents and Settings\ets\Data aplikací\Firefox\Firefox\Profiles\6hdvf7qt.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-09-08]
FF Extension: (One Click Proxy) - C:\Documents and Settings\ets\Data aplikací\Firefox\Firefox\Profiles\6hdvf7qt.default\Extensions\jid0-zXo3XFGyiDalgkeEO4UYJTUwo2I@jetpack.xpi [2016-08-27]
FF Extension: (English (US) Language Pack) - C:\Documents and Settings\ets\Data aplikací\Firefox\Firefox\Profiles\6hdvf7qt.default\Extensions\langpack-en-US@firefox.mozilla.org.xpi [2016-09-29] [not signed]
FF Extension: (Adblock Plus) - C:\Documents and Settings\ets\Data aplikací\Firefox\Firefox\Profiles\6hdvf7qt.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-07-27]
FF Extension: (Multirow Bookmarks Toolbar) - C:\Documents and Settings\ets\Data aplikací\Firefox\Firefox\Profiles\6hdvf7qt.default\Extensions\{FBF6D7FB-F305-4445-BB3D-FEF66579A033}.xpi [2016-07-27]
FF SearchPlugin: C:\Documents and Settings\ets\Data aplikací\Firefox\Firefox\Profiles\6hdvf7qt.default\searchplugins\google-avast.xml [2016-08-11]
FF SearchPlugin: C:\Documents and Settings\ets\Data aplikací\Firefox\Firefox\Profiles\6hdvf7qt.default\searchplugins\mylucky123.xml [2016-09-26]
FF SearchPlugin: C:\Documents and Settings\ets\Data aplikací\Firefox\Firefox\Profiles\6hdvf7qt.default\searchplugins\searchinme.xml [2016-09-29]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension => not found
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-08-21]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-08-21]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-08-04] ()
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll [2016-07-28] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\4.0.51204.0\npctrl.dll [2016-07-27] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-08-21] (AVAST Software)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1082560 2016-03-03] (Disc Soft Ltd) [File not signed]
R2 EvtEng; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [114753 2006-04-14] (Intel Corporation) [File not signed]
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [161664 2016-07-28] (Oracle Corporation)
R2 RegSrvc; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [217164 2006-04-14] (Intel Corporation) [File not signed]
R2 S24EventMonitor; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [540745 2006-04-14] (Intel Corporation ) [File not signed]
S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 ZAMSvc; C:\Program Files\Zemana AntiMalware\ZAM.exe [13812464 2016-09-30] (Zemana Ltd.)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AegisP; C:\WINDOWS\System32\DRIVERS\AegisP.sys [21275 2016-07-27] (Meetinghouse Data Communications) [File not signed]
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [34008 2016-08-21] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [35096 2016-08-21] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [92256 2016-08-21] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [64272 2016-08-21] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [60424 2016-08-21] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [735488 2016-09-13] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [433768 2016-09-22] (AVAST Software)
R3 aswStmXP; C:\WINDOWS\system32\drivers\aswStmXP.sys [184592 2016-08-21] (AVAST Software)
S3 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [66688 2016-08-21] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [224616 2016-08-21] (AVAST Software)
R3 dtlitescsibus; C:\WINDOWS\System32\DRIVERS\dtlitescsibus.sys [26168 2016-07-29] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\DRIVERS\dtliteusbbus.sys [40504 2016-07-29] (Disc Soft Ltd)
S1 DumpDrv; C:\WINDOWS\system32\Drivers\DumpDrv.sys [9472 2016-07-27] (Microsoft Corporation)
S3 hitmanpro37; C:\WINDOWS\system32\drivers\hitmanpro37.sys [39280 2016-08-24] ()
R3 HSFHWAZL; C:\WINDOWS\System32\DRIVERS\HSFHWAZL.sys [209664 2006-12-22] (Conexant Systems, Inc.)
R3 HSF_DPV; C:\WINDOWS\System32\DRIVERS\HSF_DPV.sys [988800 2006-12-22] (Conexant Systems, Inc.)
R2 s24trans; C:\WINDOWS\System32\DRIVERS\s24trans.sys [13568 2006-04-14] (Intel Corporation) [File not signed]
U3 TrueSight; C:\WINDOWS\system32\drivers\TrueSight.sys [24688 2016-10-01] ()
S3 UIUSys; C:\WINDOWS\System32\DRIVERS\UIUSYS.SYS [6909 2006-06-09] (Conexant Systems, Inc) [File not signed]
R3 w39n51; C:\WINDOWS\System32\DRIVERS\w39n51.sys [1429632 2006-04-04] (Intel® Corporation)
