Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prevence

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zpráva
Autor
Uživatelský avatar
PredyP
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 1227
Registrován: 24 kvě 2007 21:52
Bydliště: Východ Čech

Prevence

#1 Příspěvek od PredyP »

Dobrý den,
prosím o kontrolu počítače kamaráda.
# -------------------------------
# Malwarebytes AdwCleaner 7.2.1.1
# -------------------------------
# Build: 07-04-2018
# Database: 2018-07-04.1
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 07-15-2018
# Duration: 00:00:08
# OS: Windows 8.1
# Cleaned: 10
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Users\Pavel\AppData\Local\EASYPDFCOMBINETOOLTAB

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\EasyPDFCombineTooltab Uninstall Internet Explorer
Deleted HKCU\Software\EasyPDFCombine
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\staticimgfarm.com
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ak.staticimgfarm.com
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.srovnanicen.cz
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\srovnanicen.cz
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\hp.myway.com
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\easypdfcombine.dl.tb.ask.com
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ask.com

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2267 octets] - [15/07/2018 21:11:04]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prevence

#2 Příspěvek od Conder »

Ahoj :)

:arrow: Poprosim o obidva logy z FRST podla tohto navodu (FRST.txt a Addition.txt): https://forum.viry.cz/viewtopic.php?f=13&t=152707

:arrow: V pripade, ze sa FRSTLauncher nebude dat stiahnut alebo spustit, pouzi iba samotny FRST.

:arrow: Ak sa logy nezmestia do jedneho prispevku, zabal ich do archivu RAR alebo ZIP a posli ako prilohu.
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Uživatelský avatar
PredyP
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 1227
Registrován: 24 kvě 2007 21:52
Bydliště: Východ Čech

Re: Prevence

#3 Příspěvek od PredyP »

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 15.07.2018
Ran by Pavel (administrator) on PAVLŮV-KOMPÍK (17-07-2018 09:59:04)
Running from C:\Users\Pavel\Desktop
Loaded Profiles: Pavel (Available Profiles: Pavel)
Platform: Microsoft Windows 8.1 (Update) (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(forum.viry.cz) C:\Users\Pavel\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12021464 2000-01-01] (Realtek Semiconductor)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [641704 2012-11-16] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [AMD AVT] => Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files\AMD AVT\bin\kdbsync.exe" aml
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242904 2018-05-18] (AVAST Software)
HKU\S-1-5-21-887117582-2240712051-91899171-1001\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [27832264 2017-10-06] (Skype Technologies S.A.)
HKU\S-1-5-21-887117582-2240712051-91899171-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\avastSS.scr [53208 2016-09-08] (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{D3CB4232-3267-489E-8446-4199FC7B9F89}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\S-1-5-21-887117582-2240712051-91899171-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-887117582-2240712051-91899171-1001 -> 29ACE006699C01D631560CF655D3F05F URL = hxxp://www.mapy.cz/?sourceid=quicksearch_6826& ... earchTerms}
SearchScopes: HKU\S-1-5-21-887117582-2240712051-91899171-1001 -> 9E908B16D81540337E9A954EF3248A28 URL = hxxp://videa.seznam.cz/?q={searchTerms}
SearchScopes: HKU\S-1-5-21-887117582-2240712051-91899171-1001 -> F4E9ACFFD7739019355B4C917EA37DE3 URL = hxxp://www.zbozi.cz/?sourceid=quicksearch_6826&q={searchTerms}
SearchScopes: HKU\S-1-5-21-887117582-2240712051-91899171-1001 -> FD1019F2930E229692553F3C4A8BDC5C URL = hxxp://www.firmy.cz/phr/{searchTerms}
SearchScopes: HKU\S-1-5-21-887117582-2240712051-91899171-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-887117582-2240712051-91899171-1001 -> {52A3BFF1-ECF4-4EFB-9C92-C043B5AFC59A} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll [2017-02-25] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-02-25] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-887117582-2240712051-91899171-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File

