Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Kontrola logu u zasekaného počítače.

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
Chalon
Návštěvník
Návštěvník
Příspěvky: 17
Registrován: 02 čer 2014 06:25

Kontrola logu u zasekaného počítače.

#1 Příspěvek od Chalon »

Dobrý den, chtěl bych poprosit o kontrolu logu u našeho společného počítače, který, bohužel, nebyl příliš udržovaný (Když to neudělám já, tak prostě nikdo). Počítač, se mi zdá, je docela zasekaný, proto žádám o kotrolu logu.

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:11-06-2014
Ran by Loprim (administrator) on LOPRIMUS on 11-06-2014 09:54:09
Running from C:\Documents and Settings\Loprim\Dokumenty\Stažené soubory
Platform: Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: Czech
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(VIA Technologies, Inc.) C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
() C:\Program Files\DivX\DivX Update\DivXUpdate.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
() C:\WINDOWS\system32\PnkBstrA.exe
(Skype Technologies S.A.) C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
() D:\Rust.Client.v25.02.2014\rust.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [HDAudDeck] => C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe [29831168 2008-05-14] (VIA Technologies, Inc.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3890208 2014-06-06] (AVAST Software)
HKLM\...\Run: [MSWinHost] => C:\WINDOWS\inf\issc.vbe [2334 2013-11-30] ()
HKLM\...\Run: [seznam-listicka-distribuce] => C:\Program Files\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM\...\Run: [DivXMediaServer] => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [450560 2014-02-14] (DivX, LLC)
HKLM\...\Run: [DivXUpdate] => C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [NvCplDaemon] => C:\WINDOWS\system32\NvCpl.dll [15714592 2014-03-04] (NVIDIA Corporation)
HKLM\...\Run: [NvMediaCenter] => C:\WINDOWS\system32\NvMCTray.dll [375128 2014-03-04] (NVIDIA Corporation)
HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2593056 2014-03-04] ()
HKLM\...\Run: [KernelFaultCheck] => %systemroot%\system32\dumprep 0 -k
HKU\S-1-5-21-746137067-1682526488-682003330-1004\...\Run: [Pando Media Booster] => C:\Program Files\Pando Networks\Media Booster\PMB.exe [4270640 2013-03-23] ()
HKU\S-1-5-21-746137067-1682526488-682003330-1004\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKU\S-1-5-21-746137067-1682526488-682003330-1004\...\Run: [cz.seznam.software.autoupdate] => C:\Documents and Settings\Loprim\Data aplikací\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-746137067-1682526488-682003330-1004\...\Run: [cz.seznam.software.szndesktop] => C:\Documents and Settings\Loprim\Data aplikací\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\S-1-5-21-746137067-1682526488-682003330-1004\...\MountPoints2: {a9c4995c-a848-11e2-af57-002215d35de3} - K:\autorun.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [113024 2011-07-19] (SuperAdBlocker.com)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Loprim\Data aplikací\Mozilla\Firefox\Profiles\k16qsrde.default
FF DefaultSearchEngine: Google
FF Homepage: hxxp://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\WINDOWS\system32\Adobe\Director\np32dsw_1211151.dll (Adobe Systems, Inc.)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @live.heroesandgenerals.com/npretox - D:\H&G\Heroes & Generals\live\npretoxlive.dll (Reto-Moto ApS)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Documents and Settings\Loprim\Local Settings\Data aplikací\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\mapy-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Seznam lištička - C:\Documents and Settings\Loprim\Data aplikací\Mozilla\Firefox\Profiles\k16qsrde.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2014-06-04]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-05-10]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-05-10]
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-02-10]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-02-10]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []

Chrome:
=======
CHR HomePage: hxxp://www.seznam.cz/?clid=16194
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\35.0.1916.114\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\35.0.1916.114\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Unity Player) - C:\Documents and Settings\Loprim\Local Settings\Data aplikací\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U17) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Pando Web Plugin) - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CHR Plugin: (Shockwave for Director) - C:\WINDOWS\system32\Adobe\Director\np32dsw_1168638.dll No File
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_169.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.170.2) - C:\WINDOWS\system32\npDeployJava1.dll No File
CHR Plugin: (Heroes & Generals live) - D:\H&G\Heroes & Generals\live\npretoxlive.dll (Reto-Moto ApS)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File
CHR Extension: (Seznam Lištička - Email) - C:\Documents and Settings\Loprim\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2014-02-08]
CHR Extension: (Seznam Lištička - Slovník) - C:\Documents and Settings\Loprim\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2014-02-08]
CHR Extension: (avast! Online Security) - C:\Documents and Settings\Loprim\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-09-14]
CHR Extension: (Skype Click to Call) - C:\Documents and Settings\Loprim\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-11-19]
CHR Extension: (Peněženka Google) - C:\Documents and Settings\Loprim\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Documents and Settings\Loprim\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2014-02-08]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-10-09]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

========================== Services (Whitelisted) =================

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [116608 2012-07-11] (SUPERAntiSpyware.com) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-05-03] (AVAST Software)
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-04-14] (Oracle Corporation)
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76888 2013-09-21] ()
R2 Skype C2C Service; C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3275136 2013-10-09] (Skype Technologies S.A.)

==================== Drivers (Whitelisted) ====================

R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24184 2014-05-03] ()
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [26136 2014-04-10] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [67824 2014-05-03] (AVAST Software)
R1 AswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [54832 2014-05-15] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2014-05-03] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [777488 2014-05-15] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [411680 2014-05-15] (AVAST Software)
R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57672 2014-05-03] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [180632 2014-05-03] ()
R1 dtsoftbus01; C:\WINDOWS\System32\DRIVERS\dtsoftbus01.sys [242240 2013-04-18] (DT Soft Ltd)
R3 monfilt; C:\WINDOWS\System32\drivers\monfilt.sys [1389056 2008-02-14] (Creative Technology Ltd.)
R3 NVENETFD; C:\WINDOWS\System32\DRIVERS\NVENETFD.sys [54400 2008-03-25] (NVIDIA Corporation)
R3 nvnetbus; C:\WINDOWS\System32\DRIVERS\nvnetbus.sys [22016 2008-03-25] (NVIDIA Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 VIAHdAudAddService; C:\WINDOWS\System32\drivers\viahduaa.sys [238080 2008-05-08] (VIA Technologies, Inc.)
S4 IntelIde; No ImagePath
U1 WS2IFSL;

