Preventivka (poslední dobou je PC "jiný")

Zpráva

Chess · #31 Příspěvek od **Chess** » 03 pro 2013 17:49

Asi budu vypadat jak "lama", ale myslíš přehrávání z HDD, jakože třeba přehrávání filmu? Jestli ano, tak to funguje nooo...

S tím IE8 máš pravdu, už jsem nad tím dumala a ještě než jsi odepsal, tak jsem se do toho pustila...ale je mi divné, že jsem dala instalaci i s aktualizacemi a už je to asi 15 minut a furt to "jede"..."Stahování aktualizací pro aplikaci Windows Internet Explorer 8 a pořád tam běhá zelený proužek...snad se to neseklo

Ale když jsem se mrkla na Aplikace, tak furt "Spuštěno".

Na Firefox kouknu později, až uvidím co ten IE8.

Mno, popravdě celou dobu píšu já (ženská)...nevím proč, zaregistrovala jsem se pod chlapskou přezdívkou, tak jsem se za něj chvíli vydávala

...Takže novinka, už mi ani nejdou instalace...zkoušela jsem dvakrát instalovat IE8, jednou s aktualizacemi, podruhé bez, ani jednou se to nepovedlo, pořád tam běhá ten zelený proužek, tak jsem dala přes CTRL ALT DELETE ukončit a bylo tam program neodpovídá...to samé bylo s instalací jednoho doplňku ve Firefoxu...zkusila jsem tedy stáhnout Operu, ta nainstalovat šla, ale je to to samé co se týká rychlosti prohlížeče, hraní na Hry.cz...

...pomoc, je to čím dál horší s tím mým počítačem

#32 Příspěvek od **cernohous13** » 04 pro 2013 07:41

Dej log podle tohoto návodu http://forum.viry.cz/viewtopic.php?f=13&t=133100

#33 Příspěvek od **JaRon** » 04 pro 2013 10:00

+ pridam:
- vloz este log z MBAR http://www.malwarebytes.org/products/mbar/
- s prikazoveho riadku spust sfc /scannow

Chess · #34 Příspěvek od **Chess** » 05 pro 2013 12:26

cernohous13 píše:Dej log podle tohoto návodu http://forum.viry.cz/viewtopic.php?f=13&t=133100

Stažení FRSTLauncheru - nelze, v odkazu mi to píše, Stránka vyosek.ic.cz byla dočasně zablokována pro porušení platných právních předpisů ČR nebo porušení pravidel (nadmerna zatez serveru, chyba v PHP kodu strany a pod.) webhostingu InternetCentrum IC.cz kde je stránka umístěna.

#35 Příspěvek od **JaRon** » 05 pro 2013 13:17

pokial sa to vyriesi vloz log MBAR

Chess · #36 Příspěvek od **Chess** » 05 pro 2013 14:34

JaRon píše:+ pridam:
- vloz este log z MBAR http://www.malwarebytes.org/products/mbar/
- s prikazoveho riadku spust sfc /scannow

Malwarebytes Anti-Rootkit BETA 1.07.0.1007
www.malwarebytes.org

Database version: v2013.12.05.03

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 7.0.5730.13
PC :: MUJ-PC [administrator]

5.12.2013 12:31:18
mbar-log-2013-12-05 (12-31-18).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 197287
Time elapsed: 36 minute(s), 30 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

ad.2) To jsem udělala a nic se nestalo

#37 Příspěvek od **JaRon** » 05 pro 2013 14:42

pockame este na FRST log, ale mam pocit, ze to smeruje k opravnej instalacii Win -R

#38 Příspěvek od **cernohous13** » 05 pro 2013 15:01

Stáhni spusť http://www.bleepingcomputer.com/downloa ... scan-tool/
log FRST.txt nám zkopíruj

Chess · #39 Příspěvek od **Chess** » 05 pro 2013 16:50

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 04-12-2013 01
Ran by PC (administrator) on MUJ-PC on 05-12-2013 16:24:53
Running from C:\Documents and Settings\PC\Plocha
Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: Czech
Internet Explorer Version 7
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [NvCplDaemon] - RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [nwiz] - nwiz.exe /install
HKLM\...\Run: [NvMediaCenter] - RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM\...\RunOnce: [ (A0)] - cmd /c "C:\Documents and Settings\PC\Plocha\mbar\mbar.exe" /rdv /s [1170744 2013-10-08] (Malwarebytes Corporation)
HKU\Default User\...\RunOnce: [NeroHomeFirstStart] - "C:\Program Files\Common Files\Nero\Lib\NMFirstStart.exe"

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
Toolbar: HKCU - &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
Toolbar: HKCU - &Odkazy - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} http://www.nvidia.com/content/DriverDow ... rtScan.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks: URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\system32\shell32.dll [8466944 2012-06-08] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 94.74.192.252 94.74.192.244