FireFox:
========
FF ProfilePath: C:\Users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default [2016-01-17]
FF Homepage: Mozilla\Firefox\Profiles\nahd6ha2.default -> about:home
FF NewTab: Mozilla\Firefox\Profiles\nahd6ha2.default -> about:newtab
FF SearchPlugin: C:\Users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\searchplugins\firmy.cz-182409.xml [2015-08-09]
FF SearchPlugin: C:\Users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\searchplugins\mapy.cz-182409.xml [2015-08-09]
FF SearchPlugin: C:\Users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\searchplugins\seznam.cz-182409.xml [2015-08-09]
FF SearchPlugin: C:\Users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\searchplugins\videa.seznam.cz-182409.xml [2015-08-09]
FF SearchPlugin: C:\Users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\searchplugins\zbozi.cz-182409.xml [2015-08-09]
FF Plugin: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-02-25] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-02-25] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-19] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-19] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-06-29] (Adobe Systems Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxps://www.google.cz/
CHR StartupUrls: Default -> "hxxps://www.google.cz/"
CHR Profile: C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default [2018-07-05]
CHR Extension: (Prezentace) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-19]
CHR Extension: (Dokumenty) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-19]
CHR Extension: (Disk Google) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-05-27]
CHR Extension: (YouTube) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-05-27]
CHR Extension: (Tabulky) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-19]
CHR Extension: (Dokumenty Google offline) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-07-18]
CHR Extension: (Avast Online Security) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-04-29]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-12]
CHR Extension: (Gmail) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-05-27]
CHR Extension: (Chrome Media Router) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-07-05]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5963368 2018-05-18] (AVAST Software)
S2 avast; C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-04] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [317280 2018-05-18] (AVAST Software)
S3 avastm; C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-04] (AVAST Software)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [280872 2017-01-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103696 2017-01-12] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [167552 2018-07-17] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriverx.sys [188352 2018-07-17] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidshx.sys [164944 2018-07-17] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswblogx.sys [284328 2018-07-17] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbunivx.sys [57976 2018-07-17] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [189240 2018-07-17] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [42808 2018-07-17] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [133680 2018-07-17] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [101056 2018-07-17] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [71848 2018-07-17] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [784120 2018-07-17] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [393904 2018-07-17] (AVAST Software)
S2 aswStm; C:\Windows\System32\drivers\aswStm.sys [162704 2018-07-17] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [310784 2018-07-17] (AVAST Software)
S1 MpKsl2154706d; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Default\MpKsl2154706d.sys [29904 2015-01-28] () [File not signed]
S1 MpKsl253ff5c3; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Default\MpKsl253ff5c3.sys [29904 2015-01-28] () [File not signed]
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [38920 2017-02-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [231256 2017-01-12] (Microsoft Corporation)
S3 wdm_usb; C:\Windows\system32\DRIVERS\usb2ser.sys [128704 2016-08-16] (MBB)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [85336 2017-01-12] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-07-17 09:59 - 2018-07-17 09:59 - 000011997 _____ C:\Users\Pavel\Desktop\FRST.txt
2018-07-17 09:58 - 2018-07-17 09:59 - 000000000 ____D C:\FRST
2018-07-17 09:55 - 2018-07-17 09:56 - 000112640 _____ (forum.viry.cz) C:\Users\Pavel\Desktop\FRSTLauncher.exe
2018-07-17 09:53 - 2018-07-17 09:54 - 001773056 _____ (Farbar) C:\Users\Pavel\Desktop\FRST.exe
2018-07-17 09:26 - 2018-07-17 09:26 - 000321752 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2018-07-15 21:09 - 2018-07-15 21:09 - 007402192 _____ (Malwarebytes) C:\Users\Pavel\Desktop\adwcleaner_7.2.1.exe
2018-07-15 21:05 - 2018-07-15 21:05 - 019119064 _____ (Microsoft Corporation) C:\Users\Pavel\Desktop\MediaCreationTool1803.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-07-17 09:26 - 2018-01-06 10:12 - 000189240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2018-07-17 09:26 - 2017-11-17 15:57 - 000167552 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2018-07-17 09:26 - 2017-02-25 18:42 - 000284328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswblogx.sys
2018-07-17 09:26 - 2017-02-25 18:42 - 000188352 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriverx.sys
2018-07-17 09:26 - 2017-02-25 18:42 - 000164944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidshx.sys
2018-07-17 09:26 - 2017-02-25 18:42 - 000057976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbunivx.sys
2018-07-17 09:26 - 2015-01-28 21:56 - 000784120 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2018-07-17 09:26 - 2015-01-28 21:56 - 000393904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2018-07-17 09:26 - 2015-01-28 21:56 - 000310784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2018-07-17 09:26 - 2015-01-28 21:56 - 000162704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2018-07-17 09:26 - 2015-01-28 21:56 - 000133680 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2018-07-17 09:26 - 2015-01-28 21:56 - 000101056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2018-07-17 09:26 - 2015-01-28 21:56 - 000071848 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2018-07-17 09:26 - 2015-01-28 21:56 - 000042808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2018-07-17 09:23 - 2013-08-22 09:23 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-07-15 21:26 - 2017-07-15 10:05 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-07-15 21:12 - 2013-08-22 08:13 - 000262144 ___SH C:\Windows\system32\config\BBI
2018-07-15 21:11 - 2017-02-25 19:56 - 000000000 ____D C:\AdwCleaner
2018-07-15 21:11 - 2015-01-28 20:37 - 000000000 ____D C:\Users\Pavel
2018-07-15 21:05 - 2013-08-22 10:05 - 000000000 ____D C:\Windows\CbsTemp
2018-06-26 07:28 - 2016-04-16 13:48 - 000002190 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-06-26 07:17 - 2013-08-22 08:21 - 000000000 ____D C:\Windows\inf

