Dobrý den, prosím o kontrolu logu kamarádova ntb. Projevují se občasné tzv. "modré smrti" (pár problémů s repository se mi podařilo již odstranit, ale bude toho asi více). Zkoušel jsem nahodit NIS 2014 ke kontrole, ale ten bohužel nedoběhne a spadne:(
Děkuji
Níže log z FRST:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:16-08-2014 03
Ran by Zita (administrator) on ZITA-PC on 17-08-2014 03:31:39
Running from D:\Install software\Kontrola havěti
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 9
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(HP) C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe
(HP) C:\Windows\System32\HPSIsvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\21.1.0.18\NIS.exe
(O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodag.exe
(Prolific Technology Inc.) C:\Windows\System32\IoctlSvc.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
(Fujitsu Siemens Computers) C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
() C:\Program Files\Hotkey Utility\tray.exe
(FIC) C:\Program Files\Launch Pad\LaunchPad.exe
() C:\Program Files\Power Manager\PM.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
() C:\Program Files\4G Hostless Modem\4G Hostless Modem\CheckNDISPort_df.exe
() C:\Program Files\4G Hostless Modem\4G Hostless Modem\CancelAutoPlay_df.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodtray.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Nokia) C:\Program Files\Nokia\PC Internet Access\NPCIA.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer.exe
(Nokia.) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
() C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Ghisler Software GmbH) C:\Totalcommander\TOTALCMD.EXE
() C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\tv_w32.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashUtil11e_ActiveX.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\21.1.0.18\NIS.exe
(forum.viry.cz) C:\Users\Zita\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Corporation) C:\Windows\System32\PING.EXE
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKU\.DEFAULT\...\Run: [fsc-reg] => c:\fsc-reg\fscreg.exe
HKU\.DEFAULT\...\Run: [Nokia.PCSync] => C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-734645772-2747100602-3289394029-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-734645772-2747100602-3289394029-1000\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-08-20] (Google Inc.)
HKU\S-1-5-21-734645772-2747100602-3289394029-1000\...\Run: [NokiaPCInternetAccess] => C:\Program Files\Nokia\PC Internet Access\NPCIA.exe [651264 2009-05-26] (Nokia)
HKU\S-1-5-21-734645772-2747100602-3289394029-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-734645772-2747100602-3289394029-1000\...\MountPoints2: F - F:\AutoRun.exe
HKU\S-1-5-21-734645772-2747100602-3289394029-1000\...\MountPoints2: G - G:\AutoRun.exe
HKU\S-1-5-21-734645772-2747100602-3289394029-1000\...\MountPoints2: {0ce39054-9199-11df-99f8-b3849a73d6d8} - F:\Launcher.exe
HKU\S-1-5-21-734645772-2747100602-3289394029-1000\...\MountPoints2: {30e54ac5-7015-11e0-a23a-a83e25eb0a10} - F:\NokiaPCIA_Autorun.exe
HKU\S-1-5-21-734645772-2747100602-3289394029-1000\...\MountPoints2: {4f58dd01-106e-11de-91ce-0016ead06574} - F:\AutoRun.exe
HKU\S-1-5-21-734645772-2747100602-3289394029-1000\...\MountPoints2: {4f58dd20-106e-11de-91ce-0016ead06574} - G:\AutoRun.exe
HKU\S-1-5-21-734645772-2747100602-3289394029-1000\...\MountPoints2: {81b94334-ed88-11e0-b392-b24126c0b873} - F:\AutoRun.exe
HKU\S-1-5-21-734645772-2747100602-3289394029-1000\...\MountPoints2: {89e2d272-95ea-11e3-8c71-ec5a9d5979bc} - F:\AutoRun.exe
HKU\S-1-5-21-734645772-2747100602-3289394029-1000\...\MountPoints2: {d0a77535-ef32-11de-a91a-a6709fc8b795} - G:\setupSNK.exe
HKU\S-1-5-21-734645772-2747100602-3289394029-1000\...\MountPoints2: {e62236ee-6030-11de-9804-a8f7a8386e2c} - F:\AutoRun.exe
HKU\S-1-5-21-734645772-2747100602-3289394029-1000\...\MountPoints2: {e6223701-6030-11de-9804-a8f7a8386e2c} - G:\AutoRun.exe
HKU\S-1-5-21-734645772-2747100602-3289394029-1000\...\MountPoints2: {f3adc311-73fa-11e0-bc04-b93b3a3865d2} - G:\NokiaPCIA_Autorun.exe
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
BootExecute: autocheck autochk * OODBS
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://xooxle.net/?lr=EEEE
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://xooxle.net/?lr=EEEE