FireFox:
========
FF ProfilePath: C:\Documents and Settings\PC\Data aplikací\Mozilla\Firefox\Profiles\jgnygkd2.default
FF Homepage: www.seznam.cz
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_152.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\WINDOWS\system32\Adobe\Director\np32dsw_1206147.dll (Adobe Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Documents and Settings\PC\Local Settings\Data aplikací\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Documents and Settings\PC\Local Settings\Data aplikací\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\31.0.1650.57\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\31.0.1650.57\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\31.0.1650.57\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Microsoft\u00AE DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Microsoft\u00AE DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Extension: (Google Docs) - C:\Documents and Settings\PC\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Documents and Settings\PC\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Documents and Settings\PC\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Documents and Settings\PC\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Google Wallet) - C:\Documents and Settings\PC\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR Extension: (Gmail) - C:\Documents and Settings\PC\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0

========================== Services (Whitelisted) =================

==================== Drivers (Whitelisted) ====================

S3 CCDECODE; C:\Windows\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
S3 CVirtA; C:\Windows\System32\DRIVERS\CVirtA.sys [5315 2005-05-17] (Cisco Systems, Inc.)
R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [31088 2010-12-16] (Elaborate Bytes AG)
R3 gameenum; C:\Windows\System32\DRIVERS\gameenum.sys [10624 2008-04-13] (Microsoft Corporation)
R3 mbamchameleon; C:\WINDOWS\system32\drivers\mbamchameleon.sys [47064 2013-12-05] (Malwarebytes Corporation)
R3 ms_mpu401; C:\Windows\System32\drivers\msmpu401.sys [2944 2001-08-17] (Microsoft Corporation)
S3 NdisIP; C:\Windows\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R3 nvax; C:\Windows\System32\drivers\nvax.sys [13056 2002-12-05] (NVIDIA Corporation)
R3 NVENET; C:\Windows\System32\DRIVERS\NVENET.sys [80896 2002-09-23] (NVIDIA Corporation)
R0 nvidesm; C:\Windows\System32\drivers\nvidesm.sys [20224 2002-11-13] (NVIDIA Corporation)
R3 nvnforce; C:\Windows\System32\drivers\nvapu.sys [241664 2002-12-05] (NVIDIA Corporation)
R0 nv_agp; C:\Windows\System32\DRIVERS\nv_agp.sys [13568 2002-09-06] (NVIDIA Corporation)
R3 SISNIC; C:\Windows\System32\DRIVERS\sisnic.sys [32768 2004-08-03] (SiS Corporation)
S3 catchme; \??\C:\DOCUME~1\PC\LOCALS~1\Temp\catchme.sys [x]
S4 IntelIde; No ImagePath
U5 MBAMSwissArmy; C:\Windows\System32\Drivers\MBAMSwissArmy.sys [105176 2013-12-05] (Malwarebytes Corporation)
U5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
U3 TlntSvr;

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-12-05 16:24 - 2013-12-05 16:29 - 00009113 _____ C:\Documents and Settings\PC\Plocha\FRST.txt
2013-12-05 16:18 - 2013-12-05 16:18 - 00000000 ____D C:\FRST
2013-12-05 13:44 - 2013-12-05 13:44 - 00003928 _____ C:\WINDOWS\KB2719985.log
2013-12-05 13:43 - 2013-12-05 13:43 - 00000000 ____D C:\WINDOWS\LastGood
2013-12-05 12:30 - 2013-12-05 14:28 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Malwarebytes' Anti-Malware (portable)
2013-12-05 12:30 - 2013-12-05 12:30 - 00105176 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2013-12-05 12:29 - 2013-12-05 12:29 - 00047064 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2013-12-05 12:28 - 2013-12-05 14:28 - 00000000 ____D C:\Documents and Settings\PC\Plocha\mbar
2013-12-05 12:28 - 2013-12-05 12:28 - 12576792 _____ (Malwarebytes Corp.) C:\Documents and Settings\PC\Plocha\mbar-1.07.0.1007.exe
2013-12-05 12:25 - 2013-12-05 12:25 - 01092683 _____ (Farbar) C:\Documents and Settings\PC\Plocha\FRST.exe
2013-12-03 18:11 - 2013-12-04 16:39 - 00000000 ____D C:\Documents and Settings\PC\Data aplikací\Opera Software
2013-12-03 18:11 - 2013-12-03 18:11 - 00000000 ____D C:\Documents and Settings\PC\Local Settings\Data aplikací\Opera Software
2013-12-03 18:10 - 2013-12-04 16:40 - 00000000 ____D C:\Program Files\Opera
2013-12-03 18:08 - 2013-12-03 18:41 - 00004275 _____ C:\WINDOWS\ie8.log
2013-12-03 17:16 - 2013-12-03 18:08 - 00025280 _____ C:\WINDOWS\ie8_main.log
2013-12-02 17:49 - 2013-12-02 17:49 - 00692616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2013-12-02 17:49 - 2013-12-02 17:49 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2013-12-02 17:48 - 2013-12-02 17:48 - 17822088 _____ (Adobe Systems Incorporated) C:\Documents and Settings\PC\Plocha\install_flash_player.exe
2013-12-02 16:09 - 2013-12-02 16:10 - 00830344 _____ (Adobe Systems Incorporated) C:\Documents and Settings\PC\Plocha\uninstall_flash_player.exe
2013-12-01 19:42 - 2013-12-01 19:42 - 00000000 ____D C:\_OTM
2013-12-01 19:27 - 2013-12-01 19:27 - 00522240 _____ (OldTimer Tools) C:\Documents and Settings\PC\Plocha\OTM.exe
2013-12-01 11:48 - 2013-12-01 11:49 - 00781383 _____ C:\Documents and Settings\PC\Plocha\RSIT.exe
2013-11-30 14:38 - 2013-11-30 14:38 - 00000236 _____ C:\WINDOWS\DtcInstall.log
2013-11-30 14:37 - 2013-11-30 14:37 - 00000187 _____ C:\WINDOWS\spupdsvc.log.1.log
2013-11-30 14:32 - 2013-11-30 14:32 - 00004951 _____ C:\WINDOWS\KB957095.log
2013-11-30 14:32 - 2013-11-30 14:32 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB957095$
2013-11-30 14:31 - 2013-11-30 14:32 - 00004956 _____ C:\WINDOWS\KB956841.log
2013-11-30 14:31 - 2013-11-30 14:31 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB956841$
2013-11-30 14:31 - 2013-11-30 14:31 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB956803$
2013-11-30 14:30 - 2013-11-30 14:31 - 00004952 _____ C:\WINDOWS\KB956803.log
2013-11-30 14:30 - 2013-11-30 14:30 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB954211$
2013-11-30 14:29 - 2013-11-30 14:30 - 00004952 _____ C:\WINDOWS\KB954211.log
2013-11-30 14:29 - 2013-11-30 14:29 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB952954$
2013-11-30 14:28 - 2013-11-30 14:29 - 00004951 _____ C:\WINDOWS\KB952954.log
2013-11-30 14:28 - 2013-11-30 14:28 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB952287$
2013-11-30 14:27 - 2013-11-30 14:28 - 00004952 _____ C:\WINDOWS\KB952287.log
2013-11-30 14:27 - 2013-11-30 14:27 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB951748$
2013-11-30 14:26 - 2013-11-30 14:27 - 00005246 _____ C:\WINDOWS\KB951748.log
2013-11-30 14:26 - 2013-11-30 14:26 - 00003678 _____ C:\WINDOWS\KB951698.log
2013-11-30 14:26 - 2013-11-30 14:26 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB951698$
2013-11-30 14:25 - 2013-11-30 14:25 - 00003700 _____ C:\WINDOWS\KB951376-v2.log
2013-11-30 14:25 - 2013-11-30 14:25 - 00001070 _____ C:\WINDOWS\KB951072-v2.log
2013-11-30 14:25 - 2013-11-30 14:25 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB951376-v2$
2013-11-30 14:24 - 2013-11-30 14:25 - 00003676 _____ C:\WINDOWS\KB951066.log
2013-11-30 14:24 - 2013-11-30 14:24 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB951066$
2013-11-30 14:24 - 2013-11-30 14:24 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB950974$
2013-11-30 14:23 - 2013-11-30 14:24 - 00003675 _____ C:\WINDOWS\KB950974.log
2013-11-30 14:23 - 2013-11-30 14:23 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB950762$
2013-11-30 14:22 - 2013-11-30 14:23 - 00003675 _____ C:\WINDOWS\KB950762.log
2013-11-30 14:22 - 2013-11-30 14:22 - 00000966 _____ C:\WINDOWS\KB950759.log
2013-11-30 14:22 - 2013-11-30 14:22 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB946648$
2013-11-30 14:21 - 2013-11-30 14:22 - 00004062 _____ C:\WINDOWS\KB946648.log
2013-11-30 14:21 - 2013-11-30 14:21 - 00004227 _____ C:\WINDOWS\KB938464.log
2013-11-30 14:21 - 2013-11-30 14:21 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB938464$
2013-11-30 14:16 - 2013-11-30 14:16 - 00000259 _____ C:\WINDOWS\sessmgr.setup.log
2013-11-30 14:16 - 2013-11-30 14:16 - 00000200 _____ C:\WINDOWS\cmsetacl.log
2013-11-30 14:15 - 2013-11-30 14:15 - 00000589 _____ C:\WINDOWS\medctroc.Log
2013-11-30 14:10 - 2013-11-30 14:35 - 00098279 _____ C:\WINDOWS\svcpack.log
2013-11-30 14:03 - 2013-11-30 14:05 - 388739072 _____ C:\Documents and Settings\PC\Plocha\xpsp3_5512.080413-2113_cs_x86fre_spcd.iso
2013-11-30 08:39 - 2013-11-30 08:39 - 02237968 _____ (Kaspersky Lab ZAO) C:\Documents and Settings\PC\Plocha\tdsskiller.exe
2013-11-29 15:48 - 2013-11-29 15:48 - 00048448 _____ C:\ComboFix.txt
2013-11-29 15:22 - 2011-06-26 07:45 - 00256000 _____ C:\WINDOWS\PEV.exe
2013-11-29 15:22 - 2010-11-07 18:20 - 00208896 _____ C:\WINDOWS\MBR.exe
2013-11-29 15:22 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\WINDOWS\NIRCMD.exe
2013-11-29 15:22 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\WINDOWS\SWREG.exe
2013-11-29 15:22 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\WINDOWS\SWSC.exe
2013-11-29 15:22 - 2000-08-31 01:00 - 00212480 _____ (SteelWerX) C:\WINDOWS\SWXCACLS.exe
2013-11-29 15:22 - 2000-08-31 01:00 - 00098816 _____ C:\WINDOWS\sed.exe
2013-11-29 15:22 - 2000-08-31 01:00 - 00080412 _____ C:\WINDOWS\grep.exe
2013-11-29 15:22 - 2000-08-31 01:00 - 00068096 _____ C:\WINDOWS\zip.exe
2013-11-29 15:21 - 2013-11-29 15:48 - 00000000 ____D C:\Qoobox
2013-11-29 15:21 - 2013-11-29 15:44 - 00000000 ____D C:\WINDOWS\erdnt
2013-11-29 15:19 - 2013-11-29 15:20 - 05150163 ____R (Swearware) C:\Documents and Settings\PC\Plocha\ComboFix.exe
2013-11-26 21:23 - 2013-11-26 21:23 - 00000000 ____D C:\Documents and Settings\PC\Local Settings\Data aplikací\Unity
2013-11-15 23:11 - 2013-11-15 23:47 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-11-14 09:22 - 2013-11-14 09:22 - 00000000 _____ C:\WINDOWS\system32\jupdate-1.7.0_45-b18.log
2013-11-14 09:09 - 2013-12-05 13:44 - 00006724 _____ C:\WINDOWS\KB2868626.log
2013-11-14 09:09 - 2013-12-05 13:43 - 00086228 _____ C:\WINDOWS\KB2888505-IE7.log
2013-11-14 09:09 - 2013-12-05 13:43 - 00006717 _____ C:\WINDOWS\KB2862152.log
2013-11-14 09:08 - 2013-12-05 13:43 - 00006740 _____ C:\WINDOWS\KB2876331.log

