VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Na fotkách jsou čtverečky...

https://forum.viry.cz:443/viewtopic.php?t=145897

Stránka 2 z 2

Re: Na fotkách jsou čtverečky...

Napsal: 04 zář 2015 12:17
od altrok
  • Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
  • ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
  • znovu spustte FRST a kliknete na Fix
  • po restartu bude na plose ulozen fixlog, jehoz obsah mi vlozte do pristi odpovedi

    Kód: Vybrat vše

    Start
CloseProcesses:
HKU\S-1-5-21-621929646-1206955908-3885600500-1001\...\Run: [FlashPlayerManager] => C:\Users\Péťa\AppData\Roaming\Adobe\nircmd.exe [43520 2012-10-29] (NirSoft)
File: C:\Users\Péťa\AppData\Roaming\Adobe\nircmd.exe
File: C:\Users\Péťa\AppData\Roaming\Adobe\FlashPlayerManager_11_3_280.exe
File: C:\Users\Péťa\AppData\Roaming\Adobe\start.bat
Folder: C:\Users\Péťa\AppData\Roaming\Adobe
File: C:\windows\system32\javaw.exe
C:\Users\Péťa\AppData\Local\Temp
End

Re: Na fotkách jsou čtverečky...

Napsal: 06 zář 2015 16:09
od Zemos
Fix result of Farbar Recovery Scan Tool (x64) Version:31-08-2015
Ran by Péťa (2015-09-06 17:03:56) Run:1
Running from C:\Users\Péťa\Desktop\Programy
Loaded Profiles: Péťa (Available Profiles: Péťa & Guest)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
HKU\S-1-5-21-621929646-1206955908-3885600500-1001\...\Run: [FlashPlayerManager] => C:\Users\Péťa\AppData\Roaming\Adobe\nircmd.exe [43520 2012-10-29] (NirSoft)
File: C:\Users\Péťa\AppData\Roaming\Adobe\nircmd.exe
File: C:\Users\Péťa\AppData\Roaming\Adobe\FlashPlayerManager_11_3_280.exe
File: C:\Users\Péťa\AppData\Roaming\Adobe\start.bat
Folder: C:\Users\Péťa\AppData\Roaming\Adobe
File: C:\windows\system32\javaw.exe
C:\Users\Péťa\AppData\Local\Temp
End
*****************

Processes closed successfully.
HKU\S-1-5-21-621929646-1206955908-3885600500-1001\Software\Microsoft\Windows\CurrentVersion\Run\\FlashPlayerManager => value removed successfully

========================= File: C:\Users\Péťa\AppData\Roaming\Adobe\nircmd.exe ========================

File not signed
MD5: 466A42AEA0ABDF4C6B610F0F5E61CFA2
Creation and modification date: 2015-08-24 07:59 - 2012-10-29 20:08
Size: 0043520
Attributes: ----A
Company Name: NirSoft
Internal Name: NirCmd
Original Name: NirCmd.exe
Product: NirCmd
Description: NirCmd
File Version: 2.71
Product Version: 2.71
Copyright: Copyright © 2003 - 2012 Nir Sofer

====== End of File: ======


========================= File: C:\Users\Péťa\AppData\Roaming\Adobe\FlashPlayerManager_11_3_280.exe ========================

File not signed
MD5: 557C6D2E68679C65898A5CBF8F188087
Creation and modification date: 2015-08-24 07:59 - 2014-02-24 01:04
Size: 0494606
Attributes: ----N
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:

====== End of File: ======


========================= File: C:\Users\Péťa\AppData\Roaming\Adobe\start.bat ========================

File not signed
MD5: BE977E7ACDFF83187401C44FFD392087
Creation and modification date: 2015-08-24 07:59 - 2015-04-21 22:38
Size: 0000165
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:

====== End of File: ======


========================= Folder: C:\Users\Péťa\AppData\Roaming\Adobe ========================