R1 ZAM; C:\WINDOWS\System32\drivers\zam32.sys [181496 2016-10-04] (Zemana Ltd.)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard32.sys [181496 2016-10-04] (Zemana Ltd.)
S3 btaudio; system32\drivers\btaudio.sys [X]
S3 BTDriver; system32\DRIVERS\btport.sys [X]
S3 BTKRNL; system32\DRIVERS\btkrnl.sys [X]
S4 IntelIde; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-10-04 20:10 - 2016-10-04 20:11 - 00017684 _____ C:\Documents and Settings\ets\Plocha\FRST.txt
2016-10-04 20:10 - 2016-10-04 20:10 - 00000000 ____D C:\FRST
2016-10-04 20:09 - 2016-10-04 20:09 - 01754624 _____ (Farbar) C:\Documents and Settings\ets\Plocha\FRST.exe
2016-10-04 20:04 - 2016-10-04 20:04 - 00000664 _____ C:\WINDOWS\system32\d3d9caps.dat
2016-10-04 05:06 - 2016-09-13 12:04 - 00000000 ____D C:\Konec prokrastinace
2016-10-04 02:07 - 2016-10-04 20:10 - 00042106 _____ C:\WINDOWS\ZAM.krnl.trace
2016-10-04 02:07 - 2016-10-04 20:10 - 00015216 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2016-10-04 02:07 - 2016-10-04 02:09 - 00000000 ____D C:\Program Files\Zemana AntiMalware
2016-10-04 02:07 - 2016-10-04 02:07 - 00181496 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zamguard32.sys
2016-10-04 02:07 - 2016-10-04 02:07 - 00181496 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zam32.sys
2016-10-04 02:07 - 2016-10-04 02:07 - 00001605 _____ C:\Documents and Settings\All Users\Plocha\Zemana AntiMalware.lnk
2016-10-04 02:07 - 2016-10-04 02:07 - 00000000 ____D C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Zemana
2016-10-04 02:07 - 2016-10-04 02:07 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Zemana AntiMalware
2016-10-04 02:06 - 2016-10-04 02:06 - 00000000 ____D C:\Documents and Settings\ets\Local Settings\Data aplikací\Zemana
2016-10-04 00:58 - 2016-10-04 00:58 - 00000432 _____ C:\Documents and Settings\ets\Nabídka Start\xnsw.lnk
2016-10-04 00:45 - 2016-10-04 00:45 - 00000000 ____D C:\rtmpdump
2016-10-03 23:59 - 2016-10-03 23:59 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Sophos
2016-10-03 23:58 - 2016-10-03 23:58 - 00001978 _____ C:\Documents and Settings\All Users\Plocha\Sophos Virus Removal Tool.lnk
2016-10-03 23:58 - 2016-10-03 23:58 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Sophos
2016-10-03 23:57 - 2016-10-03 23:57 - 00000000 ____D C:\Program Files\Sophos
2016-10-03 23:04 - 2016-10-03 23:04 - 00000882 _____ C:\Documents and Settings\All Users\Plocha\Revo Uninstaller.lnk
2016-10-03 23:04 - 2016-10-03 23:04 - 00000000 ____D C:\Program Files\VS Revo Group
2016-10-03 23:04 - 2016-10-03 23:04 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Revo Uninstaller
2016-10-03 20:52 - 2016-10-03 20:52 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Oracle
2016-10-03 20:12 - 2016-10-03 20:12 - 00000682 _____ C:\Documents and Settings\All Users\Plocha\CCleaner.lnk
2016-10-03 20:12 - 2016-10-03 20:12 - 00000000 ____D C:\Program Files\CCleaner
2016-10-03 20:12 - 2016-10-03 20:12 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\CCleaner
2016-10-02 10:41 - 2016-10-03 20:59 - 00000000 ____D C:\Documents and Settings\LocalService\Local Settings\temp
2016-10-02 10:41 - 2016-10-02 10:41 - 00000000 ____D C:\Documents and Settings\Default User\Local Settings\temp
2016-10-02 10:33 - 2016-10-04 20:11 - 00000000 ____D C:\Documents and Settings\ets\Local Settings\temp
2016-10-02 06:17 - 2016-10-02 06:17 - 00000000 ___RD C:\Documents and Settings\ets\Nabídka Start\Programy\Nástroje pro správu
2016-10-02 06:17 - 2016-10-02 06:17 - 00000000 ___RD C:\Documents and Settings\All Users\Dokumenty\Filmy
2016-10-02 06:16 - 2016-10-03 20:22 - 00000000 ____D C:\WINDOWS\erdnt
2016-10-02 00:13 - 2016-10-01 23:52 - 00024064 _____ C:\WINDOWS\zoek-delete.exe
2016-10-01 23:52 - 2016-10-02 00:08 - 00000000 ____D C:\zoek_backup
2016-10-01 03:47 - 2016-10-04 04:47 - 00001159 _____ C:\Documents and Settings\ets\Plocha\.Stopwatch.ini
2016-09-30 23:03 - 2016-10-01 22:31 - 00024688 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2016-09-30 23:02 - 2016-10-01 23:51 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\RogueKiller
2016-09-30 23:02 - 2016-09-30 23:02 - 00000718 _____ C:\Documents and Settings\All Users\Plocha\RogueKiller.lnk
2016-09-30 23:02 - 2016-09-30 23:02 - 00000000 ____D C:\Program Files\RogueKiller
2016-09-30 23:02 - 2016-09-30 23:02 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\RogueKiller
2016-09-30 21:41 - 2016-09-30 21:41 - 00000000 ____D C:\Documents and Settings\ets\Data aplikací\Malwarebytes