==================== One Month Modified Files and Folders =======

2013-12-05 16:29 - 2013-12-05 16:24 - 00009113 _____ C:\Documents and Settings\PC\Plocha\FRST.txt
2013-12-05 16:24 - 2007-08-08 12:40 - 00000000 ____D C:\Documents and Settings\PC\Plocha
2013-12-05 16:18 - 2013-12-05 16:18 - 00000000 ____D C:\FRST
2013-12-05 14:28 - 2013-12-05 12:30 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Malwarebytes' Anti-Malware (portable)
2013-12-05 14:28 - 2013-12-05 12:28 - 00000000 ____D C:\Documents and Settings\PC\Plocha\mbar
2013-12-05 13:44 - 2013-12-05 13:44 - 00003928 _____ C:\WINDOWS\KB2719985.log
2013-12-05 13:44 - 2013-11-14 09:09 - 00006724 _____ C:\WINDOWS\KB2868626.log
2013-12-05 13:44 - 2013-04-08 17:19 - 00015101 _____ C:\WINDOWS\KB2757638.log
2013-12-05 13:44 - 2007-08-08 12:58 - 01958130 _____ C:\WINDOWS\WindowsUpdate.log
2013-12-05 13:43 - 2013-12-05 13:43 - 00000000 ____D C:\WINDOWS\LastGood
2013-12-05 13:43 - 2013-11-14 09:09 - 00086228 _____ C:\WINDOWS\KB2888505-IE7.log
2013-12-05 13:43 - 2013-11-14 09:09 - 00006717 _____ C:\WINDOWS\KB2862152.log
2013-12-05 13:43 - 2013-11-14 09:08 - 00006740 _____ C:\WINDOWS\KB2876331.log
2013-12-05 12:30 - 2013-12-05 12:30 - 00105176 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2013-12-05 12:30 - 2007-08-08 14:26 - 00000000 __RHD C:\Documents and Settings\All Users\Data aplikací
2013-12-05 12:29 - 2013-12-05 12:29 - 00047064 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2013-12-05 12:28 - 2013-12-05 12:28 - 12576792 _____ (Malwarebytes Corp.) C:\Documents and Settings\PC\Plocha\mbar-1.07.0.1007.exe
2013-12-05 12:25 - 2013-12-05 12:25 - 01092683 _____ (Farbar) C:\Documents and Settings\PC\Plocha\FRST.exe
2013-12-05 09:09 - 2013-06-03 16:34 - 00088566 _____ C:\WINDOWS\system32\nvapps.xml
2013-12-05 09:09 - 2007-08-08 14:28 - 00000159 _____ C:\WINDOWS\wiadebug.log
2013-12-05 09:09 - 2007-08-08 14:28 - 00000049 _____ C:\WINDOWS\wiaservc.log
2013-12-05 09:09 - 2007-08-08 12:34 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-12-04 20:36 - 2007-08-08 12:40 - 00000178 ___SH C:\Documents and Settings\PC\ntuser.ini
2013-12-04 20:36 - 2007-08-08 12:38 - 00032418 _____ C:\WINDOWS\SchedLgU.Txt
2013-12-04 16:42 - 2013-09-30 14:57 - 00000000 ____D C:\Program Files\ChessBase
2013-12-04 16:42 - 2013-09-30 14:57 - 00000000 ____D C:\Documents and Settings\PC\Local Settings\Data aplikací\ChessBase
2013-12-04 16:42 - 2007-08-08 12:40 - 00000000 ___RD C:\Documents and Settings\PC\Nabídka Start\Programy
2013-12-04 16:42 - 2007-08-08 12:40 - 00000000 ___HD C:\Documents and Settings\PC\Local Settings\Data aplikací
2013-12-04 16:40 - 2013-12-03 18:10 - 00000000 ____D C:\Program Files\Opera
2013-12-04 16:40 - 2007-08-08 14:26 - 00000000 ____D C:\Documents and Settings\All Users\Plocha
2013-12-04 16:39 - 2013-12-03 18:11 - 00000000 ____D C:\Documents and Settings\PC\Data aplikací\Opera Software
2013-12-04 16:39 - 2007-08-08 14:26 - 00000000 ___RD C:\Documents and Settings\All Users\Nabídka Start\Programy
2013-12-03 18:41 - 2013-12-03 18:08 - 00004275 _____ C:\WINDOWS\ie8.log
2013-12-03 18:22 - 2013-04-08 21:28 - 00101906 _____ C:\WINDOWS\updspapi.log
2013-12-03 18:11 - 2013-12-03 18:11 - 00000000 ____D C:\Documents and Settings\PC\Local Settings\Data aplikací\Opera Software
2013-12-03 18:11 - 2007-08-08 12:40 - 00000000 __RHD C:\Documents and Settings\PC\Data aplikací
2013-12-03 18:08 - 2013-12-03 17:16 - 00025280 _____ C:\WINDOWS\ie8_main.log
2013-12-03 16:54 - 2013-08-29 09:16 - 00532099 _____ C:\WINDOWS\setupapi.log
2013-12-03 16:36 - 2013-05-28 20:41 - 00000000 ____D C:\WINDOWS\system32\Adobe
2013-12-03 12:07 - 2013-04-22 16:23 - 00084823 _____ C:\WINDOWS\wmsetup.log
2013-12-02 17:49 - 2013-12-02 17:49 - 00692616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2013-12-02 17:49 - 2013-12-02 17:49 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2013-12-02 17:48 - 2013-12-02 17:48 - 17822088 _____ (Adobe Systems Incorporated) C:\Documents and Settings\PC\Plocha\install_flash_player.exe