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-11 09:54 - 2014-06-11 09:54 - 00000000 ____D () C:\FRST
2014-06-10 20:09 - 2014-06-10 20:09 - 00090112 _____ () C:\WINDOWS\Minidump\Mini061014-02.dmp
2014-06-10 20:04 - 2014-06-10 20:04 - 00000000 ___SH () C:\Documents and Settings\Loprim\Local Settings\Data aplikací\LumaEmu
2014-06-10 20:04 - 2014-06-10 20:04 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\LumaEmu_SteamCloud
2014-06-10 20:03 - 2014-06-10 20:09 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\Package Cache
2014-06-10 19:58 - 2014-06-10 19:58 - 00000523 _____ () C:\Documents and Settings\Loprim\Plocha\Zástupce - rust.exe.lnk
2014-06-10 16:45 - 2014-06-10 16:45 - 00090112 _____ () C:\WINDOWS\Minidump\Mini061014-01.dmp
2014-06-09 15:53 - 2014-06-09 15:53 - 00090112 _____ () C:\WINDOWS\Minidump\Mini060914-02.dmp
2014-06-09 11:16 - 2014-06-09 11:16 - 00090112 _____ () C:\WINDOWS\Minidump\Mini060914-01.dmp
2014-06-08 20:29 - 2014-06-08 20:29 - 00090112 _____ () C:\WINDOWS\Minidump\Mini060814-02.dmp
2014-06-08 14:10 - 2014-06-08 14:10 - 00003536 _____ () C:\Documents and Settings\Loprim\Local Settings\Data aplikací\recently-used.xbel
2014-06-08 13:42 - 2014-06-08 13:42 - 00090112 _____ () C:\WINDOWS\Minidump\Mini060814-01.dmp
2014-06-08 13:07 - 2014-06-09 21:06 - 00000000 ____D () C:\Documents and Settings\Loprim\Plocha\Nová složka
2014-06-08 13:07 - 2014-06-08 13:16 - 00001829 _____ () C:\Documents and Settings\Loprim\Plocha\stránka.html
2014-06-07 16:51 - 2014-06-07 16:50 - 00090112 _____ () C:\WINDOWS\Minidump\Mini060714-02.dmp
2014-06-07 00:06 - 2014-06-07 00:06 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-06-07 00:04 - 2014-06-07 00:04 - 00090112 _____ () C:\WINDOWS\Minidump\Mini060714-01.dmp
2014-06-06 17:32 - 2014-06-06 17:32 - 00090112 _____ () C:\WINDOWS\Minidump\Mini060614-01.dmp
2014-06-05 17:56 - 2014-06-05 17:56 - 00090112 _____ () C:\WINDOWS\Minidump\Mini060514-02.dmp
2014-06-05 15:41 - 2014-06-05 15:41 - 00090112 _____ () C:\WINDOWS\Minidump\Mini060514-01.dmp
2014-06-04 18:33 - 2014-06-04 18:33 - 00090112 _____ () C:\WINDOWS\Minidump\Mini060414-01.dmp
2014-06-03 18:48 - 2014-06-06 20:57 - 00000070 _____ () C:\Documents and Settings\Loprim\Plocha\Nový objekt - Textový dokument.txt
2014-06-03 18:41 - 2014-06-03 18:41 - 00090112 _____ () C:\WINDOWS\Minidump\Mini060314-01.dmp
2014-06-02 18:44 - 2014-06-02 18:44 - 00090112 _____ () C:\WINDOWS\Minidump\Mini060214-01.dmp
2014-06-01 20:33 - 2014-06-01 20:33 - 00090112 _____ () C:\WINDOWS\Minidump\Mini060114-02.dmp
2014-06-01 15:29 - 2014-06-01 15:29 - 00090112 _____ () C:\WINDOWS\Minidump\Mini060114-01.dmp
2014-05-31 20:18 - 2014-05-31 20:18 - 00090112 _____ () C:\WINDOWS\Minidump\Mini053114-02.dmp
2014-05-31 10:31 - 2014-05-31 10:31 - 00090112 _____ () C:\WINDOWS\Minidump\Mini053114-01.dmp
2014-05-30 21:43 - 2014-05-30 21:43 - 00090112 _____ () C:\WINDOWS\Minidump\Mini053014-01.dmp
2014-05-29 19:22 - 2014-05-29 19:22 - 00090112 _____ () C:\WINDOWS\Minidump\Mini052914-02.dmp
2014-05-29 16:34 - 2014-05-29 16:34 - 00090112 _____ () C:\WINDOWS\Minidump\Mini052914-01.dmp
2014-05-27 14:58 - 2014-05-27 14:58 - 00090112 _____ () C:\WINDOWS\Minidump\Mini052714-01.dmp
2014-05-26 17:22 - 2014-05-26 17:22 - 00090112 _____ () C:\WINDOWS\Minidump\Mini052614-01.dmp
2014-05-22 13:42 - 2014-05-22 13:42 - 00090112 _____ () C:\WINDOWS\Minidump\Mini052214-01.dmp
2014-05-21 16:55 - 2014-05-21 16:55 - 00090112 _____ () C:\WINDOWS\Minidump\Mini052114-02.dmp
2014-05-21 09:06 - 2014-05-21 09:06 - 00090112 _____ () C:\WINDOWS\Minidump\Mini052114-01.dmp
2014-05-20 20:04 - 2014-05-20 20:04 - 00090112 _____ () C:\WINDOWS\Minidump\Mini052014-02.dmp
2014-05-20 10:34 - 2014-05-20 10:34 - 00090112 _____ () C:\WINDOWS\Minidump\Mini052014-01.dmp
2014-05-19 19:15 - 2014-05-19 19:15 - 00090112 _____ () C:\WINDOWS\Minidump\Mini051914-02.dmp
2014-05-19 14:01 - 2014-05-19 14:01 - 00090112 _____ () C:\WINDOWS\Minidump\Mini051914-01.dmp
2014-05-18 16:50 - 2014-05-18 16:49 - 00090112 _____ () C:\WINDOWS\Minidump\Mini051814-02.dmp
2014-05-18 12:51 - 2014-05-18 12:51 - 00090112 _____ () C:\WINDOWS\Minidump\Mini051814-01.dmp
2014-05-17 20:24 - 2014-05-17 20:24 - 00090112 _____ () C:\WINDOWS\Minidump\Mini051714-02.dmp
2014-05-17 16:51 - 2014-05-17 16:51 - 00090112 _____ () C:\WINDOWS\Minidump\Mini051714-01.dmp
2014-05-15 20:44 - 2014-05-15 20:44 - 00090112 _____ () C:\WINDOWS\Minidump\Mini051514-02.dmp
2014-05-15 18:01 - 2014-05-15 18:01 - 00090112 _____ () C:\WINDOWS\Minidump\Mini051514-01.dmp
2014-05-14 18:28 - 2014-05-14 18:28 - 00090112 _____ () C:\WINDOWS\Minidump\Mini051414-02.dmp
2014-05-14 13:35 - 2014-05-14 13:35 - 00090112 _____ () C:\WINDOWS\Minidump\Mini051414-01.dmp
2014-05-13 19:47 - 2014-05-13 19:47 - 00090112 _____ () C:\WINDOWS\Minidump\Mini051314-01.dmp
2014-05-13 05:02 - 2014-05-13 05:03 - 00000008 _____ () C:\Documents and Settings\Loprim\Plocha\WThunder heslo archib.txt