2015-08-24 07:59 - 2014-02-10 19:20 - 0044727 _____ () C:\Users\Péťa\AppData\Roaming\Adobe\diablo130302.cl
2015-08-24 07:59 - 2014-02-10 19:20 - 0030802 _____ () C:\Users\Péťa\AppData\Roaming\Adobe\diakgcn121016.cl
2015-08-24 07:59 - 2014-02-24 01:04 - 0494606 ____N () C:\Users\Péťa\AppData\Roaming\Adobe\FlashPlayerManager_11_3_280.exe
2015-08-24 07:59 - 2014-02-10 19:20 - 0004758 _____ () C:\Users\Péťa\AppData\Roaming\Adobe\keccak130718.cl
2015-08-24 07:59 - 2014-02-10 19:18 - 0626176 ____N (The cURL library, http://curl.haxx.se/) C:\Users\Péťa\AppData\Roaming\Adobe\libcurl.dll
2015-08-24 07:59 - 2014-02-10 19:18 - 1704448 ____N (The OpenSSL Project, http://www.openssl.org/) C:\Users\Péťa\AppData\Roaming\Adobe\libeay32.dll
2015-08-24 07:59 - 2013-10-05 22:17 - 0112142 ____N () C:\Users\Péťa\AppData\Roaming\Adobe\libgcc_s_dw2-1.dll
2015-08-24 07:59 - 2014-02-10 19:18 - 0279955 ____N () C:\Users\Péťa\AppData\Roaming\Adobe\libidn-11.dll
2015-08-24 07:59 - 2010-06-11 12:48 - 0148760 ____N () C:\Users\Péťa\AppData\Roaming\Adobe\libpdcurses.dll
2015-08-24 07:59 - 2012-10-29 20:08 - 0043520 _____ (NirSoft) C:\Users\Péťa\AppData\Roaming\Adobe\nircmd.exe
2015-08-24 07:59 - 2014-02-10 19:20 - 0013062 _____ () C:\Users\Péťa\AppData\Roaming\Adobe\phatk121016.cl
2015-08-24 07:59 - 2014-02-10 19:20 - 0043810 _____ () C:\Users\Péťa\AppData\Roaming\Adobe\poclbm130302.cl
2015-08-24 07:59 - 2013-08-22 16:34 - 0119704 ____N (Open Source Software community LGPL) C:\Users\Péťa\AppData\Roaming\Adobe\pthreadGC2.dll
2015-08-24 07:59 - 2015-02-15 14:01 - 0499288 _____ (Alexander Roshal) C:\Users\Péťa\AppData\Roaming\Adobe\rar.exe
2015-08-24 07:59 - 2014-02-10 19:20 - 0023825 _____ () C:\Users\Péťa\AppData\Roaming\Adobe\scrypt130511.cl
2015-08-24 07:59 - 2015-04-21 22:39 - 1429989 _____ () C:\Users\Péťa\AppData\Roaming\Adobe\setup.rar
2015-08-24 07:59 - 2014-02-23 13:57 - 0021201 _____ () C:\Users\Péťa\AppData\Roaming\Adobe\skein.cl
2015-08-24 07:59 - 2014-02-10 19:18 - 0364544 ____N (The OpenSSL Project, http://www.openssl.org/) C:\Users\Péťa\AppData\Roaming\Adobe\ssleay32.dll
2015-08-24 07:59 - 2015-04-21 22:38 - 0000165 _____ () C:\Users\Péťa\AppData\Roaming\Adobe\start.bat
2015-08-24 07:59 - 2013-08-26 04:02 - 0131598 ____N () C:\Users\Péťa\AppData\Roaming\Adobe\zlib1.dll
2014-12-26 18:58 - 2014-12-26 19:00 - 0000000 ____D () C:\Users\Péťa\AppData\Roaming\Adobe\Flash Player
2014-12-26 19:00 - 2014-12-26 19:00 - 0000000 ____D () C:\Users\Péťa\AppData\Roaming\Adobe\Flash Player\AssetCache
2014-12-26 19:00 - 2014-12-26 19:00 - 0000000 ____D () C:\Users\Péťa\AppData\Roaming\Adobe\Flash Player\AssetCache\JAFSRVMB
2014-12-26 18:58 - 2015-06-12 18:26 - 0000000 ____D () C:\Users\Péťa\AppData\Roaming\Adobe\Flash Player\NativeCache
2015-06-12 18:26 - 2015-09-06 16:48 - 0000000 _____ () C:\Users\Péťa\AppData\Roaming\Adobe\Flash Player\NativeCache\NativeCache.directory

====== End of Folder: ======


========================= File: C:\windows\system32\javaw.exe ========================

File is digitally signed
MD5: 83EEFE83438AEF9FBB7613A106C5E5BB
Creation and modification date: 2015-01-07 18:49 - 2015-01-07 18:49
Size: 0189352
Attributes: ----A
Company Name: Oracle Corporation
Internal Name: javaw
Original Name: javaw.exe
Product: Java(TM) Platform SE 7 U51
Description: Java(TM) Platform SE binary
File Version: 7.0.510.13
Product Version: 7.0.510.13
Copyright: Copyright © 2013

====== End of File: ======

C:\Users\Péťa\AppData\Local\Temp => moved successfully


The system needed a reboot..

==== End of Fixlog 17:03:58 ====

Re: Na fotkách jsou čtverečky...

Napsal: 13 zář 2015 12:18
od altrok
Dobry den,

i posledni BitCoin miner byl zastaven, jake tedy v soucasnosti pozorujete problemy?

Re: Na fotkách jsou čtverečky...

Napsal: 14 zář 2015 05:43
od Zemos
Dobrý den. Už je vše v pořádku. Děkuji.

Re: Na fotkách jsou čtverečky...

Napsal: 14 zář 2015 07:59
od altrok
Takze jeste uklidime.
A pokud nejsou dotazy ci jine problemy, je to ode mne vse.

Re: Na fotkách jsou čtverečky...

Napsal: 15 zář 2015 17:55
od Zemos
Dobrá. Děkuji.

Re: Na fotkách jsou čtverečky...

Napsal: 15 zář 2015 18:04
od altrok
Nemate zac, rad jsem pomohl :worship:


Mejte se krasne a treba zase nekdy :bye:
Všechny časy jsou v UTC+01:00
Stránka 2 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz