preventivna kontrola

[plasko]

Dobry den prajem, poprosil by som o kontrolu logu lebo som mal pozicany pc a rad by som si bol isty ci je vsetko v poriadku. Dakujem velmi pekne.

Prikladam log:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 12-09-2016
Ran by pc (administrator) on PC-PC (14-09-2016 19:16:54)
Running from C:\Users\pc\Desktop
Loaded Profiles: pc (Available Profiles: pc)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\userinit.exe
(Andrea Electronics Corporation) C:\Windows\System32\AEADISRV.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Brother Industries, Ltd.) C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
(Brother Industries, Ltd.) C:\Program Files\Brother\ControlCenter3\BrCtrCen.exe
(Brother Industries, Ltd.) C:\Program Files\Brother\ControlCenter3\BrccMCtl.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SoundMAXPnP] => C:\Program Files\Analog Devices\Core\smax4pnp.exe [1310720 2008-07-08] (Analog Devices, Inc.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [997408 2010-11-30] (Microsoft Corporation)
HKLM\...\Run: [BrMfcWnd] => C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [1159168 2009-05-26] (Brother Industries, Ltd.)
HKLM\...\Run: [ControlCenter3] => C:\Program Files\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2015-08-01] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 195.146.128.60 8.8.8.8
Tcpip\..\Interfaces\{56BEB0EA-30A6-4523-934D-1E9A6A11C2A1}: [DhcpNameServer] 195.146.128.60 8.8.8.8

Internet Explorer:
==================

FireFox:
========
FF ProfilePath: C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\9cm3vqz6.default
FF Homepage: hxxps://webtelem.cetelem.sk/logout.php
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentácie Google) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-09]
CHR Extension: (Dokumenty Google) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-09]
CHR Extension: (Disk Google) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Google Search) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Tabuľky Google) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-09]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (Ozuji) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilgbcnibfofoecdolalngcmbihhannen [2016-09-13]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-05]
CHR Extension: (Gmail) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-09]
CHR Extension: (Chrome Media Router) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-27]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 MsMpSvc; c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [11736 2010-11-11] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [206360 2010-11-11] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [165264 2010-10-24] (Microsoft Corporation)
R3 MpNWMon; C:\Windows\System32\DRIVERS\MpNWMon.sys [43392 2010-10-24] (Microsoft Corporation)
U0 aswVmm; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-09-14 19:16 - 2016-09-14 19:17 - 00006733 _____ C:\Users\pc\Desktop\FRST.txt
2016-09-14 18:35 - 2016-09-14 19:16 - 00000000 ____D C:\FRST
2016-09-14 18:25 - 2016-09-14 18:25 - 01748992 _____ (Farbar) C:\Users\pc\Desktop\FRST.exe
2016-09-14 15:46 - 2016-09-14 15:45 - 00921280 _____ (Microsoft Corporation) C:\Windows\ucrtbase.dll
2016-09-14 15:43 - 2016-09-14 15:43 - 00000000 ____D C:\ProgramData\AVAST Software
2016-09-14 15:42 - 2016-09-14 15:43 - 06334848 _____ (AVAST Software) C:\Users\pc\Downloads\avast_free_antivirus_setup_online.exe
2016-09-14 08:45 - 2016-09-14 08:45 - 00155122 _____ C:\Users\pc\Downloads\2014_mala ziadost II.pdf
2016-09-13 10:16 - 2016-09-13 10:16 - 00027372 _____ C:\Users\pc\Desktop\kupna zmluva peugeot.odt
2016-09-13 09:06 - 2016-09-14 08:20 - 00000000 ____D C:\Users\pc\AppData\Local\FSDART
2016-09-13 09:06 - 2016-09-13 09:11 - 00000000 ____D C:\ProgramData\F-Secure
2016-09-13 09:06 - 2016-09-13 09:06 - 02743336 _____ (Facebook Inc.) C:\Users\pc\Downloads\Fsecure_T1249538661763889T_ (2).exe
2016-09-13 09:05 - 2016-09-13 09:06 - 02743336 _____ (Facebook Inc.) C:\Users\pc\Downloads\Fsecure_T1249538661763889T_ (1).exe
2016-09-13 09:04 - 2016-09-13 09:05 - 02743336 _____ (Facebook Inc.) C:\Users\pc\Downloads\Fsecure_T1249538661763889T_.exe
2016-09-10 09:31 - 2016-09-10 09:31 - 04619903 _____ C:\Users\pc\Desktop\zbozi-sk.xml
2016-09-10 09:30 - 2016-09-10 09:30 - 04876331 _____ C:\Users\pc\Desktop\read-comparators.xml
2016-09-10 09:08 - 2016-09-10 09:08 - 00000000 ____D C:\Program Files\Common Files\MSSoap
2016-09-07 12:57 - 2016-09-07 12:57 - 04374816 _____ C:\Users\pc\Desktop\doklady.pdf
2016-09-02 14:35 - 2016-09-02 14:35 - 00000000 ____D C:\Users\pc\Desktop\banka
2016-08-30 15:07 - 2016-08-30 15:07 - 00063626 _____ C:\Users\pc\Desktop\Objednavka THORMA sporak.ods
2016-08-30 14:17 - 2016-08-30 14:17 - 00610335 _____ C:\Users\pc\Downloads\summit.tif
2016-08-30 14:17 - 2016-08-30 14:17 - 00188072 _____ C:\Users\pc\Downloads\pe-brochure-aldt6-1.pdf
2016-08-26 09:39 - 2016-08-26 09:43 - 00000000 ____D C:\Users\pc\Desktop\auto
2016-08-25 08:41 - 2016-08-25 08:41 - 00000000 ____D C:\Users\pc\Desktop\sauna
2016-08-23 11:48 - 2016-08-23 11:48 - 00848440 _____ C:\Users\pc\Downloads\ziadost-o-prijatie-do-zamestnania (3).pdf
2016-08-23 11:48 - 2016-08-23 11:48 - 00514247 _____ C:\Users\pc\Desktop\ziadost SK.pdf
2016-08-23 11:47 - 2016-08-23 11:47 - 00848428 _____ C:\Users\pc\Downloads\ziadost-o-prijatie-do-zamestnania (2).pdf
2016-08-23 11:46 - 2016-08-23 11:46 - 00848685 _____ C:\Users\pc\Downloads\ziadost-o-prijatie-do-zamestnania (1).pdf
2016-08-23 11:45 - 2016-08-23 11:45 - 00848687 _____ C:\Users\pc\Downloads\ziadost-o-prijatie-do-zamestnania.pdf
2016-08-22 13:05 - 2016-08-22 13:05 - 00000000 ____D C:\Users\pc\Desktop\2016-08-22
2016-08-17 08:00 - 2016-07-08 17:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-08-16 10:23 - 2016-08-31 14:23 - 00000000 ____D C:\Users\pc\Desktop\italy 20016-2
2016-08-15 08:29 - 2016-08-15 08:29 - 00035402 _____ C:\Users\pc\Downloads\3100234_00053.zip
2016-08-15 08:29 - 2016-08-15 08:29 - 00035214 _____ C:\Users\pc\Downloads\3100234_00064.zip

