Stránka 2 z 3
Re: Mam problém s PC nemůžu nic.
Napsal: 16 led 2013 21:49
od vyosek
Na zdravem PC stahnete
Farbar Recovery Scan Tool http://www.bleepingcomputer.com/downloa ... scan-tool/
- Ulozte na nejaky flash disk, primo na jeho koren
Na poskozenem PC nabootujte Nouzovy rezim s prikazovym radkem MS-DOS
Nyni si zjisteme pismeno flash disku
- Zadejte prikaz notepad a odenterujte
- Otebre se poznamkovy blok (notepad)
- Dejte Soubor --> Otevrit --> najdete tento pocitac a otevrete USB klic je FRST ulozeny
- Podivejte se, jake pismeno ma USB klic (F:\, G:\ apod)
- Zavrete notepad krizkem
Ted si ziskame log
- Pokud mate stazeny FRST pro 64 bit OS, tak se jmenuje FRST64.exe a je nutne jej tak zadat
- Zadejte prikaz "pismeno disku":\FRST.exe a odenterujte (napr. F:\FRST.exe)
- Spusti se FRST
- Spuste prohledavani kliknutim na Scan
- Po chvili se vytvori na flash disku log FRST.exe
- Ten mi sem vlozte pres zdravy PC
Re: Mam problém s PC nemůžu nic.
Napsal: 16 led 2013 22:09
od NeedHelp
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 15-01-2013
Ran by Honza at 16-01-2013 22:02:26
Running from K:\
Service Pack 1 (X86) OS Language: Czech
Attention: Could not load system hive.
Chyba: Proces nem pýˇstup k souboru, neboś jej pr vŘ vyu§ˇv jině proces.
ATTENTION:=====> THE TOOL IS NOT RUN FROM RECOVERY ENVIRONMENT AND WILL NOT FUNCTION PROPERLY.
==================== One Month Created Files and Folders ========
2013-01-16 22:02 - 2013-01-16 22:02 - 00000000 ____D C:\FRST
2013-01-16 21:27 - 2013-01-16 21:30 - 00000000 ____D C:\users\blllaaa
2013-01-16 21:27 - 2013-01-16 21:27 - 00000020 ___SH C:\Users\blllaaa\ntuser.ini
2013-01-16 21:27 - 2013-01-16 21:27 - 00000000 __SHD C:\Users\blllaaa\Šablony
2013-01-16 21:27 - 2013-01-16 21:27 - 00000000 __SHD C:\Users\blllaaa\Soubory cookie
2013-01-16 21:27 - 2013-01-16 21:27 - 00000000 __SHD C:\Users\blllaaa\Poslední
2013-01-16 21:27 - 2013-01-16 21:27 - 00000000 __SHD C:\Users\blllaaa\Okolní tiskárny
2013-01-16 21:27 - 2013-01-16 21:27 - 00000000 __SHD C:\Users\blllaaa\Okolní síť
2013-01-16 21:27 - 2013-01-16 21:27 - 00000000 __SHD C:\Users\blllaaa\Nabídka Start
2013-01-16 21:27 - 2013-01-16 21:27 - 00000000 __SHD C:\Users\blllaaa\Dokumenty
2013-01-16 21:27 - 2013-01-16 21:27 - 00000000 __SHD C:\Users\blllaaa\Documents\Obrázky
2013-01-16 21:27 - 2013-01-16 21:27 - 00000000 __SHD C:\Users\blllaaa\Documents\Hudba
2013-01-16 21:27 - 2013-01-16 21:27 - 00000000 __SHD C:\Users\blllaaa\Documents\Filmy
2013-01-16 21:27 - 2013-01-16 21:27 - 00000000 __SHD C:\Users\blllaaa\Data aplikací
2013-01-16 21:27 - 2013-01-16 21:27 - 00000000 __SHD C:\Users\blllaaa\AppData\Local\Data aplikací
2013-01-16 21:27 - 2012-11-20 16:56 - 00000000 ____D C:\Users\blllaaa\AppData\Local\Microsoft Help
2013-01-16 20:06 - 2013-01-16 20:06 - 00002111 ____A C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-01-16 20:06 - 2012-10-30 23:51 - 00738504 ____A (AVAST Software) C:\Windows\System32\Drivers\aswSnx.sys
2013-01-16 20:06 - 2012-10-30 23:51 - 00361032 ____A (AVAST Software) C:\Windows\System32\Drivers\aswSP.sys
2013-01-16 20:06 - 2012-10-30 23:51 - 00058680 ____A (AVAST Software) C:\Windows\System32\Drivers\aswMonFlt.sys
2013-01-16 20:06 - 2012-10-30 23:51 - 00054232 ____A (AVAST Software) C:\Windows\System32\Drivers\aswTdi.sys
2013-01-16 20:06 - 2012-10-30 23:51 - 00021256 ____A (AVAST Software) C:\Windows\System32\Drivers\aswFsBlk.sys