==================== Files in the root of some directories =======

2015-12-24 09:24 - 2015-12-24 09:24 - 002770377 _____ (iBank) C:\Program Files\SSFK.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-03-10 21:36

==================== End of FRST.txt ============================



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:297.75 GB) (Free:259.66 GB) NTFS
Drive d: (KRAL_SUMAVY) (CDROM) (Total:3.53 GB) (Free:0 GB) UDF
\\?\Volume{005c4556-a71c-11e4-9715-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.34 GB) (Free:0.12 GB) NTFS

Available physical RAM: 1053.37 MB
Total physical RAM: 2047.24 MB
Percentage of memory in use: 48%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7/8/10) (Size: 298.1 GB) (Disk ID: 740E3337)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=297.7 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Pavel\Desktop" je 724 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 15.07.2018
Ran by Pavel (17-07-2018 09:59:56)
Running from C:\Users\Pavel\Desktop
Microsoft Windows 8.1 (Update) (X86) (2015-01-28 18:37:56)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-887117582-2240712051-91899171-500 - Administrator - Disabled)
Guest (S-1-5-21-887117582-2240712051-91899171-501 - Limited - Disabled)
Pavel (S-1-5-21-887117582-2240712051-91899171-1001 - Administrator - Enabled) => C:\Users\Pavel

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 18.011.20055 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{6D0F2ABB-E30F-9F89-6022-E3D581CB4155}) (Version: 8.0.877.0 - Advanced Micro Devices, Inc.)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 18.5.2342 - AVAST Software)
Avast Secure Browser (HKLM\...\Avast Secure Browser) (Version: 64.0.387.186 - AVAST Software)
Canon MG5100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5100_series) (Version: - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.27 - Piriform)
Defraggler (HKLM\...\Defraggler) (Version: 2.21 - Piriform)
Google Chrome (HKLM\...\Google Chrome) (Version: 67.0.3396.99 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
Java 8 Update 121 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Malwarebytes Anti-Malware verze 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
OpenOffice 4.1.1 (HKLM\...\{C560D6E7-E40A-435D-8B71-62CBCF1701B2}) (Version: 4.11.9775 - Apache Software Foundation)
Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.36.826.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7293 - Realtek Semiconductor Corp.)
Seznam prohlížeč (HKU\S-1-5-21-887117582-2240712051-91899171-1001\...\Seznam Browser) (Version: 4.4.3 - Seznam.cz a.s.)
Skype Click to Call (HKLM\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation)
Skype™ 7.40 (HKLM\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.151 - Skype Technologies S.A.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
WinRAR 5.20 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-05-18] (AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-05-18] (AVAST Software)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell.dll [2016-03-08] (Piriform Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-12-02] (Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-05-18] (AVAST Software)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll [2012-11-16] (Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-05-18] (AVAST Software)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell.dll [2016-03-08] (Piriform Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-12-02] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {040DB718-D947-4ED1-9B0E-8497724D5BF9} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_ERROR_HB => C:\Windows\system32\MRT.exe [2018-05-22] (Microsoft Corporation)
Task: {133297C3-5D84-4EA7-A0F8-0E2613A3929D} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2018-05-22] (Microsoft Corporation)
Task: {17233BE9-87E9-40B0-B003-AE9D2B92CBBE} - \Microsoft\Windows\SettingSync\BackupTask -> No File <==== ATTENTION
Task: {1B9EF3C1-CCB2-436E-A4D3-CDB04484D87F} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-04] (AVAST Software)
Task: {28C41F83-C3E5-43EB-AA8B-A00A70F16D51} - \Microsoft\Windows\TaskScheduler\Manual Maintenance -> No File <==== ATTENTION
Task: {2940CFA7-AC07-4129-9A39-A8F5D98C9936} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-03-21] (Adobe Systems Incorporated)
Task: {39696527-FC73-4677-8346-FDAA34F465AD} - \Microsoft\Windows\TaskScheduler\Maintenance Configurator -> No File <==== ATTENTION
Task: {3B57025D-79F7-498B-94CF-12AD890CD2D6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-04-16] (Google Inc.)
Task: {5A589102-DE2D-4CBD-89D1-25EC7C06BAEC} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {7444D1A9-721D-4062-AFBA-9AD59C3E0395} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-02-08] (Piriform Ltd)
Task: {88927B10-1389-4BFC-9324-198B48E6C1AE} - \Microsoft\Windows\Application Experience\AitAgent -> No File <==== ATTENTION
Task: {8CC0FDAD-8AE1-4255-97DD-C1BDD720BFFA} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-04] (AVAST Software)
Task: {A667C3D2-DA08-4C67-9767-A9F9C92159B8} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-07-17] (AVAST Software)
Task: {AC6B61F4-832B-486E-A255-F92EE4CB1A97} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-06-07] (AVAST Software)
Task: {BD7A3050-3669-48C1-A5A0-99677E2C626C} - \Microsoft\Windows\TaskScheduler\Idle Maintenance -> No File <==== ATTENTION
Task: {EE5599FD-33D4-4FBF-9B66-170FCBAA5396} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-04-16] (Google Inc.)
Task: {F78A431B-6C44-4B6D-BD3A-38F96C982E5B} - \Microsoft\Windows\TaskScheduler\Regular Maintenance -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2018-03-16 19:31 - 2018-03-16 19:31 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-05-18 10:58 - 2018-05-18 10:58 - 000482520 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-05-18 10:57 - 2018-05-18 10:57 - 000293592 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 08:13 - 2016-01-17 22:12 - 000000753 _____ C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-887117582-2240712051-91899171-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Pavel\AppData\Roaming\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\Run: => "AMD AVT"
HKLM\...\StartupApproved\Run: => "Adobe ARM"
HKLM\...\StartupApproved\Run: => "seznam-listicka-distribuce"
HKU\S-1-5-21-887117582-2240712051-91899171-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-887117582-2240712051-91899171-1001\...\StartupApproved\Run: => "cz.seznam.software.autoupdate"
HKU\S-1-5-21-887117582-2240712051-91899171-1001\...\StartupApproved\Run: => "cz.seznam.software.szndesktop"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{EAF2D1E2-C746-45CD-8C71-5D13350768C2}C:\program files\skype\phone\skype.exe] => (Allow) C:\program files\skype\phone\skype.exe
FirewallRules: [UDP Query User{4889CC6D-711D-4A01-86FB-6B23F1A4D1F0}C:\program files\skype\phone\skype.exe] => (Allow) C:\program files\skype\phone\skype.exe
FirewallRules: [TCP Query User{26B3027A-389F-47C7-8ABF-BFCE05F6FA80}C:\program files\skype\phone\skype.exe] => (Block) C:\program files\skype\phone\skype.exe
FirewallRules: [UDP Query User{D99DC922-3680-47A9-83EC-1AE0FC737C68}C:\program files\skype\phone\skype.exe] => (Block) C:\program files\skype\phone\skype.exe
FirewallRules: [{B33C5DA3-8B03-402E-8B1A-5C5A3197A064}] => (Allow) C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe
FirewallRules: [{D350F4DE-60B5-4221-BC3A-7FEA20AAF786}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{8EC0D986-4D9D-41AA-A787-E09D5FA96096}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{3D19A28F-1DF3-4E26-A1E6-54A6B989EB79}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe

==================== Restore Points =========================

19-02-2018 10:49:17 Windows Update
29-04-2018 17:24:49 Windows Update
22-05-2018 13:43:37 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/17/2018 09:33:20 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (07/15/2018 09:33:36 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (07/15/2018 09:09:42 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (07/08/2018 06:33:38 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (07/08/2018 05:33:36 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (07/08/2018 04:33:36 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (07/08/2018 03:33:37 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (07/08/2018 02:33:37 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.


System errors:
=============
Error: (07/15/2018 09:11:52 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Služba Windows Media Player Network Sharing závisí na službě Windows Search, která neuspěla při spuštění v důsledku následující chyby:
Služba nebyla spuštěna.

Error: (07/15/2018 09:11:22 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Adobe Acrobat Update Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (07/15/2018 09:11:22 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba AMD External Events Utility byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (07/15/2018 09:11:22 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (07/15/2018 09:11:22 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Instalační služba systému Windows byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.

Error: (07/15/2018 09:11:22 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Instalační služba modulů systému Windows byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.

Error: (07/15/2018 08:55:40 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (18:37:25, ‎8. ‎7. ‎2018) bylo neočekávané.

Error: (07/08/2018 02:00:30 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Ze vzdáleného koncového bodu byla přijata následující výstraha o závažné chybě. Kód výstrahy o závažné chybě definovaný protokolem TLS: 40


Windows Defender:
===================================
Date: 2016-09-10 14:03:54.038
Description:
Funkce Ochrana v reálném čase u prohledávání Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Systém kontroly sítě
Kód chyby: 0x80070002
Popis chyby: Systém nemůže nalézt uvedený soubor.
Důvod: Antimalwarová ochrana přestala z neznámých důvodů fungovat. V některých případech lze tento problém vyřešit restartováním služby.

Date: 2016-09-10 14:03:53.366
Description:
Funkce Ochrana v reálném čase u prohledávání Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Systém kontroly sítě
Kód chyby: 0x80070002
Popis chyby: Systém nemůže nalézt uvedený soubor.
Důvod: V systému chybí aktualizace potřebné ke spuštění systému kontroly sítě. Nainstalujte potřebné aktualizace a restartujte počítač.

Date: 2015-07-05 18:50:12.113
Description:
Funkce Ochrana v reálném čase u prohledávání Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Systém kontroly sítě
Kód chyby: 0x80070002
Popis chyby: Systém nemůže nalézt uvedený soubor.
Důvod: Antimalwarová ochrana přestala z neznámých důvodů fungovat. V některých případech lze tento problém vyřešit restartováním služby.

Date: 2015-07-05 18:41:45.373
Description:
Funkce Ochrana v reálném čase u prohledávání Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Systém kontroly sítě
Kód chyby: 0x80070002
Popis chyby: Systém nemůže nalézt uvedený soubor.
Důvod: V systému chybí aktualizace potřebné ke spuštění systému kontroly sítě. Nainstalujte potřebné aktualizace a restartujte počítač.

Date: 2015-06-02 17:37:14.020
Description:
Funkce Ochrana v reálném čase u prohledávání Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Systém kontroly sítě
Kód chyby: 0x80070002
Popis chyby: Systém nemůže nalézt uvedený soubor.
Důvod: Antimalwarová ochrana přestala z neznámých důvodů fungovat. V některých případech lze tento problém vyřešit restartováním služby.

CodeIntegrity:
===================================

Date: 2017-06-04 07:13:42.557
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\aticfx32.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-06-04 07:13:42.336
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\aticfx32.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-06-04 07:13:42.132
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\aticfx32.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-06-04 07:13:41.929
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\aticfx32.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-06-04 07:13:41.742
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\aticfx32.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-06-04 07:13:41.539
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\aticfx32.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-06-04 07:13:02.208
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\aticfx32.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-06-04 07:13:01.998
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\aticfx32.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel(R) Core(TM)2 Duo CPU E7400 @ 2.80GHz
Percentage of memory in use: 48%
Total physical RAM: 2047.24 MB
Available physical RAM: 1053.37 MB
Total Virtual: 2687.24 MB
Available Virtual: 1562.18 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:297.75 GB) (Free:259.66 GB) NTFS
Drive d: (KRAL_SUMAVY) (CDROM) (Total:3.53 GB) (Free:0 GB) UDF

\\?\Volume{005c4556-a71c-11e4-9715-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.34 GB) (Free:0.12 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 298.1 GB) (Disk ID: 740E3337)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=297.7 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prevence

#4 Příspěvek od Conder »

:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

    Kód: Vybrat vše

    Start
    CloseProcesses:
    CreateRestorePoint:
    
    File: C:\Program Files\SSFK.exe
    Folder: C:\Program Files\SSFK
    Folder: C:\Program Files (x86)\SSFK
    CMD: dir /a "C:\Program Files"
    CMD: dir /a "C:\Program Files (x86)"
    ExportKey: HKU\S-1-5-21-887117582-2240712051-91899171-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Seznam Browser
    
    SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    Toolbar: HKU\S-1-5-21-887117582-2240712051-91899171-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
    FF NewTab: Mozilla\Firefox\Profiles\nahd6ha2.default -> about:newtab
    2018-07-17 09:55 - 2018-07-17 09:56 - 000112640 _____ (forum.viry.cz) C:\Users\Pavel\Desktop\FRSTLauncher.exe
    2015-12-24 09:24 - 2015-12-24 09:24 - 002770377 _____ (iBank) C:\Program Files\SSFK.exe
    Task: {17233BE9-87E9-40B0-B003-AE9D2B92CBBE} - \Microsoft\Windows\SettingSync\BackupTask -> No File <==== ATTENTION
    Task: {28C41F83-C3E5-43EB-AA8B-A00A70F16D51} - \Microsoft\Windows\TaskScheduler\Manual Maintenance -> No File <==== ATTENTION
    Task: {39696527-FC73-4677-8346-FDAA34F465AD} - \Microsoft\Windows\TaskScheduler\Maintenance Configurator -> No File <==== ATTENTION
    Task: {88927B10-1389-4BFC-9324-198B48E6C1AE} - \Microsoft\Windows\Application Experience\AitAgent -> No File <==== ATTENTION
    Task: {BD7A3050-3669-48C1-A5A0-99677E2C626C} - \Microsoft\Windows\TaskScheduler\Idle Maintenance -> No File <==== ATTENTION
    Task: {F78A431B-6C44-4B6D-BD3A-38F96C982E5B} - \Microsoft\Windows\TaskScheduler\Regular Maintenance -> No File <==== ATTENTION
    HKLM\...\StartupApproved\Run: => "seznam-listicka-distribuce"
    HKU\S-1-5-21-887117582-2240712051-91899171-1001\...\StartupApproved\Run: => "cz.seznam.software.autoupdate"
    HKU\S-1-5-21-887117582-2240712051-91899171-1001\...\StartupApproved\Run: => "cz.seznam.software.szndesktop"
    
    Hosts:
    EmptyTemp:
    End
  • Uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
  • Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Uživatelský avatar
PredyP
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 1227
Registrován: 24 kvě 2007 21:52
Bydliště: Východ Čech

Re: Prevence

#5 Příspěvek od PredyP »

Fix result of Farbar Recovery Scan Tool (x86) Version: 18.07.2018
Ran by Pavel (18-07-2018 11:45:25) Run:1
Running from C:\Users\Pavel\Desktop
Loaded Profiles: Pavel (Available Profiles: Pavel)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

File: C:\Program Files\SSFK.exe
Folder: C:\Program Files\SSFK
Folder: C:\Program Files (x86)\SSFK
CMD: dir /a "C:\Program Files"
CMD: dir /a "C:\Program Files (x86)"
ExportKey: HKU\S-1-5-21-887117582-2240712051-91899171-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Seznam Browser

SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Toolbar: HKU\S-1-5-21-887117582-2240712051-91899171-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
FF NewTab: Mozilla\Firefox\Profiles\nahd6ha2.default -> about:newtab
2018-07-17 09:55 - 2018-07-17 09:56 - 000112640 _____ (forum.viry.cz) C:\Users\Pavel\Desktop\FRSTLauncher.exe
2015-12-24 09:24 - 2015-12-24 09:24 - 002770377 _____ (iBank) C:\Program Files\SSFK.exe
Task: {17233BE9-87E9-40B0-B003-AE9D2B92CBBE} - \Microsoft\Windows\SettingSync\BackupTask -> No File <==== ATTENTION
Task: {28C41F83-C3E5-43EB-AA8B-A00A70F16D51} - \Microsoft\Windows\TaskScheduler\Manual Maintenance -> No File <==== ATTENTION
Task: {39696527-FC73-4677-8346-FDAA34F465AD} - \Microsoft\Windows\TaskScheduler\Maintenance Configurator -> No File <==== ATTENTION
Task: {88927B10-1389-4BFC-9324-198B48E6C1AE} - \Microsoft\Windows\Application Experience\AitAgent -> No File <==== ATTENTION
Task: {BD7A3050-3669-48C1-A5A0-99677E2C626C} - \Microsoft\Windows\TaskScheduler\Idle Maintenance -> No File <==== ATTENTION
Task: {F78A431B-6C44-4B6D-BD3A-38F96C982E5B} - \Microsoft\Windows\TaskScheduler\Regular Maintenance -> No File <==== ATTENTION
HKLM\...\StartupApproved\Run: => "seznam-listicka-distribuce"
HKU\S-1-5-21-887117582-2240712051-91899171-1001\...\StartupApproved\Run: => "cz.seznam.software.autoupdate"
HKU\S-1-5-21-887117582-2240712051-91899171-1001\...\StartupApproved\Run: => "cz.seznam.software.szndesktop"

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========================= File: C:\Program Files\SSFK.exe ========================

C:\Program Files\SSFK.exe
File not signed
MD5: 943D5B95562E32AB925B84DFD3B17315
Creation and modification date: 2015-12-24 09:24 - 2015-12-24 09:24
Size: 002770377
Attributes: ----A
Company Name: iBank
Internal Name: iBank.exe
Original Name: iBank.exe
Product: iBank
Description: iBank
File Version: 6.6.0.22
Product Version: 6.6.0.22
Copyright: Copyright (C) iBank.com 2010
VirusTotal: https://www.virustotal.com/file/1d555fe ... 531353968/

====== End of File: ======


========================= Folder: C:\Program Files\SSFK ========================

not found.

====== End of Folder: ======


========================= Folder: C:\Program Files (x86)\SSFK ========================

not found.