2016-09-30 10:36 - 2016-10-04 02:00 - 00000338 _____ C:\WINDOWS\Tasks\AdobeAAMUpdater-1.0-VASICZEE-7DF074-ets.job
2016-09-30 09:44 - 2016-09-30 09:44 - 00000854 _____ C:\Documents and Settings\All Users\Nabídka Start\Programy\Adobe Photoshop CS6.lnk
2016-09-30 09:41 - 2016-09-30 09:41 - 00000816 _____ C:\Documents and Settings\All Users\Nabídka Start\Programy\Adobe Bridge CS6.lnk
2016-09-30 09:37 - 2016-09-30 09:37 - 00001144 _____ C:\Documents and Settings\All Users\Nabídka Start\Programy\Adobe ExtendScript Toolkit CS6.lnk
2016-09-30 09:37 - 2016-09-30 09:37 - 00001000 _____ C:\Documents and Settings\All Users\Nabídka Start\Programy\Adobe Extension Manager CS6.lnk
2016-09-29 12:33 - 2016-09-29 12:33 - 00587400 _____ (dnSoft Research Group) C:\Documents and Settings\ets\Plocha\xnsw.exe
2016-09-29 12:12 - 2016-09-29 12:12 - 00273812 _____ C:\Documents and Settings\ets\Plocha\Abby C (Angelica_ Ebbi Krystal Boyd_ Abbie_ Abbey_ Masha Roofkina_ Anjelica_ Abby) (Straight_ All Sex_ Anal_ DP) MegaPack _ 206 _.torrent
2016-09-29 12:00 - 2016-09-29 12:00 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-09-29 12:00 - 2016-09-29 12:00 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-09-29 10:39 - 2016-09-29 10:39 - 00000000 ____D C:\Documents and Settings\ets\Local Settings\Data aplikací\Firefox
2016-09-29 10:37 - 2016-09-29 10:37 - 00000000 ____D C:\Documents and Settings\ets\Data aplikací\Firefox
2016-09-29 10:29 - 2016-09-29 11:19 - 00000000 _____ C:\Documents and Settings\All Users\Dokumenty\report.dat
2016-09-29 10:27 - 2016-09-29 10:29 - 00000003 _____ C:\WINDOWS\system32\xaa
2016-09-27 22:50 - 2016-09-27 23:22 - 00028621 _____ C:\Documents and Settings\ets\Plocha\2016_10_Ostraha_Rozpis služeb.xlsx
2016-09-24 01:00 - 2016-09-24 01:01 - 00003290 _____ C:\Documents and Settings\ets\Plocha\Why is it so hard for women to admit they like douche bags.txt
2016-09-23 00:13 - 2016-09-23 02:29 - 00002945 _____ C:\Documents and Settings\ets\Plocha\chicks tricks.txt
2016-09-22 15:58 - 2016-09-22 15:58 - 00000000 ____D C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Temp
2016-09-22 09:05 - 2016-09-22 09:05 - 00000218 _____ C:\Documents and Settings\ets\.recently-used.xbel
2016-09-22 09:00 - 2016-09-22 09:01 - 00000000 ____D C:\Documents and Settings\ets\.mp3splt-gtk
2016-09-22 08:59 - 2016-09-22 08:59 - 00000000 ____D C:\Program Files\mp3splt-gtk
2016-09-22 08:59 - 2016-09-22 08:59 - 00000000 ____D C:\Documents and Settings\ets\Nabídka Start\Programy\mp3splt-gtk
2016-09-13 04:35 - 2016-09-13 04:35 - 02446877 _____ C:\Documents and Settings\ets\Plocha\Louie on FX - Ricky Gervais as Louies Doctor - YouTube.webm
2016-09-13 04:32 - 2016-09-13 04:32 - 07916971 _____ C:\Documents and Settings\ets\Plocha\Louis CK and Ricky Gervais in hospital - YouTube.webm
2016-09-13 04:31 - 2016-09-13 04:31 - 18912303 _____ C:\Documents and Settings\ets\Plocha\Louis CK Ricky Gervais in episode 3 of LOUIE on FX TUESDAYS 11pm - YouTube.webm
2016-09-13 00:05 - 2016-10-02 05:52 - 00000018 _____ C:\Documents and Settings\ets\Plocha\ulozto filmky.txt
2016-09-10 23:58 - 2016-09-10 23:58 - 00001569 _____ C:\Documents and Settings\All Users\Plocha\Anno 1503 AD.lnk
2016-09-10 22:59 - 2016-09-10 22:59 - 26200790 _____ C:\Documents and Settings\ets\Plocha\No Gym Full Body Workout - YouTube.webm
2016-09-09 08:55 - 2016-09-09 08:55 - 00000000 ____D C:\Documents and Settings\ets\Data aplikací\eCyber
2016-09-07 03:00 - 2016-09-07 03:00 - 00001018 _____ C:\Documents and Settings\All Users\Plocha\Free Video Cutter Joiner.lnk
2016-09-07 03:00 - 2016-09-07 03:00 - 00000000 ____D C:\Program Files\DVDVideoMedia
2016-09-07 03:00 - 2016-09-07 03:00 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\DVDVideoMedia
2016-09-07 02:50 - 2016-09-07 02:50 - 00000000 ____D C:\Documents and Settings\ets\Data aplikací\Jfuse
2016-09-06 00:00 - 2016-09-07 02:55 - 00000000 ____D C:\Program Files\3GP Cutter
2016-09-05 22:22 - 2016-09-05 22:22 - 00000000 ___RD C:\Documents and Settings\ets\Dokumenty\Filmy
2016-09-05 22:21 - 2016-09-05 22:21 - 00000729 _____ C:\Documents and Settings\All Users\Plocha\ABC 3GP Converter.lnk
2016-09-05 22:21 - 2016-09-05 22:21 - 00000000 ____D C:\Program Files\ABC 3GP Converter
2016-09-05 22:21 - 2016-09-05 22:21 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\ABC 3GP Converter
2016-09-05 12:12 - 2016-09-22 10:02 - 00005866 _____ C:\Documents and Settings\ets\Plocha\motiv.m3u
2016-09-04 13:02 - 2016-09-29 05:23 - 00000000 ____D C:\ppp