==================== One Month Modified Files and Folders =======

2014-06-11 09:54 - 2014-06-11 09:54 - 00000000 ____D () C:\FRST
2014-06-11 09:54 - 2013-01-23 18:01 - 00000000 ____D () C:\Documents and Settings\Loprim\Local Settings\Temp
2014-06-11 09:54 - 2002-01-01 01:06 - 00000000 ____D () C:\Documents and Settings\Loprim\Dokumenty\Stažené soubory
2014-06-11 09:52 - 2014-03-12 17:25 - 00011464 _____ () C:\WINDOWS\system32\nvAppTimestamps
2014-06-11 09:52 - 2013-02-15 20:11 - 00000000 ____D () C:\Documents and Settings\Loprim\Data aplikací\Skype
2014-06-11 09:48 - 2013-01-27 15:07 - 00000940 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-11 09:44 - 2014-03-25 17:47 - 00002283 _____ () C:\Documents and Settings\All Users\Plocha\Skype.lnk
2014-06-11 09:29 - 2013-05-15 20:26 - 00000914 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-06-11 09:15 - 2013-01-23 17:54 - 01464819 _____ () C:\WINDOWS\WindowsUpdate.log
2014-06-11 08:33 - 2013-03-23 18:33 - 00000000 ____D () C:\Documents and Settings\Loprim\Local Settings\Data aplikací\PMB Files
2014-06-11 08:33 - 2013-02-10 15:00 - 00000364 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job
2014-06-11 08:08 - 2014-02-05 18:49 - 00000000 ____D () C:\Documents and Settings\Loprim\Data aplikací\Seznam.cz
2014-06-11 08:02 - 2014-03-10 05:52 - 00000224 _____ () C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
2014-06-11 08:02 - 2013-01-27 15:07 - 00000936 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-11 08:02 - 2013-01-23 17:59 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-06-11 06:12 - 2013-01-23 18:01 - 00000178 ___SH () C:\Documents and Settings\Loprim\ntuser.ini
2014-06-11 06:12 - 2013-01-23 17:59 - 00032604 _____ () C:\WINDOWS\SchedLgU.Txt
2014-06-10 20:09 - 2014-06-10 20:09 - 00090112 _____ () C:\WINDOWS\Minidump\Mini061014-02.dmp
2014-06-10 20:09 - 2014-06-10 20:03 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\Package Cache
2014-06-10 20:09 - 2013-01-26 11:50 - 00000000 ____D () C:\WINDOWS\Minidump
2014-06-10 20:04 - 2014-06-10 20:04 - 00000000 ___SH () C:\Documents and Settings\Loprim\Local Settings\Data aplikací\LumaEmu
2014-06-10 20:04 - 2014-06-10 20:04 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\LumaEmu_SteamCloud
2014-06-10 20:04 - 2013-01-23 18:37 - 00000000 __RHD () C:\Documents and Settings\All Users\Data aplikací
2014-06-10 20:04 - 2013-01-23 18:01 - 00000000 ___HD () C:\Documents and Settings\Loprim\Local Settings\Data aplikací
2014-06-10 19:58 - 2014-06-10 19:58 - 00000523 _____ () C:\Documents and Settings\Loprim\Plocha\Zástupce - rust.exe.lnk
2014-06-10 19:58 - 2013-01-23 18:01 - 00000000 ____D () C:\Documents and Settings\Loprim\Plocha
2014-06-10 18:24 - 2013-01-25 16:33 - 00000000 ____D () C:\Documents and Settings\Loprim\Data aplikací\.minecraft
2014-06-10 18:03 - 2013-12-25 18:04 - 00000000 ____D () C:\Documents and Settings\Loprim\Data aplikací\Mc Titan FTB
2014-06-10 16:45 - 2014-06-10 16:45 - 00090112 _____ () C:\WINDOWS\Minidump\Mini061014-01.dmp
2014-06-10 09:41 - 2014-03-13 16:36 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-06-10 09:41 - 2014-03-13 16:36 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2014-06-09 21:06 - 2014-06-08 13:07 - 00000000 ____D () C:\Documents and Settings\Loprim\Plocha\Nová složka
2014-06-09 15:53 - 2014-06-09 15:53 - 00090112 _____ () C:\WINDOWS\Minidump\Mini060914-02.dmp
2014-06-09 11:16 - 2014-06-09 11:16 - 00090112 _____ () C:\WINDOWS\Minidump\Mini060914-01.dmp
2014-06-08 20:29 - 2014-06-08 20:29 - 00090112 _____ () C:\WINDOWS\Minidump\Mini060814-02.dmp
2014-06-08 15:00 - 2014-03-10 05:52 - 00000218 _____ () C:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
2014-06-08 14:11 - 2013-04-12 18:54 - 00000000 ____D () C:\Documents and Settings\Loprim\.gimp-2.8
2014-06-08 14:10 - 2014-06-08 14:10 - 00003536 _____ () C:\Documents and Settings\Loprim\Local Settings\Data aplikací\recently-used.xbel
2014-06-08 13:42 - 2014-06-08 13:42 - 00090112 _____ () C:\WINDOWS\Minidump\Mini060814-01.dmp
2014-06-08 13:16 - 2014-06-08 13:07 - 00001829 _____ () C:\Documents and Settings\Loprim\Plocha\stránka.html
2014-06-07 23:17 - 2013-01-23 18:01 - 00000000 ____D () C:\Documents and Settings\Loprim
2014-06-07 16:50 - 2014-06-07 16:51 - 00090112 _____ () C:\WINDOWS\Minidump\Mini060714-02.dmp
2014-06-07 15:20 - 2013-03-23 18:33 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\PMB Files
2014-06-07 00:06 - 2014-06-07 00:06 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-06-07 00:06 - 2013-02-15 20:11 - 00000000 ___RD () C:\Program Files\Skype
2014-06-07 00:06 - 2013-02-15 20:11 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\Skype
2014-06-07 00:04 - 2014-06-07 00:04 - 00090112 _____ () C:\WINDOWS\Minidump\Mini060714-01.dmp
2014-06-06 20:57 - 2014-06-03 18:48 - 00000070 _____ () C:\Documents and Settings\Loprim\Plocha\Nový objekt - Textový dokument.txt
2014-06-06 17:32 - 2014-06-06 17:32 - 00090112 _____ () C:\WINDOWS\Minidump\Mini060614-01.dmp
2014-06-05 17:56 - 2014-06-05 17:56 - 00090112 _____ () C:\WINDOWS\Minidump\Mini060514-02.dmp
2014-06-05 15:41 - 2014-06-05 15:41 - 00090112 _____ () C:\WINDOWS\Minidump\Mini060514-01.dmp
2014-06-04 18:33 - 2014-06-04 18:33 - 00090112 _____ () C:\WINDOWS\Minidump\Mini060414-01.dmp
2014-06-03 19:44 - 2014-05-11 19:12 - 00000000 ____D () C:\Documents and Settings\Loprim\Plocha\Nástroje mc
2014-06-03 18:41 - 2014-06-03 18:41 - 00090112 _____ () C:\WINDOWS\Minidump\Mini060314-01.dmp
2014-06-02 18:44 - 2014-06-02 18:44 - 00090112 _____ () C:\WINDOWS\Minidump\Mini060214-01.dmp
2014-06-02 17:41 - 2013-01-23 18:01 - 00000000 ___RD () C:\Documents and Settings\Loprim\Nabídka Start\Programy
2014-06-02 07:06 - 2013-02-08 14:32 - 00001324 _____ () C:\WINDOWS\system32\d3d9caps.dat
2014-06-01 20:33 - 2014-06-01 20:33 - 00090112 _____ () C:\WINDOWS\Minidump\Mini060114-02.dmp
2014-06-01 15:29 - 2014-06-01 15:29 - 00090112 _____ () C:\WINDOWS\Minidump\Mini060114-01.dmp
2014-05-31 20:18 - 2014-05-31 20:18 - 00090112 _____ () C:\WINDOWS\Minidump\Mini053114-02.dmp
2014-05-31 10:31 - 2014-05-31 10:31 - 00090112 _____ () C:\WINDOWS\Minidump\Mini053114-01.dmp
2014-05-30 21:43 - 2014-05-30 21:43 - 00090112 _____ () C:\WINDOWS\Minidump\Mini053014-01.dmp
2014-05-29 19:22 - 2014-05-29 19:22 - 00090112 _____ () C:\WINDOWS\Minidump\Mini052914-02.dmp
2014-05-29 16:34 - 2014-05-29 16:34 - 00090112 _____ () C:\WINDOWS\Minidump\Mini052914-01.dmp
2014-05-27 14:58 - 2014-05-27 14:58 - 00090112 _____ () C:\WINDOWS\Minidump\Mini052714-01.dmp
2014-05-26 17:22 - 2014-05-26 17:22 - 00090112 _____ () C:\WINDOWS\Minidump\Mini052614-01.dmp
2014-05-25 21:02 - 2008-04-14 14:00 - 00013646 _____ () C:\WINDOWS\system32\wpa.dbl
2014-05-23 04:50 - 2013-01-27 15:07 - 00001813 _____ () C:\Documents and Settings\All Users\Plocha\Google Chrome.lnk
2014-05-22 13:42 - 2014-05-22 13:42 - 00090112 _____ () C:\WINDOWS\Minidump\Mini052214-01.dmp
2014-05-21 20:53 - 2014-03-12 17:19 - 00062312 _____ () C:\WINDOWS\setupapi.log
2014-05-21 16:55 - 2014-05-21 16:55 - 00090112 _____ () C:\WINDOWS\Minidump\Mini052114-02.dmp
2014-05-21 09:06 - 2014-05-21 09:06 - 00090112 _____ () C:\WINDOWS\Minidump\Mini052114-01.dmp
2014-05-20 20:04 - 2014-05-20 20:04 - 00090112 _____ () C:\WINDOWS\Minidump\Mini052014-02.dmp
2014-05-20 11:36 - 2013-01-23 18:01 - 00000000 ___RD () C:\Documents and Settings\Loprim\Dokumenty\Obrázky
2014-05-20 10:34 - 2014-05-20 10:34 - 00090112 _____ () C:\WINDOWS\Minidump\Mini052014-01.dmp
2014-05-19 19:15 - 2014-05-19 19:15 - 00090112 _____ () C:\WINDOWS\Minidump\Mini051914-02.dmp
2014-05-19 14:01 - 2014-05-19 14:01 - 00090112 _____ () C:\WINDOWS\Minidump\Mini051914-01.dmp
2014-05-18 18:47 - 2013-06-22 13:30 - 00000000 ____D () C:\Documents and Settings\Loprim\Data aplikací\WorldPainter
2014-05-18 16:49 - 2014-05-18 16:50 - 00090112 _____ () C:\WINDOWS\Minidump\Mini051814-02.dmp
2014-05-18 12:51 - 2014-05-18 12:51 - 00090112 _____ () C:\WINDOWS\Minidump\Mini051814-01.dmp
2014-05-17 20:24 - 2014-05-17 20:24 - 00090112 _____ () C:\WINDOWS\Minidump\Mini051714-02.dmp
2014-05-17 16:51 - 2014-05-17 16:51 - 00090112 _____ () C:\WINDOWS\Minidump\Mini051714-01.dmp
2014-05-17 07:34 - 2013-04-01 07:56 - 00002347 _____ () C:\Documents and Settings\All Users\Nabídka Start\Programy\Adobe Reader X.lnk
2014-05-17 07:34 - 2013-01-23 18:37 - 00000000 ___RD () C:\Documents and Settings\All Users\Nabídka Start\Programy
2014-05-15 20:44 - 2014-05-15 20:44 - 00090112 _____ () C:\WINDOWS\Minidump\Mini051514-02.dmp
2014-05-15 18:01 - 2014-05-15 18:01 - 00090112 _____ () C:\WINDOWS\Minidump\Mini051514-01.dmp
2014-05-15 14:33 - 2013-02-10 15:00 - 00777488 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2014-05-15 14:33 - 2013-02-10 15:00 - 00411680 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2014-05-15 14:33 - 2013-02-10 15:00 - 00054832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswrdr.sys
2014-05-14 18:28 - 2014-05-14 18:28 - 00090112 _____ () C:\WINDOWS\Minidump\Mini051414-02.dmp
2014-05-14 13:35 - 2014-05-14 13:35 - 00090112 _____ () C:\WINDOWS\Minidump\Mini051414-01.dmp
2014-05-14 04:30 - 2014-01-08 05:55 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-05-14 04:30 - 2013-01-23 21:01 - 00692400 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-05-14 04:30 - 2013-01-23 21:01 - 00070832 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-05-14 04:27 - 2014-01-08 05:55 - 90547776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-05-13 19:47 - 2014-05-13 19:47 - 00090112 _____ () C:\WINDOWS\Minidump\Mini051314-01.dmp
2014-05-13 17:41 - 2013-03-23 20:11 - 00283032 _____ () C:\WINDOWS\system32\PnkBstrB.xtr
2014-05-13 17:41 - 2013-03-23 16:56 - 00140360 _____ () C:\WINDOWS\system32\Drivers\PnkBstrK.sys
2014-05-13 17:41 - 2013-03-23 16:55 - 00283032 _____ () C:\WINDOWS\system32\PnkBstrB.exe
2014-05-13 14:20 - 2013-03-23 16:55 - 00283032 _____ () C:\WINDOWS\system32\PnkBstrB.ex0
2014-05-13 05:03 - 2014-05-13 05:02 - 00000008 _____ () C:\Documents and Settings\Loprim\Plocha\WThunder heslo archib.txt
2014-05-12 14:51 - 2014-02-05 18:51 - 00000000 ____D () C:\Program Files\Mobogenie

Files to move or delete:
====================
C:\Documents and Settings\Loprim\worldpainter_1.6.0.exe
C:\Documents and Settings\Loprim\worldpainter_1.6.1.exe
C:\Documents and Settings\Loprim\worldpainter_1.6.5.exe
C:\Documents and Settings\Loprim\worldpainter_1.6.6.exe
C:\Documents and Settings\Loprim\worldpainter_1.6.7.exe


Some content of TEMP:
====================
C:\Documents and Settings\Loprim\Local Settings\Temp\APNStub.exe
C:\Documents and Settings\Loprim\Local Settings\Temp\AskSLib.dll
C:\Documents and Settings\Loprim\Local Settings\Temp\AutoRun.exe
C:\Documents and Settings\Loprim\Local Settings\Temp\AutoRunGUI.dll
C:\Documents and Settings\Loprim\Local Settings\Temp\DeltaTB.exe
C:\Documents and Settings\Loprim\Local Settings\Temp\eauninstall.exe
C:\Documents and Settings\Loprim\Local Settings\Temp\EReg2HWDetect.dll
C:\Documents and Settings\Loprim\Local Settings\Temp\i4jdel3.exe
C:\Documents and Settings\Loprim\Local Settings\Temp\im1yrjio.dll
C:\Documents and Settings\Loprim\Local Settings\Temp\jre-7u51-windows-i586-iftw.exe
C:\Documents and Settings\Loprim\Local Settings\Temp\jre-7u55-windows-i586-iftw.exe
C:\Documents and Settings\Loprim\Local Settings\Temp\listicka-partner-16194-1.1.8-offline.exe
C:\Documents and Settings\Loprim\Local Settings\Temp\OptimizerPro.exe
C:\Documents and Settings\Loprim\Local Settings\Temp\Quarantine.exe
C:\Documents and Settings\Loprim\Local Settings\Temp\RSPUpgradeInstaller.exe
C:\Documents and Settings\Loprim\Local Settings\Temp\setup_wm.exe
C:\Documents and Settings\Loprim\Local Settings\Temp\SHSetup.exe
C:\Documents and Settings\Loprim\Local Settings\Temp\swt-win32-3740.dll
C:\Documents and Settings\Loprim\Local Settings\Temp\The Battle for Middle-earth II_uninst.exe
C:\Documents and Settings\Loprim\Local Settings\Temp\uninst1.exe
C:\Documents and Settings\Loprim\Local Settings\Temp\Uninstall.exe


==================== Bamital & volsnap Check =================

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15655
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Kontrola logu u zasekaného počítače.

#2 Příspěvek od JaRon »

ahoj,
Tvorba fixlistu pro FRST

•Spustte poznamkovy blok (Start-spustit-notepad)
•Zkopirujte skript nize

Kód: Vybrat vše

Start
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
C:\Documents and Settings\Loprim\Local Settings\Temp\APNStub.exe
C:\Documents and Settings\Loprim\Local Settings\Temp\AskSLib.dll
C:\Documents and Settings\Loprim\Local Settings\Temp\AutoRun.exe
C:\Documents and Settings\Loprim\Local Settings\Temp\AutoRunGUI.dll
C:\Documents and Settings\Loprim\Local Settings\Temp\DeltaTB.exe
C:\Documents and Settings\Loprim\Local Settings\Temp\eauninstall.exe
C:\Documents and Settings\Loprim\Local Settings\Temp\EReg2HWDetect.dll
C:\Documents and Settings\Loprim\Local Settings\Temp\i4jdel3.exe
C:\Documents and Settings\Loprim\Local Settings\Temp\im1yrjio.dll
C:\Documents and Settings\Loprim\Local Settings\Temp\jre-7u51-windows-i586-iftw.exe
C:\Documents and Settings\Loprim\Local Settings\Temp\jre-7u55-windows-i586-iftw.exe
C:\Documents and Settings\Loprim\Local Settings\Temp\listicka-partner-16194-1.1.8-offline.exe
C:\Documents and Settings\Loprim\Local Settings\Temp\OptimizerPro.exe
C:\Documents and Settings\Loprim\Local Settings\Temp\Quarantine.exe
C:\Documents and Settings\Loprim\Local Settings\Temp\RSPUpgradeInstaller.exe
C:\Documents and Settings\Loprim\Local Settings\Temp\setup_wm.exe
C:\Documents and Settings\Loprim\Local Settings\Temp\SHSetup.exe
C:\Documents and Settings\Loprim\Local Settings\Temp\swt-win32-3740.dll
C:\Documents and Settings\Loprim\Local Settings\Temp\The Battle for Middle-earth II_uninst.exe
C:\Documents and Settings\Loprim\Local Settings\Temp\uninst1.exe
C:\Documents and Settings\Loprim\Local Settings\Temp\Uninstall.exe
HKLM\...\Run: [MSWinHost] => C:\WINDOWS\inf\issc.vbe [2334 2013-11-30] ()






Hosts:
CMD: shutdown /r /f /t 2
End
•Ulozte vytvoreny TXT jako fixlist.txt
•Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

•Kliknete na Fix
•Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

Chalon
Návštěvník
Návštěvník
Příspěvky: 17
Registrován: 02 čer 2014 06:25

Re: Kontrola logu u zasekaného počítače.

