Prosím o preventivní kontrolu logu

Zpráva

#16 Příspěvek od **vyosek** » 20 bře 2014 22:37

Tvorba fixlistu pro FRST

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Start
AlternateDataStreams: C:\ProgramData\Temp:430C6D84
AlternateDataStreams: C:\ProgramData\Temp:DFC5A2B2

Task: C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cef0e53af5c5bd.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3533092108-3555067090-2871961856-1000Core1cef0ec598c3edb.job => C:\Users\Michal\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3533092108-3555067090-2871961856-1000UA.job => C:\Users\Michal\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe

2014-03-19 10:27 - 2014-03-19 10:27 - 00112640 _____ (forum.viry.cz) C:\Users\Michal\Desktop\FRSTLauncher.exe
2014-03-17 08:04 - 2014-03-17 07:44 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-03-17 08:03 - 2014-03-17 08:03 - 00000083 _____ () C:\folders.txt
2014-03-17 07:46 - 2014-03-17 08:11 - 00008676 _____ () C:\zoek-results.log
2014-03-17 07:44 - 2014-03-17 08:00 - 00000000 ____D () C:\zoek_backup
2014-03-17 07:44 - 2014-03-17 07:44 - 01285120 _____ () C:\Users\Michal\Desktop\zoek.exe
2014-03-14 07:32 - 2014-03-14 07:32 - 01950720 _____ () C:\Users\Michal\Desktop\adwcleaner.exe
2014-03-14 07:28 - 2014-03-14 07:28 - 01950720 _____ () C:\Users\Michal\Downloads\adwcleaner.exe.xwk1tb9.partial
2014-03-14 07:28 - 2014-03-14 07:28 - 01950720 _____ () C:\Users\Michal\Downloads\adwcleaner (1).exe.phsnah0.partial
2014-03-12 08:22 - 2014-03-12 08:22 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Michal\Desktop\rkill.com

Toolbar: HKCU - No Name - {472734EA-242A-422B-ADF8-83D1E48CC825} - No File

HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-02-28] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [249064 2010-10-29] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [IndexSearch] - C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46952 2011-08-02] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] - C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [30568 2011-08-02] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFHook] - C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF5 Registry Controller] - C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [ControlCenter4] - C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-11-19] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] - C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-09-17] (Apple Inc.)
HKU\S-1-5-21-3533092108-3555067090-2871961856-1000\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-08-03] (Google Inc.)
HKU\S-1-5-21-3533092108-3555067090-2871961856-1000\...\Run: [Akamai NetSession Interface] - C:\Users\Michal\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3533092108-3555067090-2871961856-1000\...\Run: [ISUSPM] - C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)

Hosts:
CMD: shutdown /r /f /t 2

End

Ulozte vytvoreny TXT jako fixlist.txt
Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

Kliknete na Fix
Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

MMMMM · #17 Příspěvek od **MMMMM** » 21 bře 2014 07:54

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-03-2014
Ran by Michal at 2014-03-21 08:00:29 Run:1
Running from C:\Users\Michal\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
AlternateDataStreams: C:\ProgramData\Temp:430C6D84
AlternateDataStreams: C:\ProgramData\Temp:DFC5A2B2

Task: C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cef0e53af5c5bd.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3533092108-3555067090-2871961856-1000Core1cef0ec598c3edb.job => C:\Users\Michal\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3533092108-3555067090-2871961856-1000UA.job => C:\Users\Michal\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe

2014-03-19 10:27 - 2014-03-19 10:27 - 00112640 _____ (forum.viry.cz) C:\Users\Michal\Desktop\FRSTLauncher.exe
2014-03-17 08:04 - 2014-03-17 07:44 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-03-17 08:03 - 2014-03-17 08:03 - 00000083 _____ () C:\folders.txt
2014-03-17 07:46 - 2014-03-17 08:11 - 00008676 _____ () C:\zoek-results.log
2014-03-17 07:44 - 2014-03-17 08:00 - 00000000 ____D () C:\zoek_backup
2014-03-17 07:44 - 2014-03-17 07:44 - 01285120 _____ () C:\Users\Michal\Desktop\zoek.exe
2014-03-14 07:32 - 2014-03-14 07:32 - 01950720 _____ () C:\Users\Michal\Desktop\adwcleaner.exe
2014-03-14 07:28 - 2014-03-14 07:28 - 01950720 _____ () C:\Users\Michal\Downloads\adwcleaner.exe.xwk1tb9.partial
2014-03-14 07:28 - 2014-03-14 07:28 - 01950720 _____ () C:\Users\Michal\Downloads\adwcleaner (1).exe.phsnah0.partial
2014-03-12 08:22 - 2014-03-12 08:22 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Michal\Desktop\rkill.com