====== End of Folder: ======


========= dir /a "C:\Program Files" =========

Volume in drive C has no label.
Volume Serial Number is F2EE-7A94

Directory of C:\Program Files

19. 05. 2018 18:18 <DIR> .
19. 05. 2018 18:18 <DIR> ..
15. 07. 2017 10:04 <DIR> Adobe
28. 01. 2015 21:46 <DIR> AMD APP
28. 01. 2015 21:46 <DIR> AMD AVT
28. 01. 2015 21:33 <DIR> ATI
18. 03. 2016 10:10 <DIR> ATI Technologies
04. 04. 2018 20:28 <DIR> AVAST Software
30. 01. 2015 17:50 <DIR> CanonBJ
28. 01. 2015 22:07 <DIR> CCleaner
06. 12. 2017 17:14 <DIR> Common Files
22. 07. 2016 14:27 <DIR> Defraggler
22. 08. 2013 10:16 174 desktop.ini
25. 02. 2017 23:23 <DIR> Google
28. 01. 2015 21:03 <DIR> InstallShield Installation Information
28. 01. 2015 20:56 <DIR> Intel
22. 05. 2018 17:00 <DIR> Internet Explorer
25. 02. 2017 20:12 <DIR> Java
29. 01. 2015 18:43 <DIR> Malwarebytes Anti-Malware
21. 06. 2017 15:17 <DIR> Microsoft Silverlight
22. 08. 2013 10:17 <DIR> Microsoft.NET
14. 02. 2015 10:07 <DIR> MSBuild
28. 01. 2015 22:44 <DIR> OpenOffice 4
18. 03. 2016 10:10 <DIR> Realtek
14. 02. 2015 10:07 <DIR> Reference Assemblies
05. 09. 2017 18:51 <DIR> Skype
24. 12. 2015 09:24 2˙770˙377 SSFK.exe
28. 01. 2015 21:06 <DIR> Temp
14. 01. 2018 17:42 <DIR> trend micro
22. 08. 2013 09:24 <DIR> Uninstall Information
23. 08. 2015 14:23 <DIR> VideoLAN
27. 04. 2017 21:07 <DIR> Windows Defender
29. 01. 2015 08:47 <DIR> Windows Mail
29. 01. 2015 08:47 <DIR> Windows Media Player
29. 01. 2015 08:47 <DIR> Windows Multimedia Platform
28. 01. 2015 20:35 <DIR> Windows NT
29. 01. 2015 08:47 <DIR> Windows Photo Viewer
29. 01. 2015 08:47 <DIR> Windows Portable Devices
22. 08. 2013 10:17 <DIR> Windows Sidebar
14. 01. 2018 15:55 <DIR> WindowsApps
29. 01. 2015 08:46 <DIR> WindowsPowerShell
29. 01. 2015 18:07 <DIR> WinRAR
2 File(s) 2˙770˙551 bytes
40 Dir(s) 278˙829˙142˙016 bytes free

========= End of CMD: =========


========= dir /a "C:\Program Files (x86)" =========

Volume in drive C has no label.
Volume Serial Number is F2EE-7A94

Directory of C:\

File Not Found

========= End of CMD: =========

================== ExportKey: ===================

[HKU\S-1-5-21-887117582-2240712051-91899171-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Seznam Browser]
"DisplayIcon"="C:\Users\Pavel\AppData\Roaming\Seznam Browser\Seznam.cz.exe,0"
"DisplayName"="Seznam prohlížeč"
"Publisher"="Seznam.cz a.s."
"QuietUninstallString"=""C:\Users\Pavel\AppData\Roaming\Seznam Browser\uninstall.exe" /S""
"UninstallString"=""C:\Users\Pavel\AppData\Roaming\Seznam Browser\uninstall.exe""
"EstimatedSize"="124102"
"NoModify"="1"
"NoRepair"="1"
"DisplayVersion"="4.4.3"
"URLUpdateInfo"="https://www.seznam.cz/prohlizec/historie-zmen"
"URLInfoAbout"="https://www.seznam.cz/prohlizec"
"HelpLink"="https://napoveda.seznam.cz/cz/aplikace/ ... mcz-pro-pc"

=== End of ExportKey ===
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => removed successfully.
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
"HKU\S-1-5-21-887117582-2240712051-91899171-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F}" => removed successfully.
HKLM\Software\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => not found
"Firefox newtab" => removed successfully.
"C:\Users\Pavel\Desktop\FRSTLauncher.exe" => not found
C:\Program Files\SSFK.exe => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{17233BE9-87E9-40B0-B003-AE9D2B92CBBE}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{17233BE9-87E9-40B0-B003-AE9D2B92CBBE}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\SettingSync\BackupTask" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{28C41F83-C3E5-43EB-AA8B-A00A70F16D51}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{28C41F83-C3E5-43EB-AA8B-A00A70F16D51}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\TaskScheduler\Manual Maintenance" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{39696527-FC73-4677-8346-FDAA34F465AD}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{39696527-FC73-4677-8346-FDAA34F465AD}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\TaskScheduler\Maintenance Configurator" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{88927B10-1389-4BFC-9324-198B48E6C1AE}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{88927B10-1389-4BFC-9324-198B48E6C1AE}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Application Experience\AitAgent" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BD7A3050-3669-48C1-A5A0-99677E2C626C}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BD7A3050-3669-48C1-A5A0-99677E2C626C}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\TaskScheduler\Idle Maintenance" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F78A431B-6C44-4B6D-BD3A-38F96C982E5B}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F78A431B-6C44-4B6D-BD3A-38F96C982E5B}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\TaskScheduler\Regular Maintenance" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\seznam-listicka-distribuce" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\seznam-listicka-distribuce" => not found
"HKU\S-1-5-21-887117582-2240712051-91899171-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\cz.seznam.software.autoupdate" => removed successfully.
"HKU\S-1-5-21-887117582-2240712051-91899171-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.autoupdate" => not found
"HKU\S-1-5-21-887117582-2240712051-91899171-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\cz.seznam.software.szndesktop" => removed successfully.
"HKU\S-1-5-21-887117582-2240712051-91899171-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.szndesktop" => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 12582912 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 67009817 B
Java, Flash, Steam htmlcache => 2638 B
Windows/system/drivers => 2686159 B
Edge => 0 B
Chrome => 732157801 B
Firefox => 0 B
Opera => 1068032 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
LocalService => 238918 B
NetworkService => 5840 B
Pavel => 1334861951 B

RecycleBin => 8215833 B
EmptyTemp: => 2 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 11:48:38 ====

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prevence

#6 Příspěvek od Conder »

:arrow: Vyzera to OK. Su s PC este nejake problemy?