2013-12-02 16:10 - 2013-12-02 16:09 - 00830344 _____ (Adobe Systems Incorporated) C:\Documents and Settings\PC\Plocha\uninstall_flash_player.exe
2013-12-01 19:42 - 2013-12-01 19:42 - 00000000 ____D C:\_OTM
2013-12-01 19:27 - 2013-12-01 19:27 - 00522240 _____ (OldTimer Tools) C:\Documents and Settings\PC\Plocha\OTM.exe
2013-12-01 11:49 - 2013-12-01 11:48 - 00781383 _____ C:\Documents and Settings\PC\Plocha\RSIT.exe
2013-12-01 11:49 - 2013-10-11 12:10 - 00000000 ____D C:\Program Files\trend micro
2013-11-30 18:07 - 2003-04-16 13:00 - 00013646 _____ C:\WINDOWS\system32\wpa.dbl
2013-11-30 14:38 - 2013-11-30 14:38 - 00000236 _____ C:\WINDOWS\DtcInstall.log
2013-11-30 14:38 - 2013-05-07 10:30 - 00082849 _____ C:\WINDOWS\spupdsvc.log
2013-11-30 14:38 - 2007-08-08 12:59 - 00000788 _____ C:\Documents and Settings\LocalService\Nabídka Start\Programy\Windows Media Player.lnk
2013-11-30 14:38 - 2007-08-08 12:58 - 00000000 ____D C:\Documents and Settings\LocalService\Nabídka Start\Programy
2013-11-30 14:37 - 2013-11-30 14:37 - 00000187 _____ C:\WINDOWS\spupdsvc.log.1.log
2013-11-30 14:37 - 2007-08-08 12:58 - 00000251 _____ C:\WINDOWS\system32\spupdwxp.log
2013-11-30 14:36 - 2007-08-08 14:21 - 00000000 ____D C:\WINDOWS\security
2013-11-30 14:35 - 2013-11-30 14:10 - 00098279 _____ C:\WINDOWS\svcpack.log
2013-11-30 14:33 - 2013-04-08 21:27 - 00148912 _____ C:\WINDOWS\comsetup.log
2013-11-30 14:33 - 2013-04-08 21:27 - 00069717 _____ C:\WINDOWS\iis6.log
2013-11-30 14:32 - 2013-11-30 14:32 - 00004951 _____ C:\WINDOWS\KB957095.log
2013-11-30 14:32 - 2013-11-30 14:32 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB957095$
2013-11-30 14:32 - 2013-11-30 14:31 - 00004956 _____ C:\WINDOWS\KB956841.log
2013-11-30 14:32 - 2013-04-08 21:27 - 00444075 _____ C:\WINDOWS\FaxSetup.log
2013-11-30 14:32 - 2013-04-08 21:27 - 00227354 _____ C:\WINDOWS\ocgen.log
2013-11-30 14:32 - 2013-04-08 21:27 - 00175170 _____ C:\WINDOWS\tsoc.log
2013-11-30 14:32 - 2013-04-08 21:27 - 00091984 _____ C:\WINDOWS\ntdtcsetup.log
2013-11-30 14:32 - 2013-04-08 21:27 - 00028336 _____ C:\WINDOWS\ocmsn.log
2013-11-30 14:32 - 2013-04-08 21:27 - 00022883 _____ C:\WINDOWS\msgsocm.log
2013-11-30 14:32 - 2013-04-08 21:27 - 00001393 _____ C:\WINDOWS\imsins.log
2013-11-30 14:32 - 2013-04-08 21:27 - 00001393 _____ C:\WINDOWS\imsins.BAK
2013-11-30 14:31 - 2013-11-30 14:31 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB956841$
2013-11-30 14:31 - 2013-11-30 14:31 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB956803$
2013-11-30 14:31 - 2013-11-30 14:30 - 00004952 _____ C:\WINDOWS\KB956803.log
2013-11-30 14:30 - 2013-11-30 14:30 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB954211$
2013-11-30 14:30 - 2013-11-30 14:29 - 00004952 _____ C:\WINDOWS\KB954211.log
2013-11-30 14:29 - 2013-11-30 14:29 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB952954$
2013-11-30 14:29 - 2013-11-30 14:28 - 00004951 _____ C:\WINDOWS\KB952954.log
2013-11-30 14:28 - 2013-11-30 14:28 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB952287$
2013-11-30 14:28 - 2013-11-30 14:27 - 00004952 _____ C:\WINDOWS\KB952287.log
2013-11-30 14:27 - 2013-11-30 14:27 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB951748$
2013-11-30 14:27 - 2013-11-30 14:26 - 00005246 _____ C:\WINDOWS\KB951748.log
2013-11-30 14:26 - 2013-11-30 14:26 - 00003678 _____ C:\WINDOWS\KB951698.log
2013-11-30 14:26 - 2013-11-30 14:26 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB951698$
2013-11-30 14:25 - 2013-11-30 14:25 - 00003700 _____ C:\WINDOWS\KB951376-v2.log
2013-11-30 14:25 - 2013-11-30 14:25 - 00001070 _____ C:\WINDOWS\KB951072-v2.log
2013-11-30 14:25 - 2013-11-30 14:25 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB951376-v2$
2013-11-30 14:25 - 2013-11-30 14:24 - 00003676 _____ C:\WINDOWS\KB951066.log
2013-11-30 14:24 - 2013-11-30 14:24 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB951066$
2013-11-30 14:24 - 2013-11-30 14:24 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB950974$
2013-11-30 14:24 - 2013-11-30 14:23 - 00003675 _____ C:\WINDOWS\KB950974.log
2013-11-30 14:23 - 2013-11-30 14:23 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB950762$
2013-11-30 14:23 - 2013-11-30 14:22 - 00003675 _____ C:\WINDOWS\KB950762.log
2013-11-30 14:22 - 2013-11-30 14:22 - 00000966 _____ C:\WINDOWS\KB950759.log
2013-11-30 14:22 - 2013-11-30 14:22 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB946648$
2013-11-30 14:22 - 2013-11-30 14:21 - 00004062 _____ C:\WINDOWS\KB946648.log
2013-11-30 14:22 - 2007-08-08 12:31 - 00000000 ____D C:\Program Files\Messenger
2013-11-30 14:21 - 2013-11-30 14:21 - 00004227 _____ C:\WINDOWS\KB938464.log
2013-11-30 14:21 - 2013-11-30 14:21 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB938464$
2013-11-30 14:16 - 2013-11-30 14:16 - 00000259 _____ C:\WINDOWS\sessmgr.setup.log
2013-11-30 14:16 - 2013-11-30 14:16 - 00000200 _____ C:\WINDOWS\cmsetacl.log
2013-11-30 14:16 - 2007-08-08 14:26 - 00000000 ___RD C:\Documents and Settings\All Users\Nabídka Start
2013-11-30 14:16 - 2007-08-08 14:21 - 00000000 ____D C:\WINDOWS\Help
2013-11-30 14:16 - 2007-08-08 12:38 - 00000000 __SHD C:\Documents and Settings\NetworkService
2013-11-30 14:16 - 2007-08-08 12:34 - 00001563 _____ C:\Documents and Settings\All Users\Nabídka Start\Přístup a výchozí nastavení programů.lnk
2013-11-30 14:16 - 2007-08-08 12:29 - 00000000 ___RD C:\Documents and Settings\All Users\Nabídka Start\Programy\Příslušenství
2013-11-30 14:15 - 2013-11-30 14:15 - 00000589 _____ C:\WINDOWS\medctroc.Log
2013-11-30 14:15 - 2007-08-08 12:49 - 00000000 ____D C:\WINDOWS\system32\ReinstallBackups
2013-11-30 14:05 - 2013-11-30 14:03 - 388739072 _____ C:\Documents and Settings\PC\Plocha\xpsp3_5512.080413-2113_cs_x86fre_spcd.iso
2013-11-30 08:39 - 2013-11-30 08:39 - 02237968 _____ (Kaspersky Lab ZAO) C:\Documents and Settings\PC\Plocha\tdsskiller.exe
2013-11-29 15:59 - 2013-05-05 17:26 - 00000000 ____D C:\Documents and Settings\PC\Dokumenty\Ostatní
2013-11-29 15:48 - 2013-11-29 15:48 - 00048448 _____ C:\ComboFix.txt
2013-11-29 15:48 - 2013-11-29 15:21 - 00000000 ____D C:\Qoobox
2013-11-29 15:44 - 2013-11-29 15:21 - 00000000 ____D C:\WINDOWS\erdnt
2013-11-29 15:42 - 2003-04-16 13:00 - 00000227 _____ C:\WINDOWS\system.ini
2013-11-29 15:41 - 2007-08-08 12:39 - 00000000 ____D C:\Documents and Settings\PC
2013-11-29 15:20 - 2013-11-29 15:19 - 05150163 ____R (Swearware) C:\Documents and Settings\PC\Plocha\ComboFix.exe
2013-11-29 15:13 - 2007-08-08 13:32 - 00000000 ___RD C:\Documents and Settings\PC\Dokumenty\Filmy
2013-11-29 15:13 - 2007-08-08 12:40 - 00000000 ___RD C:\Documents and Settings\PC\Dokumenty
2013-11-29 15:02 - 2007-11-20 13:54 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Nero
2013-11-29 15:01 - 2007-11-20 13:58 - 00000188 _____ C:\WINDOWS\system32\MsiExec.exe.log
2013-11-29 14:57 - 2007-08-08 14:26 - 00000000 ___RD C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
2013-11-29 13:22 - 2013-04-10 12:27 - 00000069 _____ C:\WINDOWS\NeroDigital.ini
2013-11-28 20:01 - 2013-04-10 12:27 - 00020480 _____ C:\Documents and Settings\PC\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-11-28 18:08 - 2007-08-08 12:40 - 00000000 ___RD C:\Documents and Settings\PC\Dokumenty\Obrázky
2013-11-26 21:23 - 2013-11-26 21:23 - 00000000 ____D C:\Documents and Settings\PC\Local Settings\Data aplikací\Unity
2013-11-25 15:27 - 2007-08-08 12:40 - 00000000 ___RD C:\Documents and Settings\PC\Dokumenty\Hudba
2013-11-23 17:59 - 2007-08-24 10:38 - 00000000 ____D C:\Documents and Settings\PC\Local Settings\Data aplikací\Adobe
2013-11-15 23:47 - 2013-11-15 23:11 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-11-15 23:46 - 2013-04-09 21:22 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-11-15 16:06 - 2007-08-08 12:59 - 00075088 _____ C:\Documents and Settings\PC\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT
2013-11-15 09:09 - 2013-04-10 09:43 - 00001813 _____ C:\Documents and Settings\All Users\Plocha\Google Chrome.lnk
2013-11-14 09:23 - 2013-07-31 08:57 - 00000000 ____D C:\Program Files\Java
2013-11-14 09:22 - 2013-11-14 09:22 - 00000000 _____ C:\WINDOWS\system32\jupdate-1.7.0_45-b18.log