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Internet Security\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation)
BHO: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files\Norton Internet Security\Engine\21.1.0.18\IPS\IPSBHO.DLL (Symantec Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Skype Plug-In -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shoc ... tor/sw.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.systemrequirementslab.co ... .5.3.0.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 02 %SystemRoot%\system32\napinsp.dll [50176] (Společnost Microsoft)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 10.0.150.150 188.75.128.188
FireFox:
========
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=12.0.1.647 -> C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=12.0.1.647 -> C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpchromebrowserrecordext;version=12.0.1.660 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=12.0.1.660 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=12.0.1.660 -> C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-08-24]
FF HKLM\...\Firefox\Extensions: [bkmrksync@nokia.com] - C:\Users\Zita\Desktop\Nokia PC Suite 7\bkmrksync
FF Extension: PC Sync 2 Synchronisation Extension - C:\Users\Zita\Desktop\Nokia PC Suite 7\bkmrksync [2010-07-17]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011-07-12]
FF HKLM\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF [2014-08-17]
FF HKLM\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn [2014-08-17]
Chrome:
=======
CHR HomePage: hxxp://xooxle.net/?lr=EEEE
CHR DefaultSearchKeyword: seznam.cz
CHR DefaultNewTabURL:
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\36.0.1985.143\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\36.0.1985.143\gcswf32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.300.12) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U30) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (QuickTime Plug-in 7.6) - C:\Program Files\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6) - C:\Program Files\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6) - C:\Program Files\QuickTime\plugins\npqtplugin7.dll No File
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll No File
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
CHR Plugin: (RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
CHR Plugin: (Windows Presentation Foundation) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Zita\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2011-12-08]
CHR Extension: (Peněženka Google) - C:\Users\Zita\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2011-07-12]
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files\Norton Internet Security\Engine\21.1.0.18\Exts\Chrome.crx [2014-08-17]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 HPM1210RcvFaxSrvc; C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe [247352 2010-05-11] (HP)
R2 MDM; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
R2 NIS; C:\Program Files\Norton Internet Security\Engine\21.1.0.18\NIS.exe [275696 2013-10-08] (Symantec Corporation)
R2 OODefragAgent; C:\Program Files\OO Software\Defrag\oodag.exe [2489680 2011-11-17] (O&O Software GmbH)
R2 PLFlash DeviceIoControl Service; C:\Windows\system32\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.) [File not signed]
R3 ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [621056 2009-03-04] (Nokia.) [File not signed]
R2 TestHandler; C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe [303104 2008-04-25] (Fujitsu Siemens Computers) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S4 ahcix86s; C:\Windows\system32\drivers\ahcix86s.sys [173576 2008-05-27] (AMD Technologies Inc.)
R1 BHDrvx86; C:\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140801.001\BHDrvx86.sys [1101616 2014-08-01] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NIS\1501000.012\ccSetx86.sys [127064 2013-09-26] (Symantec Corporation)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [377648 2014-08-16] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [109872 2014-08-16] (Symantec Corporation)
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [190424 2009-04-11] (Společnost Microsoft)
S3 HP1210FAX; C:\Windows\System32\Drivers\HPM1210FAX.sys [13824 2010-04-28] ()
S3 Huawei; C:\Windows\System32\DRIVERS\ewdcsc.sys [24448 2007-08-09] (Huawei Tech. Co., Ltd.)
R1 IDSVix86; C:\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20140815.001\IDSvix86.sys [395992 2014-08-15] (Symantec Corporation)
S4 JRAID; C:\Windows\system32\drivers\jraid.sys [76688 2008-04-03] (JMicron Technology Corp.)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [110296 2014-08-17] (Malwarebytes Corporation)
R3 NAVENG; C:\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140816.002\NAVENG.SYS [93272 2014-08-16] (Symantec Corporation)
R3 NAVEX15; C:\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140816.002\NAVEX15.SYS [1612376 2014-08-16] (Symantec Corporation)
R3 Ntfs; C:\Windows\system32\Drivers\Ntfs.sys [1082232 2013-03-03] (Společnost Microsoft)
R3 SRTSP; C:\Windows\system32\drivers\NIS\1501000.012\SRTSP.SYS [651352 2013-09-27] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NIS\1501000.012\SRTSPX.SYS [32344 2013-09-10] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NIS\1501000.012\SYMDS.SYS [367704 2013-09-10] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NIS\1501000.012\SYMEFA.SYS [935512 2013-09-27] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [142936 2014-08-17] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NIS\1501000.012\Ironx86.SYS [206936 2013-09-27] (Symantec Corporation)
R1 SYMTDIv; C:\Windows\system32\drivers\NIS\1501000.012\SYMTDIV.SYS [383576 2013-09-26] (Symantec Corporation)
R1 WINIO; C:\Windows\system32\WinIo.sys [9336 2007-01-04] (http://www.internals.com) [File not signed]
U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [113280 2009-10-20] (Huawei Technologies Co., Ltd.)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-17 03:30 - 2014-08-17 03:31 - 00000000 ____D () C:\FRST
2014-08-17 03:28 - 2014-08-17 03:28 - 00029696 _____ () C:\Users\Zita\AppData\Local\MSGBOX.EXE
2014-08-17 03:28 - 2014-08-17 03:28 - 00015327 _____ () C:\Users\Zita\Desktop\LM.bat
2014-08-17 03:27 - 2014-08-17 03:27 - 00112640 _____ (forum.viry.cz) C:\Users\Zita\Desktop\FRSTLauncher.exe
2014-08-17 03:27 - 2014-08-17 03:26 - 00000000 _____ () C:\Users\Zita\Desktop\FRST.exe
2014-08-17 02:06 - 2014-08-17 02:16 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-17 02:06 - 2014-08-17 02:06 - 00000905 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-17 02:06 - 2014-08-17 02:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-17 02:06 - 2014-08-17 02:06 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-08-17 02:06 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-08-17 02:06 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-08-17 02:06 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-08-17 01:41 - 2014-08-17 01:41 - 00000000 ____D () C:\Windows\system32\oodag
2014-08-17 01:38 - 2014-08-17 01:38 - 00001914 _____ () C:\Users\Public\Desktop\O&O Defrag.lnk
2014-08-17 01:38 - 2014-08-17 01:38 - 00000000 ____D () C:\Users\Zita\AppData\Local\O&O
2014-08-17 01:38 - 2014-08-17 01:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\O&O Software
2014-08-17 01:37 - 2014-08-17 01:37 - 00000000 ____D () C:\Users\Zita\AppData\Local\Downloaded Installations
2014-08-17 01:09 - 2014-08-17 01:09 - 00000000 ____D () C:\Users\Zita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-08-17 01:09 - 2014-08-17 01:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-08-17 01:02 - 2014-08-17 03:24 - 00000000 ____D () C:\Users\Zita\AppData\Local\CrashDumps
2014-08-17 00:16 - 2014-08-17 00:16 - 00142936 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT.SYS
2014-08-17 00:16 - 2014-08-17 00:16 - 00008194 _____ () C:\Windows\system32\Drivers\SYMEVENT.CAT
2014-08-17 00:16 - 2014-08-17 00:16 - 00002219 _____ () C:\Users\Public\Desktop\Norton Internet Security.lnk
2014-08-17 00:14 - 2014-08-17 00:25 - 00000000 ____D () C:\Windows\system32\Drivers\NIS
2014-08-17 00:13 - 2014-08-17 00:16 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
2014-08-17 00:13 - 2014-08-17 00:14 - 00000000 ____D () C:\Program Files\Norton Internet Security
2014-08-17 00:03 - 2014-08-17 00:03 - 00000000 ____D () C:\ProgramData\Oracle
2014-08-17 00:02 - 2014-08-17 00:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-08-17 00:02 - 2014-08-17 00:01 - 00272808 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-08-17 00:02 - 2014-08-17 00:01 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-08-17 00:02 - 2014-08-17 00:01 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-08-17 00:02 - 2014-08-17 00:01 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-08-16 23:44 - 2014-08-16 23:44 - 00000000 ____D () C:\Users\Zita\AppData\Local\GHISLER
2014-08-16 23:39 - 2014-08-16 23:40 - 00000000 ____D () C:\Totalcommander
2014-08-16 23:39 - 2014-08-16 23:39 - 00000632 _____ () C:\Users\Public\Desktop\Total Commander.lnk
2014-08-16 23:39 - 2014-08-16 23:39 - 00000000 ____D () C:\Users\Zita\AppData\Roaming\GHISLER
2014-08-16 23:39 - 2014-08-16 23:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total Commander
2014-08-16 23:39 - 2012-08-03 08:01 - 00000545 _____ () C:\Windows\UC.PIF
2014-08-16 23:39 - 2012-08-03 08:01 - 00000545 _____ () C:\Windows\RAR.PIF
2014-08-16 23:39 - 2012-08-03 08:01 - 00000545 _____ () C:\Windows\PKZIP.PIF
2014-08-16 23:39 - 2012-08-03 08:01 - 00000545 _____ () C:\Windows\PKUNZIP.PIF
2014-08-16 23:39 - 2012-08-03 08:01 - 00000545 _____ () C:\Windows\LHA.PIF
2014-08-16 23:39 - 2012-08-03 08:01 - 00000545 _____ () C:\Windows\ARJ.PIF
2014-08-16 23:22 - 2014-08-16 23:22 - 00000973 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-08-15 19:57 - 2014-08-15 19:57 - 00145872 _____ () C:\Windows\Minidump\Mini081514-01.dmp
2014-08-15 03:11 - 2014-06-27 00:17 - 00619664 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-15 03:11 - 2014-06-27 00:17 - 00099480 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-15 03:11 - 2014-06-27 00:17 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-15 03:11 - 2014-06-06 06:28 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-14 22:19 - 2014-07-24 20:07 - 12356608 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-14 22:19 - 2014-07-24 19:58 - 01810432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-14 22:19 - 2014-07-24 19:52 - 01137664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-14 22:19 - 2014-07-24 19:51 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-14 22:19 - 2014-07-24 19:49 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-08-14 22:19 - 2014-07-24 19:49 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-14 22:19 - 2014-07-24 19:48 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-14 22:19 - 2014-07-24 19:48 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-14 22:19 - 2014-07-24 19:48 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-14 22:19 - 2014-07-24 19:48 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-08-14 22:19 - 2014-07-24 19:48 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-08-14 22:19 - 2014-07-24 19:48 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-08-14 22:19 - 2014-07-24 19:47 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-14 22:18 - 2014-07-24 19:57 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-14 22:18 - 2014-07-24 19:51 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-14 22:18 - 2014-07-24 19:50 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-08-14 22:18 - 2014-07-24 19:50 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-14 22:18 - 2014-07-24 19:49 - 01802240 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-14 22:18 - 2014-07-24 19:49 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-14 22:18 - 2014-07-24 19:49 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-14 22:18 - 2014-07-24 19:48 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-14 22:08 - 2014-06-02 12:31 - 02263552 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-14 22:08 - 2014-06-02 12:31 - 00332800 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-14 22:08 - 2014-06-02 12:30 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-14 22:08 - 2014-06-02 12:30 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-08-14 22:08 - 2014-06-02 10:56 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-14 22:00 - 2014-07-08 02:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-14 22:00 - 2014-06-14 02:44 - 00638400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-14 22:00 - 2014-06-14 02:33 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-08-14 21:55 - 2014-07-25 06:26 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-14 21:55 - 2014-07-25 04:53 - 02054656 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-08 11:03 - 2014-08-08 11:03 - 00145888 _____ () C:\Windows\Minidump\Mini080814-01.dmp
2014-08-02 10:10 - 2014-08-02 10:10 - 00145872 _____ () C:\Windows\Minidump\Mini080214-01.dmp
2014-08-01 16:26 - 2014-08-01 16:26 - 00001670 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-08-01 16:26 - 2014-08-01 16:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-08-01 16:25 - 2014-08-01 16:26 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-08-01 16:25 - 2014-08-01 16:26 - 00000000 ____D () C:\Program Files\iTunes
2014-08-01 16:25 - 2014-08-01 16:25 - 00000000 ____D () C:\Program Files\iPod
2014-08-01 15:37 - 2014-08-01 15:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-07-31 09:17 - 2014-07-31 09:17 - 00042496 _____ () C:\Users\Zita\Desktop\E059 - Zajac.xls
2014-07-27 21:55 - 2014-07-27 23:04 - 00000000 ____D () C:\Users\Zita\Desktop\byt
2014-07-21 19:02 - 2014-07-21 19:02 - 01466347 _____ () C:\Users\Zita\Desktop\prilohy_30463.zip
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-17 03:31 - 2014-08-17 03:30 - 00000000 ____D () C:\FRST
2014-08-17 03:30 - 2010-01-31 11:40 - 00000940 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-17 03:28 - 2014-08-17 03:28 - 00029696 _____ () C:\Users\Zita\AppData\Local\MSGBOX.EXE
2014-08-17 03:28 - 2014-08-17 03:28 - 00015327 _____ () C:\Users\Zita\Desktop\LM.bat
2014-08-17 03:27 - 2014-08-17 03:27 - 00112640 _____ (forum.viry.cz) C:\Users\Zita\Desktop\FRSTLauncher.exe
2014-08-17 03:26 - 2014-08-17 03:27 - 00000000 _____ () C:\Users\Zita\Desktop\FRST.exe
2014-08-17 03:24 - 2014-08-17 01:02 - 00000000 ____D () C:\Users\Zita\AppData\Local\CrashDumps
2014-08-17 03:17 - 2010-07-17 13:54 - 00000000 ____D () C:\Program Files\PC Connectivity Solution
2014-08-17 03:10 - 2009-03-13 07:50 - 01530704 _____ () C:\Windows\WindowsUpdate.log
2014-08-17 03:07 - 2010-01-31 11:40 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-17 03:06 - 2006-11-02 14:47 - 00371984 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-17 03:05 - 2009-03-19 19:46 - 00440731 _____ () C:\Windows\system32\OODBS.lor
2014-08-17 03:05 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-17 03:05 - 2006-11-02 14:47 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-17 03:05 - 2006-11-02 14:47 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-17 03:02 - 2006-11-02 15:01 - 00032564 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-08-17 02:30 - 2009-03-19 13:26 - 00000000 ____D () C:\Windows\Minidump
2014-08-17 02:30 - 2009-03-19 13:25 - 345336585 _____ () C:\Windows\MEMORY.DMP
2014-08-17 02:16 - 2014-08-17 02:06 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-17 02:06 - 2014-08-17 02:06 - 00000905 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-17 02:06 - 2014-08-17 02:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-17 02:06 - 2014-08-17 02:06 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-08-17 02:06 - 2011-08-25 23:09 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-17 01:41 - 2014-08-17 01:41 - 00000000 ____D () C:\Windows\system32\oodag
2014-08-17 01:38 - 2014-08-17 01:38 - 00001914 _____ () C:\Users\Public\Desktop\O&O Defrag.lnk
2014-08-17 01:38 - 2014-08-17 01:38 - 00000000 ____D () C:\Users\Zita\AppData\Local\O&O
2014-08-17 01:38 - 2014-08-17 01:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\O&O Software
2014-08-17 01:38 - 2009-03-19 19:38 - 00000000 ____D () C:\Program Files\OO Software
2014-08-17 01:37 - 2014-08-17 01:37 - 00000000 ____D () C:\Users\Zita\AppData\Local\Downloaded Installations
2014-08-17 01:28 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\Help
2014-08-17 01:21 - 2011-04-25 22:59 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2014-08-17 01:19 - 2011-03-05 23:55 - 00000000 ____D () C:\ProgramData\Norton
2014-08-17 01:13 - 2009-03-19 13:22 - 00000000 ____D () C:\Program Files\WinRAR
2014-08-17 01:13 - 2008-01-21 04:47 - 00542398 _____ () C:\Windows\PFRO.log
2014-08-17 01:09 - 2014-08-17 01:09 - 00000000 ____D () C:\Users\Zita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-08-17 01:09 - 2014-08-17 01:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-08-17 01:04 - 2009-03-19 13:22 - 00000000 ____D () C:\Users\Zita\AppData\Roaming\WinRAR