#3 Příspěvek od Chalon »

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version:11-06-2014
Ran by Loprim at 2014-06-11 12:12:50 Run:1
Running from C:\Documents and Settings\Loprim\Plocha
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
C:\Documents and Settings\Loprim\Local Settings\Temp\APNStub.exe
C:\Documents and Settings\Loprim\Local Settings\Temp\AskSLib.dll
C:\Documents and Settings\Loprim\Local Settings\Temp\AutoRun.exe
C:\Documents and Settings\Loprim\Local Settings\Temp\AutoRunGUI.dll
C:\Documents and Settings\Loprim\Local Settings\Temp\DeltaTB.exe
C:\Documents and Settings\Loprim\Local Settings\Temp\eauninstall.exe
C:\Documents and Settings\Loprim\Local Settings\Temp\EReg2HWDetect.dll
C:\Documents and Settings\Loprim\Local Settings\Temp\i4jdel3.exe
C:\Documents and Settings\Loprim\Local Settings\Temp\im1yrjio.dll
C:\Documents and Settings\Loprim\Local Settings\Temp\jre-7u51-windows-i586-iftw.exe
C:\Documents and Settings\Loprim\Local Settings\Temp\jre-7u55-windows-i586-iftw.exe
C:\Documents and Settings\Loprim\Local Settings\Temp\listicka-partner-16194-1.1.8-offline.exe
C:\Documents and Settings\Loprim\Local Settings\Temp\OptimizerPro.exe
C:\Documents and Settings\Loprim\Local Settings\Temp\Quarantine.exe
C:\Documents and Settings\Loprim\Local Settings\Temp\RSPUpgradeInstaller.exe
C:\Documents and Settings\Loprim\Local Settings\Temp\setup_wm.exe
C:\Documents and Settings\Loprim\Local Settings\Temp\SHSetup.exe
C:\Documents and Settings\Loprim\Local Settings\Temp\swt-win32-3740.dll
C:\Documents and Settings\Loprim\Local Settings\Temp\The Battle for Middle-earth II_uninst.exe
C:\Documents and Settings\Loprim\Local Settings\Temp\uninst1.exe
C:\Documents and Settings\Loprim\Local Settings\Temp\Uninstall.exe
HKLM\...\Run: [MSWinHost] => C:\WINDOWS\inf\issc.vbe [2334 2013-11-30] ()






Hosts:
CMD: shutdown /r /f /t 2
End
*****************

'HKLM\SOFTWARE\Policies\Google' => Key deleted successfully.
C:\Documents and Settings\Loprim\Local Settings\Temp\APNStub.exe => Moved successfully.
C:\Documents and Settings\Loprim\Local Settings\Temp\AskSLib.dll => Moved successfully.
C:\Documents and Settings\Loprim\Local Settings\Temp\AutoRun.exe => Moved successfully.
C:\Documents and Settings\Loprim\Local Settings\Temp\AutoRunGUI.dll => Moved successfully.
C:\Documents and Settings\Loprim\Local Settings\Temp\DeltaTB.exe => Moved successfully.
C:\Documents and Settings\Loprim\Local Settings\Temp\eauninstall.exe => Moved successfully.
C:\Documents and Settings\Loprim\Local Settings\Temp\EReg2HWDetect.dll => Moved successfully.
C:\Documents and Settings\Loprim\Local Settings\Temp\i4jdel3.exe => Moved successfully.
C:\Documents and Settings\Loprim\Local Settings\Temp\im1yrjio.dll => Moved successfully.
C:\Documents and Settings\Loprim\Local Settings\Temp\jre-7u51-windows-i586-iftw.exe => Moved successfully.
C:\Documents and Settings\Loprim\Local Settings\Temp\jre-7u55-windows-i586-iftw.exe => Moved successfully.
C:\Documents and Settings\Loprim\Local Settings\Temp\listicka-partner-16194-1.1.8-offline.exe => Moved successfully.
C:\Documents and Settings\Loprim\Local Settings\Temp\OptimizerPro.exe => Moved successfully.
C:\Documents and Settings\Loprim\Local Settings\Temp\Quarantine.exe => Moved successfully.
C:\Documents and Settings\Loprim\Local Settings\Temp\RSPUpgradeInstaller.exe => Moved successfully.
C:\Documents and Settings\Loprim\Local Settings\Temp\setup_wm.exe => Moved successfully.
C:\Documents and Settings\Loprim\Local Settings\Temp\SHSetup.exe => Moved successfully.
C:\Documents and Settings\Loprim\Local Settings\Temp\swt-win32-3740.dll => Moved successfully.
C:\Documents and Settings\Loprim\Local Settings\Temp\The Battle for Middle-earth II_uninst.exe => Moved successfully.
C:\Documents and Settings\Loprim\Local Settings\Temp\uninst1.exe => Moved successfully.
C:\Documents and Settings\Loprim\Local Settings\Temp\Uninstall.exe => Moved successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\MSWinHost => value deleted successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

========= shutdown /r /f /t 2 =========


========= End of CMD: =========


==== End of Fixlog ====

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15655
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Kontrola logu u zasekaného počítače.

#4 Příspěvek od JaRon »

prescanuj PC s MBAM - kompletna kontrola
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

Chalon
Návštěvník
Návštěvník
Příspěvky: 17
Registrován: 02 čer 2014 06:25

Re: Kontrola logu u zasekaného počítače.

#5 Příspěvek od Chalon »

Nastal prosblém, nejsem žádný odborník v IT, ale nejspíše to je velmi zlé... :cry:

Při instalaci MBAM vyskočilo:
http://leteckaposta.cz/621246421
Vždy po odkliknutí "OK", vyskočila další hláška.