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-10-04 20:10 - 2016-07-27 20:07 - 00000000 ____D C:\Documents and Settings\ets\Plocha
2016-10-04 20:05 - 2016-08-19 04:29 - 00000000 _____ C:\WINDOWS\system32\last.dump
2016-10-04 19:57 - 2016-08-21 00:56 - 00000358 ____H C:\WINDOWS\Tasks\avast! Emergency Update.job
2016-10-04 19:56 - 2016-08-21 01:13 - 00000476 _____ C:\WINDOWS\Tasks\SafeZone scheduled Autoupdate 1471734788.job
2016-10-04 19:56 - 2016-07-27 20:06 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-10-04 06:14 - 2016-07-27 20:06 - 00032604 _____ C:\WINDOWS\SchedLgU.Txt
2016-10-04 06:13 - 2016-07-27 20:07 - 00000178 ___SH C:\Documents and Settings\ets\ntuser.ini
2016-10-04 06:13 - 2016-07-27 20:07 - 00000000 ____D C:\Documents and Settings\ets
2016-10-04 05:59 - 2016-07-27 22:10 - 00000000 ____D C:\Documents and Settings\ets\Data aplikací\uTorrent
2016-10-04 05:18 - 2016-08-28 01:39 - 00000000 ____D C:\Documents and Settings\ets\Local Settings\Data aplikací\JDownloader 2.0
2016-10-04 02:41 - 2016-07-27 19:42 - 00000000 ____D C:\Program Files\Windows Desktop Search
2016-10-04 02:16 - 2016-08-28 20:02 - 00000000 ____D C:\Documents and Settings\ets\Data aplikací\vlc
2016-10-04 02:07 - 2016-07-27 21:36 - 00000000 ____D C:\Documents and Settings\All Users\Plocha
2016-10-04 02:07 - 2016-07-27 21:36 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy
2016-10-04 02:07 - 2016-07-27 20:06 - 00000000 ___HD C:\Documents and Settings\LocalService\Local Settings\Data aplikací
2016-10-04 02:06 - 2016-07-27 20:07 - 00000000 ___HD C:\Documents and Settings\ets\Local Settings\Data aplikací
2016-10-04 02:00 - 2016-07-27 21:24 - 00000000 ____D C:\Documents and Settings\ets\Local Settings\Data aplikací\Adobe
2016-10-04 01:00 - 2016-07-27 20:07 - 00000000 ___RD C:\Documents and Settings\ets\Nabídka Start
2016-10-03 23:59 - 2016-07-27 21:36 - 00000000 __RHD C:\Documents and Settings\All Users\Data aplikací
2016-10-03 20:59 - 2016-07-27 21:35 - 03604936 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-10-03 20:54 - 2016-07-27 20:07 - 00000000 __RHD C:\Documents and Settings\ets\Data aplikací
2016-10-03 20:54 - 2016-07-27 20:01 - 00000000 ____D C:\Program Files\Java
2016-10-03 20:17 - 2016-07-29 20:51 - 00000000 ____D C:\Documents and Settings\ets\Data aplikací\DAEMON Tools Lite
2016-10-03 19:57 - 2016-07-27 18:26 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2016-10-03 06:07 - 2016-07-27 19:53 - 00000000 __SHD C:\Documents and Settings\NetworkService
2016-10-02 10:35 - 2016-07-27 18:24 - 00000227 _____ C:\WINDOWS\system.ini
2016-10-02 06:37 - 2016-07-27 21:35 - 00000000 ___HD C:\Documents and Settings\Default User
2016-10-02 06:33 - 2016-07-27 21:35 - 00000000 ____D C:\Documents and Settings\All Users
2016-10-02 06:17 - 2016-07-27 21:36 - 00000000 ___RD C:\Documents and Settings\All Users\Dokumenty