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe
[2003-04-16 13:00] - [2008-04-14 04:22] - 1034240 ____A (Microsoft Corporation) 27afd587c462e280ee046b8cca3c2cd1

C:\Windows\System32\winlogon.exe
[2003-04-16 13:00] - [2008-04-14 04:22] - 0507904 ____A (Microsoft Corporation) cddb1f8e1aea356f3ad106f2cf9b7fea

C:\Windows\System32\svchost.exe
[2003-04-16 13:00] - [2008-04-14 04:22] - 0014336 ____A (Microsoft Corporation) be4a520e29b6391f49e79ccc52044d93

C:\Windows\System32\services.exe
[2003-04-16 13:00] - [2009-02-09 12:25] - 0111104 ____A (Microsoft Corporation) 9ef697af07bb8dd82c3b02ca953a95b7

C:\Windows\System32\User32.dll
[2003-04-16 13:00] - [2008-04-14 04:22] - 0578560 ____A (Microsoft Corporation) e16e0990967374e76f3e40cacafd3d53

C:\Windows\System32\userinit.exe
[2003-04-16 13:00] - [2008-04-14 04:22] - 0026112 ____A (Microsoft Corporation) 7dc1830f22e7d275b438127b68030239

C:\Windows\System32\Drivers\volsnap.sys
[2003-04-16 13:00] - [2008-04-14 03:12] - 0052480 ____A (Microsoft Corporation) 28a4b296b47782173c346e376cb374d1

==================== End Of Log ============================

#40 Příspěvek od **cernohous13** » 05 pro 2013 18:01

Spusť Notepad a zkopíruj tam celý zelený text

Kód: Vybrat vše

Start

HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM\...\RunOnce: [ (A0)] - cmd /c "C:\Documents and Settings\PC\Plocha\mbar\mbar.exe" /rdv /s [1170744 2013-10-08] (Malwarebytes Corporation)
HKU\Default User\...\RunOnce: [NeroHomeFirstStart] - "C:\Program Files\Common Files\Nero\Lib\NMFirstStart.exe"
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search
ShellExecuteHooks: URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\system32\shell32.dll [8466944 2012-06-08] (Microsoft Corporation)
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\31.0.1650.57\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\31.0.1650.57\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\31.0.1650.57\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
S3 catchme; \??\C:\DOCUME~1\PC\LOCALS~1\Temp\catchme.sys [x]
S4 IntelIde; No ImagePath
U3 TlntSvr; 

CMD: shutdown /r /f /t 2

End

Ulož na plochu jako fixlist.txt

Spusť FRST -> Fix

po restartu dej fixlog.txt

Chess · #41 Příspěvek od **Chess** » 05 pro 2013 20:44

Díky a posílám...