2014-08-17 00:25 - 2014-08-17 00:14 - 00000000 ____D () C:\Windows\system32\Drivers\NIS
2014-08-17 00:16 - 2014-08-17 00:16 - 00142936 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT.SYS
2014-08-17 00:16 - 2014-08-17 00:16 - 00008194 _____ () C:\Windows\system32\Drivers\SYMEVENT.CAT
2014-08-17 00:16 - 2014-08-17 00:16 - 00002219 _____ () C:\Users\Public\Desktop\Norton Internet Security.lnk
2014-08-17 00:16 - 2014-08-17 00:13 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
2014-08-17 00:14 - 2014-08-17 00:13 - 00000000 ____D () C:\Program Files\Norton Internet Security
2014-08-17 00:10 - 2009-03-15 20:21 - 00246784 _____ () C:\Users\Zita\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-08-17 00:10 - 2009-03-13 00:15 - 00100040 _____ () C:\Users\Zita\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-17 00:07 - 2012-11-11 12:54 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-08-17 00:03 - 2014-08-17 00:03 - 00000000 ____D () C:\ProgramData\Oracle
2014-08-17 00:03 - 2009-05-15 00:14 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-08-17 00:02 - 2014-08-17 00:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-08-17 00:01 - 2014-08-17 00:02 - 00272808 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-08-17 00:01 - 2014-08-17 00:02 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-08-17 00:01 - 2014-08-17 00:02 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-08-17 00:01 - 2014-08-17 00:02 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-08-17 00:01 - 2009-05-15 00:14 - 00000000 ____D () C:\Program Files\Java
2014-08-16 23:44 - 2014-08-16 23:44 - 00000000 ____D () C:\Users\Zita\AppData\Local\GHISLER
2014-08-16 23:40 - 2014-08-16 23:39 - 00000000 ____D () C:\Totalcommander
2014-08-16 23:39 - 2014-08-16 23:39 - 00000632 _____ () C:\Users\Public\Desktop\Total Commander.lnk
2014-08-16 23:39 - 2014-08-16 23:39 - 00000000 ____D () C:\Users\Zita\AppData\Roaming\GHISLER
2014-08-16 23:39 - 2014-08-16 23:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total Commander
2014-08-16 23:32 - 2008-04-14 16:18 - 01532794 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-16 23:32 - 2006-11-02 14:52 - 00320212 _____ () C:\Windows\setupact.log
2014-08-16 23:22 - 2014-08-16 23:22 - 00000973 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-08-16 23:22 - 2011-08-25 23:31 - 00000000 ____D () C:\Program Files\TeamViewer
2014-08-16 23:21 - 2011-08-25 23:33 - 00000000 ____D () C:\Users\Zita\AppData\Roaming\TeamViewer
2014-08-15 19:57 - 2014-08-15 19:57 - 00145872 _____ () C:\Windows\Minidump\Mini081514-01.dmp
2014-08-15 03:59 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\rescache
2014-08-15 03:53 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-08-15 03:21 - 2009-03-25 10:08 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-15 03:19 - 2013-07-14 03:01 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-15 03:14 - 2006-11-02 12:24 - 96303304 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-08-14 01:38 - 2012-06-19 20:25 - 00001977 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-08 11:03 - 2014-08-08 11:03 - 00145888 _____ () C:\Windows\Minidump\Mini080814-01.dmp
2014-08-02 10:10 - 2014-08-02 10:10 - 00145872 _____ () C:\Windows\Minidump\Mini080214-01.dmp
2014-08-01 16:26 - 2014-08-01 16:26 - 00001670 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-08-01 16:26 - 2014-08-01 16:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-08-01 16:26 - 2014-08-01 16:25 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-08-01 16:26 - 2014-08-01 16:25 - 00000000 ____D () C:\Program Files\iTunes
2014-08-01 16:25 - 2014-08-01 16:25 - 00000000 ____D () C:\Program Files\iPod
2014-08-01 16:25 - 2012-11-11 12:31 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-08-01 15:37 - 2014-08-01 15:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-08-01 15:37 - 2009-03-18 15:08 - 00000000 ____D () C:\Program Files\QuickTime
2014-08-01 12:24 - 2011-11-14 21:02 - 00000000 ____D () C:\Users\Zita\AppData\Roaming\vlc
2014-07-31 09:17 - 2014-07-31 09:17 - 00042496 _____ () C:\Users\Zita\Desktop\E059 - Zajac.xls
2014-07-30 20:38 - 2009-08-20 18:32 - 00000000 ____D () C:\Users\Zita\AppData\Roaming\Skype
2014-07-27 23:04 - 2014-07-27 21:55 - 00000000 ____D () C:\Users\Zita\Desktop\byt