2016-10-02 06:17 - 2016-07-27 20:07 - 00000000 ___RD C:\Documents and Settings\ets\Nabídka Start\Programy
2016-10-02 03:44 - 2016-07-30 04:13 - 00000000 ____D C:\games, lps
2016-10-02 01:37 - 2016-07-27 22:26 - 00000000 ____D C:\_films
2016-10-02 00:08 - 2016-07-27 19:41 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2016-10-01 02:00 - 2016-08-27 01:22 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Adobe
2016-09-30 22:28 - 2016-08-24 01:59 - 00000876 _____ C:\Documents and Settings\All Users\Plocha\The Mystery of the Druids.lnk
2016-09-30 22:28 - 2016-08-24 01:59 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\House of Tales
2016-09-30 22:28 - 2016-08-21 01:13 - 00000846 _____ C:\Documents and Settings\All Users\Nabídka Start\Programy\Avast SafeZone 1 Browser.lnk
2016-09-30 22:28 - 2016-08-14 11:17 - 00000000 ____D C:\AdwCleaner
2016-09-30 21:53 - 2016-08-22 10:55 - 00000000 ____D C:\Documents and Settings\ets\Data aplikací\setup1
2016-09-30 21:41 - 2016-07-29 21:58 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2016-09-30 21:39 - 2016-07-29 21:59 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Malwarebytes Anti-Malware
2016-09-30 21:39 - 2016-07-29 21:58 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2016-09-30 10:36 - 2016-07-27 20:43 - 00000000 ____D C:\Documents and Settings\ets\Data aplikací\Adobe
2016-09-30 10:33 - 2016-07-27 20:47 - 00065768 _____ C:\Documents and Settings\ets\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT
2016-09-30 09:41 - 2016-08-27 01:23 - 00000000 ____D C:\Program Files\Adobe
2016-09-30 09:40 - 2016-07-30 00:46 - 00000000 ____D C:\Program Files\Common Files\Adobe
2016-09-30 02:45 - 2016-07-30 00:12 - 00000095 _____ C:\WINDOWS\winamp.ini
2016-09-29 12:00 - 2016-07-27 20:46 - 00000730 _____ C:\Documents and Settings\All Users\Nabídka Start\Programy\Mozilla Firefox.lnk
2016-09-29 12:00 - 2016-07-27 20:46 - 00000724 _____ C:\Documents and Settings\All Users\Plocha\Mozilla Firefox.lnk
2016-09-29 11:54 - 2016-07-27 20:07 - 00000000 ___RD C:\Documents and Settings\ets\Dokumenty
2016-09-29 10:28 - 2016-07-27 20:08 - 00001117 _____ C:\Documents and Settings\ets\Nabídka Start\Programy\Internet Explorer.lnk
2016-09-25 03:56 - 2016-07-30 20:17 - 00000000 ____D C:\odborná literatura
2016-09-25 01:46 - 2016-08-30 20:23 - 00028580 _____ C:\Documents and Settings\ets\Plocha\2016_09_Ostraha_Rozpis služeb.xlsx
2016-09-23 21:30 - 2016-08-11 21:22 - 00000000 ____D C:\motiv
2016-09-22 15:28 - 2016-08-21 00:56 - 00433768 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2016-09-13 21:00 - 2016-08-21 00:56 - 00735488 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2016-09-10 23:58 - 2016-08-24 04:44 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\GOG.com
2016-09-10 23:45 - 2016-08-24 04:43 - 00000000 ____D C:\GOG Games
2016-09-10 23:25 - 2016-08-24 00:49 - 00000000 ____D C:\Program Files\Anno 1503 - The New World