Toolbar: HKCU - No Name - {472734EA-242A-422B-ADF8-83D1E48CC825} - No File

HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-02-28] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [249064 2010-10-29] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [IndexSearch] - C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46952 2011-08-02] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] - C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [30568 2011-08-02] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFHook] - C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF5 Registry Controller] - C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [ControlCenter4] - C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-11-19] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] - C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-09-17] (Apple Inc.)
HKU\S-1-5-21-3533092108-3555067090-2871961856-1000\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-08-03] (Google Inc.)
HKU\S-1-5-21-3533092108-3555067090-2871961856-1000\...\Run: [Akamai NetSession Interface] - C:\Users\Michal\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3533092108-3555067090-2871961856-1000\...\Run: [ISUSPM] - C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)

Hosts:
CMD: shutdown /r /f /t 2

End
*****************

C:\ProgramData\Temp => ":430C6D84" ADS removed successfully.
C:\ProgramData\Temp => ":DFC5A2B2" ADS removed successfully.
C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cef0e53af5c5bd.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3533092108-3555067090-2871961856-1000Core1cef0ec598c3edb.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3533092108-3555067090-2871961856-1000UA.job => Moved successfully.
C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job => Moved successfully.
C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job => Moved successfully.
C:\Users\Michal\Desktop\FRSTLauncher.exe => Moved successfully.
C:\Windows\zoek-delete.exe => Moved successfully.
C:\folders.txt => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\Michal\Desktop\zoek.exe => Moved successfully.
C:\Users\Michal\Desktop\adwcleaner.exe => Moved successfully.
C:\Users\Michal\Downloads\adwcleaner.exe.xwk1tb9.partial => Moved successfully.
C:\Users\Michal\Downloads\adwcleaner (1).exe.phsnah0.partial => Moved successfully.
C:\Users\Michal\Desktop\rkill.com => Moved successfully.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{472734EA-242A-422B-ADF8-83D1E48CC825} => Value deleted successfully.
HKCR\CLSID\{472734EA-242A-422B-ADF8-83D1E48CC825} => Key not found.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\GrooveMonitor => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\IndexSearch => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\PaperPort PTD => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\PDFHook => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\PDF5 Registry Controller => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ControlCenter4 => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\BrStsMon00 => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\iTunesHelper => Value deleted successfully.
HKU\S-1-5-21-3533092108-3555067090-2871961856-1000\Software\Microsoft\Windows\CurrentVersion\Run\\swg => Value deleted successfully.
HKU\S-1-5-21-3533092108-3555067090-2871961856-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Akamai NetSession Interface => Value deleted successfully.
HKU\S-1-5-21-3533092108-3555067090-2871961856-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ISUSPM => Value deleted successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

========= shutdown /r /f /t 2 =========

========= End of CMD: =========

==== End of Fixlog ====

#18 Příspěvek od **vyosek** » 21 bře 2014 12:26

Tak jeste uklidime

T-Cleaner http://vyosek.tym.cz/pro_usery/T-Cleaner.exe

Stahnete a spustte
Pro potvrzeni volby mackejte A, Enter
Po pouziti utilitu smazte
Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

MMMMM · #19 Příspěvek od **MMMMM** » 24 bře 2014 08:47

Moc děkuji za pomoc

#20 Příspěvek od **vyosek** » 25 bře 2014 08:36

Nemate zac, rad jsem pomohl

Zase nekdy Obrázek

A na zaklade Pravidla o zamykani temat

VIRY.CZ

Prosím o preventivní kontrolu logu

Re: Prosím o preventivní kontrolu logu

Re: Prosím o preventivní kontrolu logu

Re: Prosím o preventivní kontrolu logu

Re: Prosím o preventivní kontrolu logu

Re: Prosím o preventivní kontrolu logu