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-09-14 19:16 - 2015-07-09 11:23 - 00000920 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-09-14 19:16 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-09-14 18:53 - 2015-07-09 11:23 - 00000924 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-09-14 18:27 - 2009-07-14 06:34 - 00014800 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-09-14 18:27 - 2009-07-14 06:34 - 00014800 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-09-14 18:26 - 2015-05-06 12:19 - 00717260 _____ C:\Windows\system32\PerfStringBackup.INI
2016-09-14 18:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\inf
2016-09-10 09:34 - 2016-07-28 14:15 - 00000000 ____D C:\Users\pc\AppData\Roaming\Notepad++
2016-08-18 09:14 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache

Some files in TEMP:
====================
C:\Users\pc\AppData\Local\Temp\avgnt.exe
C:\Users\pc\AppData\Local\Temp\xmlUpdater.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-09-05 08:32

==================== End of FRST.txt ============================

[Rudy]

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

[plasko]

prikladam log z adw:

# AdwCleaner v6.020 - *Logfile created 23/09/2016 *at 15:35:00
# *Updated on 14/09/2016 by ToolsLib
# *Database : 2016-09-22.1 [*Server]
# *Operating System : Windows 7 Home Premium Service Pack 1 (X86)
# *Username : pc - PC-PC
# *Running from : C:\Users\pc\Downloads\adwcleaner_6.020.exe
# *Mode: Clean
# *Support : https://toolslib.net/forum



***** [ *Services ] *****



***** [ *Folders ] *****



***** [ *Files ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ *Shortcuts ] *****



***** [ *Scheduled Tasks ] *****



***** [ *Registry ] *****



***** [ *Browsers ] *****



*************************

:: *"Tracing" keys deleted
:: *Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [765 *Bytes] - [23/09/2016 15:35:00]
C:\AdwCleaner\AdwCleaner[S0].txt - [1171 *Bytes] - [23/09/2016 15:33:41]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [912 *Bytes] ##########

[Rudy]

Toto je OK. Otevřte poznámkový blok a zkopírujte do něj:

Start
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
CHR Extension: (Ozuji) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilgbcnibfofoecdolalngcmbihhannen [2016-09-13]
U0 aswVmm; no ImagePath
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Users\pc\AppData\Local\Temp
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.