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15655
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Kontrola logu u zasekaného počítače.

#6 Příspěvek od JaRon »

zachovaj pokoj, ak si stahoval novu verziu, tak stiahni v1.75 :James008:
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

Chalon
Návštěvník
Návštěvník
Příspěvky: 17
Registrován: 02 čer 2014 06:25

Re: Kontrola logu u zasekaného počítače.

#7 Příspěvek od Chalon »

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2014.06.11.03

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Loprim :: LOPRIMUS [administrátor]

Ochrana: Povolena

11.6.2014 13:21:36
MBAM-log-2014-06-11 (15-01-19).txt

Typ: Kompletní kontrola (C:\|D:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 457229
Uplynulý čas: 1 hodin, 39 minut, 13 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 3
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SETUP.EXE (PUP.Optional.Babylon.A) -> Nebyla provedena žádná instrukce.
HKCR\AmiBs.Installer (PUP.Optional.Amonetize.A) -> Nebyla provedena žádná instrukce.
HKCR\AmiBs.Installer.1 (PUP.Optional.Amonetize.A) -> Nebyla provedena žádná instrukce.

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 8
C:\Documents and Settings\Loprim\Data aplikací\SwvUpdater (PUP.Software.Updater) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Loprim\Local Settings\Temp\ct2832595 (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Loprim\Local Settings\Temp\ct2832595\xpi (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Loprim\Local Settings\Temp\ct2832595\xpi\defaults (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Loprim\Local Settings\Temp\ct2832595\xpi\defaults\preferences (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Loprim\Local Settings\Temp\ct3288691 (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Loprim\Data aplikací\newnext.me (PUP.Optional.NextLive.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Loprim\Data aplikací\newnext.me\cache (PUP.Optional.NextLive.A) -> Nebyla provedena žádná instrukce.

Nalezené soubory: 20
C:\Documents and Settings\Loprim\Dokumenty\Stažené soubory\tb_InnoGames_International.exe (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Loprim\Dokumenty\Stažené soubory\malwarebytes-anti-malware.exe (PUP.Optional.DownloadSponsor) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Loprim\Local Settings\Temp\che433.tmp (Trojan.RotBrow.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Loprim\Local Settings\Temp\nsl41A.tmp\DTLite.exe (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Loprim\Local Settings\Temp\CA738595-BAB0-7891-A686-3D4FB52769DE\Latest\BExternal.dll (PUP.Optional.Babylon.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Loprim\Local Settings\Temp\CA738595-BAB0-7891-A686-3D4FB52769DE\Latest\CrxInstaller.dll (PUP.Optional.Babylon.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Loprim\Local Settings\Temp\CA738595-BAB0-7891-A686-3D4FB52769DE\Latest\Setup.exe (PUP.Optional.Babylon.A) -> Nebyla provedena žádná instrukce.
C:\FRST\Quarantine\C\Documents and Settings\Loprim\Local Settings\Temp\DeltaTB.exe.xBAD (PUP.Optional.Delta.A) -> Nebyla provedena žádná instrukce.
C:\FRST\Quarantine\C\Documents and Settings\Loprim\Local Settings\Temp\OptimizerPro.exe.xBAD (PUP.Optional.OptimizePro.A) -> Nebyla provedena žádná instrukce.
D:\Hry\programy\ventrilo-2.1.4.exe (Trojan.Dropper) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Loprim\Data aplikací\SwvUpdater\Updater.xml (PUP.Software.Updater) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Loprim\Data aplikací\SwvUpdater\status.cfg (PUP.Software.Updater) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Loprim\Local Settings\Temp\ct2832595\conduit.xml (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Loprim\Local Settings\Temp\ct2832595\CT2832595.xpi (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Loprim\Local Settings\Temp\ct2832595\ddt.csf (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Loprim\Local Settings\Temp\ct2832595\xpi\install.rdf (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Loprim\Local Settings\Temp\ct2832595\xpi\defaults\preferences\defaults.js (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Loprim\Local Settings\Temp\ct3288691\ism.exe (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Loprim\Data aplikací\newnext.me\nengine.cookie (PUP.Optional.NextLive.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Loprim\Data aplikací\newnext.me\cache\spark.bin (PUP.Optional.NextLive.A) -> Nebyla provedena žádná instrukce.

(konec)

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15655
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Kontrola logu u zasekaného počítače.

#8 Příspěvek od JaRon »

ajajaaajaj > najdene nechaj zmazat v MBAM - restart
vycisti PC s ADWCleanerom - scan/clean
malo by to byt OK - zajtra pozriem :)
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

Chalon
Návštěvník
Návštěvník
Příspěvky: 17
Registrován: 02 čer 2014 06:25

Re: Kontrola logu u zasekaného počítače.

#9 Příspěvek od Chalon »

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2014.06.11.03

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Loprim :: LOPRIMUS [administrátor]

Ochrana: Povolena

11.6.2014 13:21:36
mbam-log-2014-06-11 (13-21-36).txt

Typ: Kompletní kontrola (C:\|D:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 457229
Uplynulý čas: 1 hodin, 39 minut, 13 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 3
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SETUP.EXE (PUP.Optional.Babylon.A) -> Přesun do karantény a smazání se zdařilo.
HKCR\AmiBs.Installer (PUP.Optional.Amonetize.A) -> Přesun do karantény a smazání se zdařilo.
HKCR\AmiBs.Installer.1 (PUP.Optional.Amonetize.A) -> Přesun do karantény a smazání se zdařilo.

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 8
C:\Documents and Settings\Loprim\Data aplikací\SwvUpdater (PUP.Software.Updater) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\Loprim\Local Settings\Temp\ct2832595 (PUP.Optional.Conduit.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\Loprim\Local Settings\Temp\ct2832595\xpi (PUP.Optional.Conduit.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\Loprim\Local Settings\Temp\ct2832595\xpi\defaults (PUP.Optional.Conduit.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\Loprim\Local Settings\Temp\ct2832595\xpi\defaults\preferences (PUP.Optional.Conduit.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\Loprim\Local Settings\Temp\ct3288691 (PUP.Optional.Conduit.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\Loprim\Data aplikací\newnext.me (PUP.Optional.NextLive.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\Loprim\Data aplikací\newnext.me\cache (PUP.Optional.NextLive.A) -> Přesun do karantény a smazání se zdařilo.

Nalezené soubory: 20
C:\Documents and Settings\Loprim\Dokumenty\Stažené soubory\tb_InnoGames_International.exe (PUP.Optional.Conduit.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\Loprim\Dokumenty\Stažené soubory\malwarebytes-anti-malware.exe (PUP.Optional.DownloadSponsor) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\Loprim\Local Settings\Temp\che433.tmp (Trojan.RotBrow.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\Loprim\Local Settings\Temp\nsl41A.tmp\DTLite.exe (PUP.Optional.OpenCandy) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\Loprim\Local Settings\Temp\CA738595-BAB0-7891-A686-3D4FB52769DE\Latest\BExternal.dll (PUP.Optional.Babylon.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\Loprim\Local Settings\Temp\CA738595-BAB0-7891-A686-3D4FB52769DE\Latest\CrxInstaller.dll (PUP.Optional.Babylon.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\Loprim\Local Settings\Temp\CA738595-BAB0-7891-A686-3D4FB52769DE\Latest\Setup.exe (PUP.Optional.Babylon.A) -> Přesun do karantény a smazání se zdařilo.
C:\FRST\Quarantine\C\Documents and Settings\Loprim\Local Settings\Temp\DeltaTB.exe.xBAD (PUP.Optional.Delta.A) -> Přesun do karantény a smazání se zdařilo.
C:\FRST\Quarantine\C\Documents and Settings\Loprim\Local Settings\Temp\OptimizerPro.exe.xBAD (PUP.Optional.OptimizePro.A) -> Přesun do karantény a smazání se zdařilo.
D:\Hry\programy\ventrilo-2.1.4.exe (Trojan.Dropper) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\Loprim\Data aplikací\SwvUpdater\Updater.xml (PUP.Software.Updater) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\Loprim\Data aplikací\SwvUpdater\status.cfg (PUP.Software.Updater) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\Loprim\Local Settings\Temp\ct2832595\conduit.xml (PUP.Optional.Conduit.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\Loprim\Local Settings\Temp\ct2832595\CT2832595.xpi (PUP.Optional.Conduit.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\Loprim\Local Settings\Temp\ct2832595\ddt.csf (PUP.Optional.Conduit.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\Loprim\Local Settings\Temp\ct2832595\xpi\install.rdf (PUP.Optional.Conduit.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\Loprim\Local Settings\Temp\ct2832595\xpi\defaults\preferences\defaults.js (PUP.Optional.Conduit.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\Loprim\Local Settings\Temp\ct3288691\ism.exe (PUP.Optional.Conduit.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\Loprim\Data aplikací\newnext.me\nengine.cookie (PUP.Optional.NextLive.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\Loprim\Data aplikací\newnext.me\cache\spark.bin (PUP.Optional.NextLive.A) -> Přesun do karantény a smazání se zdařilo.

(konec)

Chalon
Návštěvník
Návštěvník
Příspěvky: 17
Registrován: 02 čer 2014 06:25

Re: Kontrola logu u zasekaného počítače.

#10 Příspěvek od Chalon »

Po restartu PC vyskočila asi 16x hláška, že Windows byl obnoven po závažné chybě. (Když MBAM smazal ty viry).

Chalon
Návštěvník
Návštěvník
Příspěvky: 17
Registrován: 02 čer 2014 06:25

Re: Kontrola logu u zasekaného počítače.

#11 Příspěvek od Chalon »

Tady je log od ADW cleaneru:

# AdwCleaner v3.212 - Report created 11/06/2014 at 15:54:05
# Updated 05/06/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Loprim - LOPRIMUS
# Running from : C:\Documents and Settings\Loprim\Dokumenty\Stažené soubory\adwcleaner_3.212.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files\Mobogenie
Folder Deleted : C:\Documents and Settings\Loprim\Local Settings\Data aplikací\genienext
Folder Deleted : C:\Documents and Settings\Loprim\Local Settings\Data aplikací\Mobogenie
Folder Deleted : C:\DOCUME~1\Loprim\LOCALS~1\Temp\OCS
Folder Deleted : C:\Documents and Settings\Loprim\Nabídka Start\Programy\Mobogenie
Folder Deleted : C:\Documents and Settings\Loprim\Dokumenty\Mobogenie
File Deleted : C:\END
File Deleted : C:\Documents and Settings\Loprim\daemonprocess.txt

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd
Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D54C859C-6066-4F31-8FE0-2AAEDCAE67D7}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1C1356DA-1E98-4810-A9F6-18D89BD1C0C0}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\OCS
Key Deleted : HKLM\Software\DivX\Install\Setup\WizardLayout\ConduitToolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Mobogenie

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702


-\\ Mozilla Firefox v29.0.1 (cs)

[ File : C:\Documents and Settings\Loprim\Data aplikací\Mozilla\Firefox\Profiles\k16qsrde.default\prefs.js ]


-\\ Google Chrome v35.0.1916.114

[ File : C:\Documents and Settings\Loprim\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [1190 octets] - [03/12/2013 20:59:11]
AdwCleaner[R1].txt - [1157 octets] - [18/01/2014 19:40:12]
AdwCleaner[R2].txt - [2609 octets] - [11/06/2014 15:23:39]
AdwCleaner[R3].txt - [2728 octets] - [11/06/2014 15:50:13]
AdwCleaner[S0].txt - [1255 octets] - [03/12/2013 21:04:49]
AdwCleaner[S1].txt - [1221 octets] - [18/01/2014 19:43:05]
AdwCleaner[S2].txt - [376 octets] - [11/06/2014 15:25:32]
AdwCleaner[S3].txt - [2689 octets] - [11/06/2014 15:54:05]

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [2749 octets] ##########

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15655
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Kontrola logu u zasekaného počítače.

#12 Příspěvek od JaRon »

po AV stranke by to malo byt OK
lenze v logu vidno privela padov ,,,
zaloz novu temu v sekcii BSOD - vloz odkaz na spakovany adresar C:\WINDOWS\Minidump
aj link na tuto temu ,,, kolega sa Ti na to pozrie >> moze ist o problem ovladacov alebo HW
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

Chalon
Návštěvník
Návštěvník
Příspěvky: 17
Registrován: 02 čer 2014 06:25

Re: Kontrola logu u zasekaného počítače.

#13 Příspěvek od Chalon »

No je pravda, že tu skáčí celkem často "Modré smrti". JInak bude to vypadat asi hloupě, ale nikde nevidim žádnou sekci BSOD.

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15655
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Kontrola logu u zasekaného počítače.

#14 Příspěvek od JaRon »

FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

Zamčeno