Some files in TEMP:
====================
C:\Documents and Settings\ets\Local Settings\temp\RtkBtMnt.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of FRST.txt ============================

Ghostwriter · Příspěvekod **Ghostwriter** » 04 říj 2016 20:16

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 03-10-2016
Ran by ets (04-10-2016 20:12:38)
Running from C:\Documents and Settings\ets\Plocha
Systém Microsoft Windows XP Professional Service Pack 3 (X86) (2016-07-27 18:04:16)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-790525478-57989841-1644491937-500 - Administrator - Enabled)
ASPNET (S-1-5-21-790525478-57989841-1644491937-1003 - Limited - Enabled)
ets (S-1-5-21-790525478-57989841-1644491937-1004 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\ets
Guest (S-1-5-21-790525478-57989841-1644491937-501 - Limited - Disabled)
HelpAssistant (S-1-5-21-790525478-57989841-1644491937-1000 - Limited - Disabled)
SUPPORT_388945a0 (S-1-5-21-790525478-57989841-1644491937-1002 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {7591db91-41f0-48a3-b128-1a293fd8233d}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

%WS4_ARP_DISPLAY% (Version: 04.00.6001.503 - ) Hidden
µTorrent (HKLM\...\uTorrent) (Version: 2.2.1.25534 - emc, uTorrent.CZ)
ABC 3GP/MP4 Converter 3.00 (HKLM\...\ABC 3GP/MP4 Converter) (Version: 3.00 - ABCMedia Studio@VOWSoft,Ltd.)
Adobe Flash Player 22 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader XI - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated)
Anno 1503 A.D. (HKLM\...\1438074791_is1) (Version: 2.0.0.5 - GOG.com)
Avast Free Antivirus (HKLM\...\Avast) (Version: 12.3.2280 - AVAST Software)
BS.Player FREE (HKLM\...\BSPlayerf) (Version: 2.70.1080 - AB Team, d.o.o.)
CCleaner (HKLM\...\CCleaner) (Version: 5.22 - Piriform)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.2.0.0116 - Disc Soft Ltd)
Dark Seed 1+2 version 1.0 (HKLM\...\{BB57AE63-61E7-4575-A10D-F85456194354}_is1) (Version: 1.0 - Cyberdreams)
DesetiPrsty5 5.3 (HKLM\...\DesetiPrsty5) (Version: - )
Easy 7-Zip v0.1.5 (x86) (HKLM\...\{661BB54F-5E4A-45F0-8153-DDF10C2E3FB7}_is1) (Version: 0.1.5 (x86) - James Hoo)
Free Video Cutter Joiner 10.4 (HKLM\...\{8C5A4758-C782-4200-B337-DB3466D33ADD}}_is1) (Version: 10.4 - DVDVideoMedia, Inc.)
HDAUDIO Soft Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118) (Version: - )
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - )
IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.42 - Irfan Skiljan)
Java(TM) 6 Update 23 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216023FF}) (Version: 6.0.230 - Oracle)
Java(TM) 7 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217000FF}) (Version: 7.0.0 - Oracle)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Klient pro správu práv Microsoft Windows Rights Management Services s aktualizací Service Pack 2 (Version: 5.2.95 - Microsoft) Hidden
Klient Správy přístupových práv v systému Windows SP2, zpětná kompatibilita (Version: 5.2.95 - Microsoft) Hidden
K-Lite Mega Codec Pack 12.2.5 (HKLM\...\KLiteCodecPack_is1) (Version: 12.2.5 - KLCP)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
mCore (Version: 5.73.0000 - Intel Corporation) Hidden
mDriver (Version: 5.73.0000 - Intel) Hidden
mDrWiFi (Version: 5.73.0000 - Intel Corporation) Hidden
mEoU (Version: 5.73.0000 - Intel Corporation) Hidden
mHelp (Version: 5.73.0000 - Intel) Hidden
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MindMaple Lite 1.71 (HKLM\...\MindMaple_is1) (Version: v1.71 - MindMaple Inc.)
mIWA (Version: 5.73.0000 - Intel Corporation) Hidden
mLogView (Version: 5.73.0000 - Intel Corporation) Hidden
mMHouse (Version: 5.73.0000 - Intel Corporation) Hidden
Mozilla Firefox 49.0.1 (x86 cs) (HKLM\...\Mozilla Firefox 49.0.1 (x86 cs)) (Version: 49.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 49.0.1 - Mozilla)
mp3splt-gtk (HKLM\...\mp3splt-gtk) (Version: - )
mPfMgr (Version: 5.73.0000 - Intel Corporation) Hidden
mPfWiz (Version: 5.73.0000 - Intel Corporation) Hidden
mProSafe (Version: 9.00.0000 - Intel) Hidden
MSXML 4.0 SP3 Parser (KB973685) (Version: 4.30.2107.0 - Microsoft Corporation) Hidden
mWlsSafe (Version: 9.00.0000 - Intel) Hidden
mXML (Version: 5.73.0000 - Intel Corporation) Hidden
mZConfig (Version: 5.73.0000 - Intel Corporation) Hidden
PDF Settings CS6 (Version: 11.0 - Adobe Systems Incorporated) Hidden
Potplayer (HKLM\...\PotPlayer) (Version: - Kakao Corp.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 5.10.0.5273 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.0.1 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.1 - VS Revo Group, Ltd.)
RogueKiller verze 12 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12 - Adlice Software)
SafeZone Stable 1.48.2066.120 (Version: 1.48.2066.120 - Avast Software) Hidden
Software Intel(R) PROSet/Wireless (HKLM\...\ProInst) (Version: 10.1.1.3 - Intel Corporation)
Sophos Virus Removal Tool (HKLM\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.5.6 - Sophos Limited)
The Last Door - Season 2 (HKLM\...\1457355665_is1) (Version: 2.0.0.3 - GOG.com)
The Lost Crown version 1.2 (HKLM\...\The Lost Crown_is1) (Version: 1.0 - Darlking Room)
The Mystery of the Druids (HKLM\...\The Mystery of the Druids) (Version: - )
Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: 8.52a - Ghisler Software GmbH)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Winamp (remove only) (HKLM\...\Winamp) (Version: - )
WinRAR 5.40 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
Zemana AntiMalware (HKLM\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.50.92 - Zemana Ltd.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\AdobeAAMUpdater-1.0-VASICZEE-7DF074-ets.job => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: C:\WINDOWS\Tasks\SafeZone scheduled Autoupdate 1471734788.job => C:\Program Files\AVAST Software\SZBrowser\launcher.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Memory info ===========================

