Poprosim o kontrolu notebooku

[bondasko]

Zdravim Vas. Poprosil by som, ci by ste mi mohli skontrolovat notebook. Vdaka

RSIT:
info:

Kód: Vybrat vše

https://www.dropbox.com/s/y7qyboo5aphy55c/info.txt?dl=0

log:

Kód: Vybrat vše

https://www.dropbox.com/s/wgkx7os0ymiq1ik/log.txt?dl=0

FRST:
frst:

Kód: Vybrat vše

https://www.dropbox.com/s/v51fbf3z2f9is2e/FRST.txt?dl=0

addition:

Kód: Vybrat vše

https://www.dropbox.com/s/9zs5oehjnbmjidy/Addition.txt?dl=0

dakujem velmi pekne za ochotu.

[Rudy]

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

[bondasko]

adwcleaner:

AdwCleaner[C1]:

Kód: Vybrat vše

https://www.dropbox.com/s/ah8jc9xwxkykqcp/AdwCleaner%5BC1%5D.txt?dl=0

AdwCleaner[S1]:

Kód: Vybrat vše

https://www.dropbox.com/s/syhnvfiusi7jmlh/AdwCleaner%5BS1%5D.txt?dl=0

Quarantine:

Kód: Vybrat vše

https://www.dropbox.com/s/e690dt459tsjtzw/Quarantine.log?dl=0

[Rudy]

Dejte nový log FRST (ten by měl stačit).

[bondasko]

FRST:

Kód: Vybrat vše

https://www.dropbox.com/s/po6msy50jjg9cns/FRST3.txt?dl=0

addition:

Kód: Vybrat vše

https://www.dropbox.com/s/i7gtzo17foxrmqn/Addition3.txt?dl=0

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
FF Extension: No Name - C:\Users\bondasko\AppData\Roaming\Mozilla\Firefox\Profiles\h2l35d9o.default\extensions\defsearchp@gmail.com [not found]
FF Extension: No Name - C:\Users\bondasko\AppData\Roaming\Mozilla\Firefox\Profiles\h2l35d9o.default\extensions\deskCutv2@gmail.com [not found]
S2 fimevebo; C:\Program Files (x86)\819D047B-1440506447-CB11-90B6-B2FB8E09A629\hnsuAF3F.tmp [X]
S2 jimocoso; C:\Program Files (x86)\819D047B-1440506447-CB11-90B6-B2FB8E09A629\jnsq9963.tmp [X]
S2 xinovudi; C:\Program Files (x86)\819D047B-1440506447-CB11-90B6-B2FB8E09A629\knsv8102.tmpfs [X]
C:\Users\bondasko\AppData\Local\nso404A.tmp
C:\Users\bondasko\AppData\Local\nsxA407.tmp
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
C:\Users\bondasko\AppData\Local\Temp
AlternateDataStreams: C:\ProgramData\TEMP:56E2E879
Task: {9F3FA812-166D-47B9-A065-88D347D31E0D} - System32\Tasks\AAquuNZ7PyS2HNfNVE0amH9mqG => C:\Users\bondasko\AppData\Roaming\AAquuNZ7PyS2HNfNVE0amH9mqG.exe [2015-04-20] () <==== ATTENTION
Task: {FC61B732-8B97-4A59-B641-2FDD11C2FDAB} - System32\Tasks\pXGVd1unAj2OsydjT => C:\Users\bondasko\AppData\Roaming\pXGVd1unAj2OsydjT.exe [2015-04-20] () <==== ATTENTION
Task: C:\Windows\Tasks\AAquuNZ7PyS2HNfNVE0amH9mqG.job => C:\Users\bondasko\AppData\Roaming\AAquuNZ7PyS2HNfNVE0amH9mqG.exe <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\cbmZhCcevraY.job => C:\Users\bondasko\AppData\Roaming\cbmZhCcevraY.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\hSFwAtHW9Pveg4J8.job => C:\Users\bondasko\AppData\Roaming\hSFwAtHW9Pveg4J8.exe <==== ATTENTION
Task: C:\Windows\Tasks\pXGVd1unAj2OsydjT.job => C:\Users\bondasko\AppData\Roaming\pXGVd1unAj2OsydjT.exe <==== ATTENTION
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[bondasko]

Fix result of Farbar Recovery Scan Tool (x64) Version:24-08-2015
Ran by bondasko (2015-08-25 23:07:25) Run:1
Running from C:\Users\bondasko\Desktop
Loaded Profiles: bondasko (Available Profiles: bondasko)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
FF Extension: No Name - C:\Users\bondasko\AppData\Roaming\Mozilla\Firefox\Profiles\h2l35d9o.default\extensions\defsearchp@gmail.com [not found]
FF Extension: No Name - C:\Users\bondasko\AppData\Roaming\Mozilla\Firefox\Profiles\h2l35d9o.default\extensions\deskCutv2@gmail.com [not found]
S2 fimevebo; C:\Program Files (x86)\819D047B-1440506447-CB11-90B6-B2FB8E09A629\hnsuAF3F.tmp [X]
S2 jimocoso; C:\Program Files (x86)\819D047B-1440506447-CB11-90B6-B2FB8E09A629\jnsq9963.tmp [X]
S2 xinovudi; C:\Program Files (x86)\819D047B-1440506447-CB11-90B6-B2FB8E09A629\knsv8102.tmpfs [X]
C:\Users\bondasko\AppData\Local\nso404A.tmp
C:\Users\bondasko\AppData\Local\nsxA407.tmp
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
C:\Users\bondasko\AppData\Local\Temp
AlternateDataStreams: C:\ProgramData\TEMP:56E2E879
Task: {9F3FA812-166D-47B9-A065-88D347D31E0D} - System32\Tasks\AAquuNZ7PyS2HNfNVE0amH9mqG => C:\Users\bondasko\AppData\Roaming\AAquuNZ7PyS2HNfNVE0amH9mqG.exe [2015-04-20] () <==== ATTENTION
Task: {FC61B732-8B97-4A59-B641-2FDD11C2FDAB} - System32\Tasks\pXGVd1unAj2OsydjT => C:\Users\bondasko\AppData\Roaming\pXGVd1unAj2OsydjT.exe [2015-04-20] () <==== ATTENTION
Task: C:\Windows\Tasks\AAquuNZ7PyS2HNfNVE0amH9mqG.job => C:\Users\bondasko\AppData\Roaming\AAquuNZ7PyS2HNfNVE0amH9mqG.exe <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\cbmZhCcevraY.job => C:\Users\bondasko\AppData\Roaming\cbmZhCcevraY.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\hSFwAtHW9Pveg4J8.job => C:\Users\bondasko\AppData\Roaming\hSFwAtHW9Pveg4J8.exe <==== ATTENTION
Task: C:\Windows\Tasks\pXGVd1unAj2OsydjT.job => C:\Users\bondasko\AppData\Roaming\pXGVd1unAj2OsydjT.exe <==== ATTENTION
End
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
C:\Users\bondasko\AppData\Roaming\Mozilla\Firefox\Profiles\h2l35d9o.default\extensions\defsearchp@gmail.com => path removed successfullyC:\Users\bondasko\AppData\Roaming\Mozilla\Firefox\Profiles\h2l35d9o.default\extensions\deskCutv2@gmail.com => path removed successfullyfimevebo => service removed successfully
jimocoso => service removed successfully
xinovudi => service removed successfully
C:\Users\bondasko\AppData\Local\nso404A.tmp => moved successfully
C:\Users\bondasko\AppData\Local\nsxA407.tmp => moved successfully
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat => moved successfully
C:\Users\bondasko\AppData\Local\Temp => moved successfully
C:\ProgramData\TEMP => ":56E2E879" ADS removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9F3FA812-166D-47B9-A065-88D347D31E0D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9F3FA812-166D-47B9-A065-88D347D31E0D}" => key removed successfully
C:\Windows\System32\Tasks\AAquuNZ7PyS2HNfNVE0amH9mqG => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AAquuNZ7PyS2HNfNVE0amH9mqG" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{FC61B732-8B97-4A59-B641-2FDD11C2FDAB}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FC61B732-8B97-4A59-B641-2FDD11C2FDAB}" => key removed successfully
C:\Windows\System32\Tasks\pXGVd1unAj2OsydjT => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\pXGVd1unAj2OsydjT" => key removed successfully
C:\Windows\Tasks\AAquuNZ7PyS2HNfNVE0amH9mqG.job => moved successfully
C:\Windows\Tasks\Adobe Flash Player Updater.job => moved successfully
C:\Windows\Tasks\cbmZhCcevraY.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\Windows\Tasks\hSFwAtHW9Pveg4J8.job => moved successfully
C:\Windows\Tasks\pXGVd1unAj2OsydjT.job => moved successfully

==== End of Fixlog 23:07:29 ====

[Rudy]

Smazáno. NB by již měl být čistý.

[bondasko]

dakujem, mozte lock

[Rudy]

Nemáte zač!

[bondasko]

Dakujem velmi pekne za odomknutie a aj za dalsiu kontrolu

RSIT:
- log:

Kód: Vybrat vše

https://www.dropbox.com/s/wgkx7os0ymiq1ik/log.txt?dl=0

- info:

Kód: Vybrat vše

https://www.dropbox.com/s/y7qyboo5aphy55c/info.txt?dl=0

[Rudy]

Jde jen o kontrolu, nebo máte nějaký problém?

[bondasko]

Kontrola, dnes preinstalovany system a nanovo nainstalovane programy. Ja len ci tam nie su nastavene (zapnute) nejake blbosti, ktore tam nemusia byt, popripade ci je vsetko ok.

[Rudy]

Jj. Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.

[bondasko]

RSIT:
- info:

Kód: Vybrat vše

https://www.dropbox.com/s/m3liqm48dqu79se/info2.txt?dl=0

- log:

Kód: Vybrat vše

https://www.dropbox.com/s/11yilorij0f8hm4/log2.txt?dl=0