:arrow: Odporucam doinstalovat vsetky dolezite aktualizacie cez Windows Update.

:arrow: Velikost slozky "C:\Users\Pavel\Desktop" je 724 MB.
  • Presun vsetky subory a zlozky z plochy do dokumentov a na ploche nechaj iba odkazy/zastupcov. Prilis velka velkost plochy moze sposobit spomalenie systemu.
:arrow: V PC je nainstalovana zastarala verzia Javy (Java 8 Update 121), odporucam odinstalovat. Ak Javu potrebujes, nainstaluj aktualnu verziu (momentalne Java 8 Update 171) z https://java.com/en/download/

:arrow: Ak nepotrebujes/nepouzivas Seznam Browser, odporucam tiez odinstalovat.

:arrow: Programy sa daju odinstalovat napr. cez Win+R -> "appwiz.cpl" -> enter.
Naposledy upravil(a) Conder dne 18 zář 2018 22:03, celkem upraveno 1 x.
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Uživatelský avatar
PredyP
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 1227
Registrován: 24 kvě 2007 21:52
Bydliště: Východ Čech

Re: Prevence

#7 Příspěvek od PredyP »

Děkuji za pomoc.
:worship: :worship: :worship:

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prevence

#8 Příspěvek od Conder »

:arrow: Tak este upraceme po pouzitych nastrojoch:
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Uživatelský avatar
PredyP
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 1227
Registrován: 24 kvě 2007 21:52
Bydliště: Východ Čech

Re: Prevence

#9 Příspěvek od PredyP »

Windows update nenabízí žádnou aktualizaci.

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prevence

#10 Příspěvek od Conder »

:arrow: Vypise to aj nejaky error alebo iba nic nenajde? Aky je datum poslednej instalacie?
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Uživatelský avatar
PredyP
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 1227
Registrován: 24 kvě 2007 21:52
Bydliště: Východ Čech

Re: Prevence

#11 Příspěvek od PredyP »

Ne jen nic nenajde. Poslední 22.5.2018

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prevence

#12 Příspěvek od Conder »

:arrow: To je nejake zvlastne. Stlac Win+R -> napis "winver" -> enter a posli screenshot otvoreneho okna.

:arrow: Spusti kontrolu integrity systemovych suborov:
  • Otvor Start, napis "cmd" (bez uvodzoviek), klikni pravym tlacitkom mysi na Prikazovy riadok a klikni na Spustit ako spravca
  • Skopiruj a spusti prikaz:

    Kód: Vybrat vše

    DISM.exe /Online /Cleanup-image /Restorehealth
  • Po dokonceni skopiruj a spusti druhy prikaz:

    Kód: Vybrat vše

    sfc /scannow
  • Po dokonceni obidvoch prikazov skopiruj a spusti tento prikaz:

    Kód: Vybrat vše

    findstr /c:"[SR]" %windir%\logs\cbs\cbs.log >> "%userprofile%\desktop\sfcdetails.txt" && copy %windir%\logs\dism\dism.log %userprofile%\desktop\dism.txt
  • Na ploche sa vytvoria subory sfcdetails.txt a dism.txt, tieto subory zabal ho do archivu RAR alebo ZIP a posli ako prilohu k dalsiemu prispevku
  • Restartuj PC a napis ako sa chova PC
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Uživatelský avatar
PredyP
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 1227
Registrován: 24 kvě 2007 21:52
Bydliště: Východ Čech

Re: Prevence

#13 Příspěvek od PredyP »

Při zadání a spuštění DISM.exe /Online /Cleanup-image /Restorehealth tam bylo 20% a dál se to nehýbalo. Zavřel jsem tedy příkazový řádek a restartoval pc. Teď je na obrazovce už více jak hodinu Probíhá příprava Windows nevypínejte počítač.

Uživatelský avatar
PredyP
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 1227
Registrován: 24 kvě 2007 21:52
Bydliště: Východ Čech

Re: Prevence

#14 Příspěvek od PredyP »

Tak se to povedlo.
Přílohy
Bez názvu.jpg
Bez názvu.jpg (78.9 KiB) Zobrazeno 2931 x

Uživatelský avatar
PredyP
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 1227
Registrován: 24 kvě 2007 21:52
Bydliště: Východ Čech

Re: Prevence

#15 Příspěvek od PredyP »

DISM.exe /Online /Cleanup-image /Restorehealth
Přílohy
Bez názvu1.jpg
Bez názvu1.jpg (71.93 KiB) Zobrazeno 2930 x

Zamčeno