Processor: Intel(R) Core(TM)2 CPU T5500 @ 1.66GHz
Percentage of memory in use: 83%
Total physical RAM: 1014.04 MB
Available physical RAM: 168.3 MB
Total Virtual: 2441.02 MB
Available Virtual: 1486.73 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:55.89 GB) (Free:8.02 GB) NTFS ==>[drive with boot components (Windows XP)]
Drive f: (mp3) (Fixed) (Total:55.88 GB) (Free:9.24 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 111.8 GB) (Disk ID: 0A530A53)
Partition 1: (Not Active) - (Size=55.9 GB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=55.9 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Příspěvekod **jaro3** » 04 říj 2016 23:06

Drive c: () (Fixed) (Total:55.89 GB) (Free:8.02 GB) NTFS
chtělo by to něco odinstalovat , smazat..

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.
Start
CloseProcesses:

Kód: Vybrat vše

ShellExecuteHooks: - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No File [ ]
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-790525478-57989841-1644491937-1004\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
SearchScopes: HKU\S-1-5-21-790525478-57989841-1644491937-1004 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
FF SearchPlugin: C:\Documents and Settings\ets\Data aplikací\Firefox\Firefox\Profiles\6hdvf7qt.default\searchplugins\mylucky123.xml [2016-09-26]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension => not found
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
S4 IntelIde; no ImagePath
C:\WINDOWS\system32\d3d9caps.dat

EmptyTemp:
End

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt

Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

Aktualizuj javu:
http://www.oracle.com/technetwork/java/ ... 33155.html
Java SE Runtime Environment 8

Klikni na Accept License Agreement
Vyber si OS (Windows nebo Windows x64, Offline Installation)
jre-8-windows-i586-p.exe nebo
jre-8-windows-x64.exe
Stáhni ( download) a nainstaluj.
Ostatní javy odeber v přidat/odebrat programy.

C:\ppp
C:\WINDOWS\system32\xaa
C:\WINDOWS\system32\last.dump
C:\Documents and Settings\ets\Data aplikací\setup1
co je v těch složkách?