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 05-12-2013
Ran by PC at 2013-12-05 20:41:36 Run:1
Running from C:\Documents and Settings\PC\Plocha
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start

HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM\...\RunOnce: [ (A0)] - cmd /c "C:\Documents and Settings\PC\Plocha\mbar\mbar.exe" /rdv /s [1170744 2013-10-08] (Malwarebytes Corporation)
HKU\Default User\...\RunOnce: [NeroHomeFirstStart] - "C:\Program Files\Common Files\Nero\Lib\NMFirstStart.exe"
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search
ShellExecuteHooks: URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\system32\shell32.dll [8466944 2012-06-08] (Microsoft Corporation)
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\31.0.1650.57\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\31.0.1650.57\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\31.0.1650.57\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
S3 catchme; \??\C:\DOCUME~1\PC\LOCALS~1\Temp\catchme.sys [x]
S4 IntelIde; No ImagePath
U3 TlntSvr;

CMD: shutdown /r /f /t 2

End
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\ (A0) => Value deleted successfully.
HKU\Default User\Software\Microsoft\Windows\CurrentVersion\RunOnce\\NeroHomeFirstStart => Value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\explorer\ShellExecuteHooks\\{AEB6717E-7E19-11d0-97EE-00C04FD91972} => Value deleted successfully.
HKCR\CLSID\{AEB6717E-7E19-11d0-97EE-00C04FD91972} => Key deleted successfully.
C:\Program Files\Google\Chrome\Application\31.0.1650.57\PepperFlash\pepflashplayer.dll => Moved successfully.
C:\Program Files\Google\Chrome\Application\31.0.1650.57\ppGoogleNaClPluginChrome.dll => Moved successfully.
C:\Program Files\Google\Chrome\Application\31.0.1650.57\pdf.dll => Moved successfully.
C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll not found.
C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll not found.
catchme => Service deleted successfully.
IntelIde => Service deleted successfully.
TlntSvr => Service deleted successfully.

========= shutdown /r /f /t 2 =========

========= End of CMD: =========

==== End of Fixlog ====

#42 Příspěvek od **cernohous13** » 06 pro 2013 09:39

Jak jsme na tom

Co tě ještě trápí? (neptám se na banku

)

Chess · #43 Příspěvek od **Chess** » 06 pro 2013 11:20

Jsme na tom špatně

Je to jen o malinko lepší, ale pořád blbé...

Co mě ještě trápí? To už by bylo téma do jiného fóra

#44 Příspěvek od **JaRon** » 06 pro 2013 13:35

vloz este log z RK http://forum.viry.cz/viewtopic.php?f=24&t=120452

Chess · #45 Příspěvek od **Chess** » 06 pro 2013 14:36

RogueKiller V8.7.11 [Dec 3 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : PC [Práva správce]
Mód : Kontrola -- Datum : 12/06/2013 14:34:06
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 2 ¤¤¤
[HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
[Inline] EAT @explorer.exe (?MILLIS_PER_SECOND@GCDate@@2JB) : GrooveUtil.DLL -> HOOKED (Unknown @ 0xC8F70CD4)
[Inline] EAT @firefox.exe (?MILLIS_PER_SECOND@GCDate@@2JB) : GrooveUtil.DLL -> HOOKED (Unknown @ 0xC8F70CD4)

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

ÿþ1

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD1600BB-55RDA0 +++++
--- User ---
[MBR] 1a958e69ac4e6ef2037a1dfe363cccc8
[BSP] 6ffaf715153b82f515a7f5cf405459a7 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 76528 Mo
1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 156730140 | Size: 76096 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_S_12062013_143406.txt >>

Posílám a díky

VIRY.CZ

Preventivka (poslední dobou je PC "jiný")

Re: Preventivka (poslední dobou je PC "jiný")

Re: Preventivka (poslední dobou je PC "jiný")

Re: Preventivka (poslední dobou je PC "jiný")

Re: Preventivka (poslední dobou je PC "jiný")

Re: Preventivka (poslední dobou je PC "jiný")

Re: Preventivka (poslední dobou je PC "jiný")

Re: Preventivka (poslední dobou je PC "jiný")

Re: Preventivka (poslední dobou je PC "jiný")

Re: Preventivka (poslední dobou je PC "jiný")

Re: Preventivka (poslední dobou je PC "jiný")

Re: Preventivka (poslední dobou je PC "jiný")

Re: Preventivka (poslední dobou je PC "jiný")

Re: Preventivka (poslední dobou je PC "jiný")

Re: Preventivka (poslední dobou je PC "jiný")

Re: Preventivka (poslední dobou je PC "jiný")