2013-01-16 20:06 - 2012-10-15 17:59 - 00044784 ____A (AVAST Software) C:\Windows\System32\Drivers\aswRdr2.sys
2013-01-16 20:05 - 2013-01-16 20:05 - 00000000 ____D C:\Users\All Users\AVAST Software
2013-01-16 20:05 - 2013-01-16 20:05 - 00000000 ____D C:\Program Files\AVAST Software
2013-01-16 20:05 - 2012-10-30 23:51 - 00041224 ____A (AVAST Software) C:\Windows\avastSS.scr
2013-01-16 20:05 - 2012-10-30 23:50 - 00227648 ____A (AVAST Software) C:\Windows\System32\aswBoot.exe
2013-01-16 20:03 - 2013-01-17 19:59 - 97495576 ____A C:\Users\Honza\Desktop\avast_free_antivirus_setup.exe
2013-01-15 18:00 - 2013-01-15 18:00 - 00000000 ____D C:\Program Files\Common Files\Wise Installation Wizard
2013-01-15 12:04 - 2013-01-15 12:04 - 00000000 ____D C:\Windows\pss
2013-01-14 13:47 - 2013-01-16 21:37 - 95023320 ___AT C:\Users\All Users\dsgsdgdsgdsgw.pad
2013-01-14 13:47 - 2013-01-16 21:29 - 00002891 ____A C:\Users\All Users\dsgsdgdsgdsgw.js
2013-01-14 13:47 - 2013-01-14 13:47 - 00143360 ____A (Microsoft Corporation) C:\Users\Honza\wgsdgsdgdsgsd.exe
2013-01-09 20:41 - 2012-12-07 13:26 - 00308736 ____A (Microsoft Corporation) C:\Windows\System32\Wpc.dll
2013-01-09 20:41 - 2012-12-07 13:20 - 02576384 ____A (Microsoft Corporation) C:\Windows\System32\gameux.dll
2013-01-09 20:41 - 2012-12-07 11:46 - 00055296 ____A (Microsoft) C:\Windows\System32\cero.rs
2013-01-09 20:41 - 2012-12-07 11:46 - 00051712 ____A (Microsoft) C:\Windows\System32\esrb.rs
2013-01-09 20:41 - 2012-12-07 11:46 - 00046592 ____A (Microsoft) C:\Windows\System32\fpb.rs
2013-01-09 20:41 - 2012-12-07 11:46 - 00045568 ____A (Microsoft) C:\Windows\System32\oflc-nz.rs
2013-01-09 20:41 - 2012-12-07 11:46 - 00044544 ____A (Microsoft) C:\Windows\System32\pegibbfc.rs
2013-01-09 20:41 - 2012-12-07 11:46 - 00043520 ____A (Microsoft) C:\Windows\System32\csrr.rs
2013-01-09 20:41 - 2012-12-07 11:46 - 00040960 ____A (Microsoft) C:\Windows\System32\cob-au.rs
2013-01-09 20:41 - 2012-12-07 11:46 - 00030720 ____A (Microsoft) C:\Windows\System32\usk.rs
2013-01-09 20:41 - 2012-12-07 11:46 - 00023552 ____A (Microsoft) C:\Windows\System32\oflc.rs
2013-01-09 20:41 - 2012-12-07 11:46 - 00021504 ____A (Microsoft) C:\Windows\System32\grb.rs
2013-01-09 20:41 - 2012-12-07 11:46 - 00020480 ____A (Microsoft) C:\Windows\System32\pegi-pt.rs
2013-01-09 20:41 - 2012-12-07 11:46 - 00020480 ____A (Microsoft) C:\Windows\System32\pegi-fi.rs
2013-01-09 20:41 - 2012-12-07 11:46 - 00020480 ____A (Microsoft) C:\Windows\System32\pegi.rs
2013-01-09 20:41 - 2012-12-07 11:46 - 00015360 ____A (Microsoft) C:\Windows\System32\djctq.rs
2013-01-09 20:41 - 2012-11-30 05:53 - 00169984 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2013-01-09 20:41 - 2012-11-30 05:47 - 00868352 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2013-01-09 20:41 - 2012-11-30 05:47 - 00293376 ____A (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2013-01-09 20:41 - 2012-11-30 05:45 - 00005120 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
2013-01-09 20:41 - 2012-11-30 05:45 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2013-01-09 20:41 - 2012-11-30 05:45 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-01-09 20:41 - 2012-11-30 05:45 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
2013-01-09 20:41 - 2012-11-30 05:45 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
2013-01-09 20:41 - 2012-11-30 05:45 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
2013-01-09 20:41 - 2012-11-30 05:45 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
2013-01-09 20:41 - 2012-11-30 05:45 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-01-09 20:41 - 2012-11-30 05:45 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-01-09 20:41 - 2012-11-30 05:45 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
2013-01-09 20:41 - 2012-11-30 05:45 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-01-09 20:41 - 2012-11-30 05:45 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
2013-01-09 20:41 - 2012-11-30 05:45 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
2013-01-09 20:41 - 2012-11-30 05:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
2013-01-09 20:41 - 2012-11-30 05:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-01-09 20:41 - 2012-11-30 05:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
2013-01-09 20:41 - 2012-11-30 05:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
2013-01-09 20:41 - 2012-11-30 05:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
2013-01-09 20:41 - 2012-11-30 05:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
2013-01-09 20:41 - 2012-11-30 05:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-01-09 20:41 - 2012-11-30 05:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
2013-01-09 20:41 - 2012-11-30 05:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
2013-01-09 20:41 - 2012-11-30 05:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
2013-01-09 20:41 - 2012-11-30 05:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
2013-01-09 20:41 - 2012-11-30 03:55 - 00271360 ____A (Microsoft Corporation) C:\Windows\System32\conhost.exe
2013-01-09 20:41 - 2012-11-30 03:38 - 00006144 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2013-01-09 20:41 - 2012-11-30 03:38 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
2013-01-09 20:41 - 2012-11-30 03:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
2013-01-09 20:41 - 2012-11-30 03:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
2013-01-09 20:41 - 2012-11-30 00:17 - 00420064 ____A C:\Windows\System32\locale.nls
2013-01-09 20:41 - 2012-11-23 03:56 - 02345984 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2013-01-09 20:41 - 2012-11-22 05:45 - 00626688 ____A (Microsoft Corporation) C:\Windows\System32\usp10.dll
2013-01-09 20:41 - 2012-11-09 05:43 - 00492032 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-01-09 20:41 - 2012-11-01 05:47 - 01389568 ____A (Microsoft Corporation) C:\Windows\System32\msxml6.dll
2013-01-09 20:40 - 2012-11-23 03:48 - 00049152 ____A (Microsoft Corporation) C:\Windows\System32\taskhost.exe
2013-01-09 20:40 - 2012-11-20 05:51 - 00220160 ____A (Microsoft Corporation) C:\Windows\System32\ncrypt.dll
2013-01-02 20:44 - 2013-01-02 22:43 - 1450015602 ____A C:\Users\Honza\Downloads\zaloha.gz
2013-01-02 20:32 - 2013-01-02 20:35 - 00115600 ____A C:\Users\Honza\Downloads\vii.pptx
2013-01-01 10:52 - 2013-01-01 10:52 - 00000000 ____D C:\Users\Honza\Desktop\cigarety
2012-12-30 16:24 - 2012-12-30 16:24 - 00000000 ____D C:\Users\Honza\AppData\Local\Macromedia
2012-12-28 22:45 - 2012-12-28 22:45 - 00000000 ____D C:\Users\Honza\AppData\Roaming\NVIDIA
2012-12-20 23:50 - 2012-12-16 15:13 - 00295424 ____A (Adobe Systems Incorporated) C:\Windows\System32\atmfd.dll
2012-12-20 23:50 - 2012-12-16 15:13 - 00034304 ____A (Adobe Systems) C:\Windows\System32\atmlib.dll
2012-12-18 14:30 - 2013-01-16 20:40 - 00000914 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2012-12-17 19:55 - 2011-02-19 07:30 - 00805376 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll
2012-12-17 19:55 - 2011-02-19 07:30 - 00739840 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll
2012-12-17 19:41 - 2012-12-17 19:41 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2012-12-17 19:41 - 2012-12-17 19:41 - 00000000 ____D C:\Users\Honza\AppData\Roaming\InstallShield
2012-12-17 19:41 - 2012-12-17 19:41 - 00000000 ____D C:\Program Files\ASUS
2012-12-17 19:41 - 2010-09-07 14:27 - 00028672 ____A (Printing Communications Assoc., Inc. (PCAUSA)) C:\Windows\System32\Drivers\PcaSp60.sys
2012-12-17 19:41 - 2006-11-28 21:46 - 00052800 ____A (Printing Communications Assoc., Inc. (PCAUSA)) C:\Windows\System32\Drivers\PCASp50.sys
2012-12-17 19:41 - 2006-11-28 21:46 - 00041280 ____A (Printing Communications Assoc., Inc. (PCAUSA)) C:\Windows\System32\Drivers\PCASp50a64.sys
2012-12-17 19:41 - 2003-04-21 21:46 - 00061440 ____A (Printing Communications Assoc., Inc. (PCAUSA)) C:\Windows\System32\ASIW32N50.dll
2012-12-17 19:41 - 2002-09-10 19:35 - 00016302 ____A (Printing Communications Assoc., Inc. (PCAUSA)) C:\Windows\System32\ASINDIS5.sys
2012-12-17 19:41 - 2001-04-16 05:48 - 00015577 ____A C:\Windows\System32\ASINDIS3.vxd
==================== One Month Modified Files and Folders ========
2013-01-17 19:59 - 2013-01-16 20:03 - 97495576 ____A C:\Users\Honza\Desktop\avast_free_antivirus_setup.exe
2013-01-16 22:02 - 2013-01-16 22:02 - 00000000 ____D C:\FRST
2013-01-16 21:37 - 2013-01-14 13:47 - 95023320 ___AT C:\Users\All Users\dsgsdgdsgdsgw.pad
2013-01-16 21:36 - 2012-11-18 16:48 - 00000000 ____D C:\Users\All Users\NVIDIA
2013-01-16 21:36 - 2009-07-14 05:53 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-01-16 21:36 - 2009-07-14 05:39 - 00035949 ____A C:\Windows\setupact.log
2013-01-16 21:34 - 2012-11-18 16:27 - 01180739 ____A C:\Windows\WindowsUpdate.log
2013-01-16 21:30 - 2013-01-16 21:27 - 00000000 ____D C:\users\blllaaa
2013-01-16 21:29 - 2013-01-14 13:47 - 00002891 ____A C:\Users\All Users\dsgsdgdsgdsgw.js
2013-01-16 21:27 - 2013-01-16 21:27 - 00000020 ___SH C:\Users\blllaaa\ntuser.ini
2013-01-16 21:27 - 2013-01-16 21:27 - 00000000 __SHD C:\Users\blllaaa\Šablony
2013-01-16 21:27 - 2013-01-16 21:27 - 00000000 __SHD C:\Users\blllaaa\Soubory cookie
2013-01-16 21:27 - 2013-01-16 21:27 - 00000000 __SHD C:\Users\blllaaa\Poslední
2013-01-16 21:27 - 2013-01-16 21:27 - 00000000 __SHD C:\Users\blllaaa\Okolní tiskárny
2013-01-16 21:27 - 2013-01-16 21:27 - 00000000 __SHD C:\Users\blllaaa\Okolní síť
2013-01-16 21:27 - 2013-01-16 21:27 - 00000000 __SHD C:\Users\blllaaa\Nabídka Start
2013-01-16 21:27 - 2013-01-16 21:27 - 00000000 __SHD C:\Users\blllaaa\Dokumenty
2013-01-16 21:27 - 2013-01-16 21:27 - 00000000 __SHD C:\Users\blllaaa\Documents\Obrázky
2013-01-16 21:27 - 2013-01-16 21:27 - 00000000 __SHD C:\Users\blllaaa\Documents\Hudba
2013-01-16 21:27 - 2013-01-16 21:27 - 00000000 __SHD C:\Users\blllaaa\Documents\Filmy
2013-01-16 21:27 - 2013-01-16 21:27 - 00000000 __SHD C:\Users\blllaaa\Data aplikací
2013-01-16 21:27 - 2013-01-16 21:27 - 00000000 __SHD C:\Users\blllaaa\AppData\Local\Data aplikací
2013-01-16 20:56 - 2009-07-14 05:34 - 00021472 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-01-16 20:56 - 2009-07-14 05:34 - 00021472 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-01-16 20:40 - 2012-12-18 14:30 - 00000914 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-01-16 20:06 - 2013-01-16 20:06 - 00002111 ____A C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-01-16 20:06 - 2009-07-14 03:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2013-01-16 20:06 - 2009-07-14 03:04 - 00002577 ____A C:\Windows\System32\config.nt
2013-01-16 20:05 - 2013-01-16 20:05 - 00000000 ____D C:\Users\All Users\AVAST Software
2013-01-16 20:05 - 2013-01-16 20:05 - 00000000 ____D C:\Program Files\AVAST Software
2013-01-16 20:02 - 2012-11-18 16:52 - 00000962 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2119101845-1436983725-514995877-1000UA.job
2013-01-15 18:10 - 2012-12-15 11:13 - 00000000 ____D C:\Users\Honza\Desktop\listopad
2013-01-15 18:10 - 2012-12-15 08:04 - 00000000 ____D C:\Users\Honza\Desktop\COOL
2013-01-15 18:10 - 2012-12-05 13:59 - 00000000 ____D C:\Users\Honza\Desktop\obrazky
2013-01-15 18:00 - 2013-01-15 18:00 - 00000000 ____D C:\Program Files\Common Files\Wise Installation Wizard
2013-01-15 12:04 - 2013-01-15 12:04 - 00000000 ____D C:\Windows\pss
2013-01-14 13:47 - 2013-01-14 13:47 - 00143360 ____A (Microsoft Corporation) C:\Users\Honza\wgsdgsdgdsgsd.exe
2013-01-14 13:47 - 2012-11-18 16:26 - 00000000 ____D C:\users\Honza
2013-01-14 12:10 - 2010-11-20 22:01 - 01478586 ____A C:\Windows\System32\PerfStringBackup.INI
2013-01-13 17:02 - 2012-11-18 16:52 - 00000910 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2119101845-1436983725-514995877-1000Core.job
2013-01-11 22:06 - 2012-11-18 16:55 - 00002326 ____A C:\Users\Honza\Desktop\Google Chrome.lnk
2013-01-10 14:16 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\rescache
2013-01-10 13:50 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\Microsoft.NET
2013-01-10 13:03 - 2009-07-14 05:33 - 00408520 ____A C:\Windows\System32\FNTCACHE.DAT
2013-01-09 21:30 - 2012-11-19 16:42 - 00000000 ____D C:\Users\All Users\Microsoft Help
2013-01-09 21:28 - 2012-11-18 18:16 - 65273848 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-01-09 20:32 - 2010-11-20 22:48 - 00012018 ____A C:\Windows\PFRO.log
2013-01-08 22:37 - 2012-11-18 21:57 - 00697864 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2013-01-08 22:37 - 2012-11-18 21:57 - 00074248 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2013-01-02 22:43 - 2013-01-02 20:44 - 1450015602 ____A C:\Users\Honza\Downloads\zaloha.gz
2013-01-02 20:35 - 2013-01-02 20:32 - 00115600 ____A C:\Users\Honza\Downloads\vii.pptx
2013-01-02 12:18 - 2012-11-20 18:37 - 00000000 ____D C:\Users\Honza\Documents\Soubory aplikace Outlook
2013-01-01 10:52 - 2013-01-01 10:52 - 00000000 ____D C:\Users\Honza\Desktop\cigarety
2012-12-31 16:35 - 2012-11-18 19:47 - 00000000 ____D C:\Users\Honza\Desktop\dtb
2012-12-30 16:24 - 2012-12-30 16:24 - 00000000 ____D C:\Users\Honza\AppData\Local\Macromedia
2012-12-29 15:36 - 2012-11-18 16:38 - 00000000 ____D C:\Program Files\WinRAR
2012-12-28 22:45 - 2012-12-28 22:45 - 00000000 ____D C:\Users\Honza\AppData\Roaming\NVIDIA
2012-12-20 23:18 - 2012-11-18 17:00 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2012-12-19 19:50 - 2012-12-15 14:51 - 00000000 ____D C:\Program Files\Mozilla Firefox
2012-12-17 19:43 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\System32\DriverStore
2012-12-17 19:41 - 2012-12-17 19:41 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2012-12-17 19:41 - 2012-12-17 19:41 - 00000000 ____D C:\Users\Honza\AppData\Roaming\InstallShield
2012-12-17 19:41 - 2012-12-17 19:41 - 00000000 ____D C:\Program Files\ASUS
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== Memory info ===========================
Percentage of memory in use: 14%
Total physical RAM: 2046.49 MB
Available physical RAM: 1740.95 MB
Total Pagefile: 4092.98 MB
Available Pagefile: 3817.22 MB
Total Virtual: 2047.88 MB
Available Virtual: 1918.56 MB
==================== Partitions =============================
1 Drive c: () (Fixed) (Total:297.99 GB) (Free:118.56 GB) NTFS
2 Drive d: () (Fixed) (Total:298.08 GB) (Free:28.33 GB) NTFS
9 Drive k: (USB) (Removable) (Total:7.47 GB) (Free:2.39 GB) FAT32
Disk ### Stav Velikost Voln‚ Dyn Gpt
-------- ------------- -------- ------- --- ---
Disk 0 Online 298 GB 8 MB
Disk 1 Online 298 GB 0 B
Disk 2 ¦ dn‚ m‚dium 0 B 0 B
Disk 3 ¦ dn‚ m‚dium 0 B 0 B
Disk 4 ¦ dn‚ m‚dium 0 B 0 B
Disk 5 ¦ dn‚ m‚dium 0 B 0 B
Disk 6 Online 7667 MB 0 B
Probˇh ukonźenˇ programu DiskPart...
Partitions of Disk 0:
===============
Nynˇ je vybr n disk 0.
Oddˇl ### Typ Velikost Posunutˇ
------------- ---------------- -------- --------
Oddˇl 1 Prim rnˇ 298 GB 31 KB
Probˇh ukonźenˇ programu DiskPart...
=========================================================
Partitions of Disk 1:
===============
Nynˇ je vybr n disk 1.
Oddˇl ### Typ Velikost Posunutˇ
------------- ---------------- -------- --------
Oddˇl 1 Prim rnˇ 100 MB 1024 KB
Oddˇl 2 Prim rnˇ 297 GB 101 MB
Probˇh ukonźenˇ programu DiskPart...
=========================================================
Partitions of Disk 6:
===============
Nynˇ je vybr n disk 6.
Oddˇl ### Typ Velikost Posunutˇ
------------- ---------------- -------- --------
Oddˇl 1 Prim rnˇ 7662 MB 5100 KB
Probˇh ukonźenˇ programu DiskPart...
=========================================================
Last Boot: 2013-01-14 12:42
==================== End Of Log ============================
Re: Mam problém s PC nemůžu nic.
Napsal: 16 led 2013 22:17
od vyosek
Tvorba fixlistu pro FRST
- Spustte poznamkovy blok (Start-spustit-notepad)
- Zkopirujte skript nize
Kód: Vybrat vše
2013-01-14 13:47 - 2013-01-16 21:37 - 95023320 ___AT C:\Users\All Users\dsgsdgdsgdsgw.pad
2013-01-14 13:47 - 2013-01-16 21:29 - 00002891 ____A C:\Users\All Users\dsgsdgdsgdsgw.js
2013-01-14 13:47 - 2013-01-14 13:47 - 00143360 ____A (Microsoft Corporation) C:\Users\Honza\wgsdgsdgdsgsd.exe
CMD: del "%AppData%\Local\Microsoft\Windows\runctf.lnk"
CMD: del "%AppData%\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\runctf.lnk"
CMD: del "%AppData%\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk"
CMD: del "%AppData%\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.lnk"
- Ulozte vytvoreny TXT jako fixlist.txt
- Presunte vytvoreny log na flashku k FRST
Spustte znovu FRST.exe na tom poskozenem PC
- Kliknete na Fix
- Probehne oprava a na flash disku se vytvori log Fixlog.txt
Pokuste se nastartovat do bezneho rezimu
Re: Mam problém s PC nemůžu nic.
Napsal: 16 led 2013 22:25
od NeedHelp
Log vytvořen, a systém se normálně spustil bez té pochybné hlášky od policie co dál ?
Re: Mam problém s PC nemůžu nic.
Napsal: 16 led 2013 22:32
od vyosek
Na flesce je log Fixlog.txt, ten mi sem dejte
Udelejte tyto kroky
http://forum.viry.cz/viewtopic.php?f=13 ... 0#p1183543 (RSIT, RKill, ComboFix)
Re: Mam problém s PC nemůžu nic.
Napsal: 16 led 2013 22:41
od NeedHelp
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 15-01-2013
Ran by Honza at 2013-01-16 22:22:47 Run:1
Running from K:\
ATTENTION: THE TOOL IS NOT RUN FROM RECOVERY ENVIRONMENT AND WILL NOT FUNCTION PROPERLY.
==============================================
C:\Users\All Users\dsgsdgdsgdsgw.pad moved successfully.
C:\Users\All Users\dsgsdgdsgdsgw.js moved successfully.
C:\Users\Honza\wgsdgsdgdsgsd.exe moved successfully.
========= del "%AppData%\Local\Microsoft\Windows\runctf.lnk" =========
Syst‚m nem…§e nal‚zt uvedenou cestu.
========= End of CMD: =========
========= del "%AppData%\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\runctf.lnk" =========
Syst‚m nem…§e nal‚zt uvedenou cestu.
========= End of CMD: =========
========= del "%AppData%\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk" =========
Syst‚m nem…§e nal‚zt uvedenou cestu.
========= End of CMD: =========
========= del "%AppData%\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.lnk" =========
Syst‚m nem…§e nal‚zt uvedenou cestu.
========= End of CMD: =========
==== End of Fixlog ====
Re: Mam problém s PC nemůžu nic.
Napsal: 16 led 2013 22:43
od vyosek
OK, nahrnte mi sem postupne jeste ty tri logy (RSIT, RKill, CF), ja pak napisu dalsi postup
Re: Mam problém s PC nemůžu nic.
Napsal: 16 led 2013 22:49
od NeedHelp
Pracuju na tom, chvilučku mi to bude trvat, tak prosím o trpělivost děkuji.
Re: Mam problém s PC nemůžu nic.
Napsal: 16 led 2013 22:50
od NeedHelp
Ten RSIT, me nechce pustit přes krok I acept
Re: Mam problém s PC nemůžu nic.
Napsal: 16 led 2013 23:01
od vyosek
OK, pokracujte dale rkillem a CF
Re: Mam problém s PC nemůžu nic.
Napsal: 16 led 2013 23:06
od NeedHelp
Spustil jsem Rkill.
Re: Mam problém s PC nemůžu nic.
Napsal: 16 led 2013 23:06
od NeedHelp
Rkill :
Rkill 2.4.5 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html
Program started at: 01/16/2013 11:05:24 PM in x86 mode.
Windows Version: Windows 7 Ultimate Service Pack 1
Checking for Windows services to stop:
* No malware services found to stop.
Checking for processes to terminate:
* C:\Users\Honza\Desktop\RSIT.exe (PID: 2664) [UP-HEUR]
1 proccess terminated!
Checking Registry for malware related settings:
* No issues found in the Registry.
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
Performing miscellaneous checks:
* No issues found.
Checking Windows Service Integrity:
* Služba WMI (Winmgmt) is not Running.
Startup Type set to: Automatic
* Centrum zabezpečení (wscsvc) is not Running.
Startup Type set to: Automatic (Delayed Start)
* Winmgmt => C:\Users\Honza\wgsdgsdgdsgsd.exe [Incorrect ServiceDLL]
Searching for Missing Digital Signatures:
* No issues found.
Checking HOSTS File:
* No issues found.
Program finished at: 01/16/2013 11:06:04 PM
Execution time: 0 hours(s), 0 minute(s), and 40 seconds(s)
Re: Mam problém s PC nemůžu nic.
Napsal: 16 led 2013 23:07
od vyosek
OK, jeste si pockam na ComboFix
Re: Mam problém s PC nemůžu nic.
Napsal: 16 led 2013 23:09
od NeedHelp
Spustil jsem Combofix, chvíly to něco dělalo tak pár sekund a pak to celé se zavřelo a nic dál
Re: Mam problém s PC nemůžu nic.
Napsal: 16 led 2013 23:11
od vyosek
Stahnete
RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
- Ukoncete vsechny programy
- Pokud pouzivate Win Vista ci W7, kliknete na RogueKiller pravym a dejte Run As Administrator ci Spustit jako spravce
- Pockejte na dokonceni PreScanu
- Zvolte moznost Prohledat (scan)
- Po dokonceni skenu kliknete na Zpráva (Report)- otevre se log, ten sem vlozte
- Detailni postup vc. obrazku mate zde http://forum.viry.cz/viewtopic.php?f=24&t=120452