Ghostwriter · Příspěvekod **Ghostwriter** » 05 říj 2016 00:15

Fix result of Farbar Recovery Scan Tool (x86) Version: 03-10-2016
Ran by ets (05-10-2016 00:06:17) Run:1
Running from C:\Documents and Settings\ets\Plocha
Loaded Profiles: ets (Available Profiles: ets)
Boot Mode: Normal

==============================================

fixlist content:
*****************

Start
CloseProcesses:

ShellExecuteHooks: - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No File [ ]
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-790525478-57989841-1644491937-1004\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
SearchScopes: HKU\S-1-5-21-790525478-57989841-1644491937-1004 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
FF SearchPlugin: C:\Documents and Settings\ets\Data aplikací\Firefox\Firefox\Profiles\6hdvf7qt.default\searchplugins\mylucky123.xml [2016-09-26]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension => not found
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
S4 IntelIde; no ImagePath
C:\WINDOWS\system32\d3d9caps.dat

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\explorer\ShellExecuteHooks\\{AEB6717E-7E19-11d0-97EE-00C04FD91972} => value removed successfully.
HKCR\CLSID\{AEB6717E-7E19-11d0-97EE-00C04FD91972} => key not found.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully.
"HKU\S-1-5-21-790525478-57989841-1644491937-1004\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully.
"HKU\S-1-5-21-790525478-57989841-1644491937-1004\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}" => key removed successfully.
HKCR\CLSID\{012E1000-F331-11DB-8314-0800200C9A66} => key not found.
HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93} => key not found.
HKCR\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93} => key not found.
HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} => key not found.
HKCR\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} => key not found.
HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} => key not found.
HKCR\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} => key not found.
HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} => key not found.
HKCR\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} => key not found.
C:\Documents and Settings\ets\Data aplikací\Firefox\Firefox\Profiles\6hdvf7qt.default\searchplugins\mylucky123.xml => moved successfully
HKLM\Software\Mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b} => value removed successfully.
"HKLM\SOFTWARE\Google\Chrome\Extensions\flliilndjeohchalpbbcdekjklbdgfkk" => key removed successfully.
IntelIde => service removed successfully.
C:\WINDOWS\system32\d3d9caps.dat => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 10361 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache => 72880 B
Java, Flash, Steam htmlcache => 739 B
Windows/system/dllcache/drivers => 349940 B
Edge => 0 B
Chrome => 0 B
Firefox => 346680727 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default User => 16674 B
All Users => 0 B
systemprofile => 65826 B
LocalService => 66440 B
NetworkService => 66228 B
ets => 154704508 B

RecycleBin => 0 B
EmptyTemp: => 478.8 MB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 00:09:13 ====

Ghostwriter · Příspěvekod **Ghostwriter** » 05 říj 2016 00:16

Při instalaci Javy:
Java 8 requires a newer version of Windows. You may continue with the installation, but for Java to work as specified we recommend upgrading your computer's operating system.

Přesto jsem nainstaloval, snad ok.

co je v těch složkách?

C:\ppp
- mnou vytvořená složka plná filmů, zde je vše ok tím jsem si jist

C:\WINDOWS\system32\xaa
- není složka ale soubor - bez přípony a o velikosti 3 bajtů

C:\WINDOWS\system32\last.dump
- taky soubor - 0 bajtů

C:\Documents and Settings\ets\Data aplikací\setup1
- tato složka obsahuje dva soubory: msvcp120.dll a msvcr120.dll

Příspěvekod **jaro3** » 05 říj 2016 09:44

https://www.java.com/en/download/faq/winxp.xml
javu 8 už na xp nedostaneš.

C:\WINDOWS\system32\xaa
C:\WINDOWS\system32\last.dump
C:\Documents and Settings\ets\Data aplikací\setup1--- oba soubory
Dej na virustotal.

Ghostwriter · Příspěvekod **Ghostwriter** » 06 říj 2016 20:34

https://www.virustotal.com/cs/file/4f8b ... 475778291/
https://www.virustotal.com/cs/file/e3b0 ... 475778344/
https://www.virustotal.com/cs/file/87c4 ... 475778702/
https://www.virustotal.com/cs/file/86e3 ... 475778763/

prosím o kontrolu - pomalý firefox Vyřešeno

Re: prosím o kontrolu - pomalý firefox

Re: prosím o kontrolu - pomalý firefox

Re: prosím o kontrolu - pomalý firefox

Re: prosím o kontrolu - pomalý firefox

Re: prosím o kontrolu - pomalý firefox

Re: prosím o kontrolu - pomalý firefox

Re: prosím o kontrolu - pomalý firefox

Re: prosím o kontrolu - pomalý firefox

Re: prosím o kontrolu - pomalý firefox

Re: prosím o kontrolu - pomalý firefox

Re: prosím o kontrolu - pomalý firefox

Re: prosím o kontrolu - pomalý firefox

Kdo je online