2014-07-25 10:17 - 2011-06-20 20:01 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-25 06:26 - 2014-08-14 21:55 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-07-25 04:53 - 2014-08-14 21:55 - 02054656 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-24 20:07 - 2014-08-14 22:19 - 12356608 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-24 19:58 - 2014-08-14 22:19 - 01810432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-24 19:57 - 2014-08-14 22:18 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-24 19:52 - 2014-08-14 22:19 - 01137664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-24 19:51 - 2014-08-14 22:19 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-24 19:51 - 2014-08-14 22:18 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-24 19:50 - 2014-08-14 22:18 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-07-24 19:50 - 2014-08-14 22:18 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-24 19:49 - 2014-08-14 22:19 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-07-24 19:49 - 2014-08-14 22:19 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-24 19:49 - 2014-08-14 22:18 - 01802240 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-24 19:49 - 2014-08-14 22:18 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-24 19:49 - 2014-08-14 22:18 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-24 19:48 - 2014-08-14 22:19 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-24 19:48 - 2014-08-14 22:19 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-24 19:48 - 2014-08-14 22:19 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-24 19:48 - 2014-08-14 22:19 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-07-24 19:48 - 2014-08-14 22:19 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-07-24 19:48 - 2014-08-14 22:19 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-07-24 19:48 - 2014-08-14 22:18 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-24 19:47 - 2014-08-14 22:19 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-24 03:02 - 2011-06-20 20:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-21 19:02 - 2014-07-21 19:02 - 01466347 _____ () C:\Users\Zita\Desktop\prilohy_30463.zip
Files to move or delete:
====================
C:\ProgramData\ezsid.dat
Some content of TEMP:
====================
C:\Users\Zita\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-08-17 03:11
==================== End Of Log ============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu logu (pády Win Vista SP2 na ntb)
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Prosím o kontrolu logu (pády Win Vista SP2 na ntb)
- Přílohy
-
- Addition.rar
- (8.74 KiB) Staženo 48 x
-
Rudy
- Site Admin
- Příspěvky: 119544
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu (pády Win Vista SP2 na ntb)
Zdravím!
Otevřte poznámkový blok a zkopírujte do něj:
Dále otevřte adresář c:\windows\minidump, jaho obsah zabalte do raru a přiložte k vašemu příštímu postu.
Otevřte poznámkový blok a zkopírujte do něj:
Uložte do D:\Install software\Kontrola havěti jako fixlist.txt. Pak znovu spusťte FRST a klikněte na >Fix<. Zkopírujte sem pak log, který se na závěr vytvoří.Start
HKU\S-1-5-21-734645772-2747100602-3289394029-1000\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-08-20] (Google Inc.)
c:\Program Files\Google\GoogleToolbarNotifier
HKU\S-1-5-21-734645772-2747100602-3289394029-1000\...\MountPoints2: F - F:\AutoRun.exe
HKU\S-1-5-21-734645772-2747100602-3289394029-1000\...\MountPoints2: G - G:\AutoRun.exe
HKU\S-1-5-21-734645772-2747100602-3289394029-1000\...\MountPoints2: {0ce39054-9199-11df-99f8-b3849a73d6d8} - F:\Launcher.exe
HKU\S-1-5-21-734645772-2747100602-3289394029-1000\...\MountPoints2: {30e54ac5-7015-11e0-a23a-a83e25eb0a10} - F:\NokiaPCIA_Autorun.exe
HKU\S-1-5-21-734645772-2747100602-3289394029-1000\...\MountPoints2: {4f58dd01-106e-11de-91ce-0016ead06574} - F:\AutoRun.exe
HKU\S-1-5-21-734645772-2747100602-3289394029-1000\...\MountPoints2: {4f58dd20-106e-11de-91ce-0016ead06574} - G:\AutoRun.exe
HKU\S-1-5-21-734645772-2747100602-3289394029-1000\...\MountPoints2: {81b94334-ed88-11e0-b392-b24126c0b873} - F:\AutoRun.exe
HKU\S-1-5-21-734645772-2747100602-3289394029-1000\...\MountPoints2: {89e2d272-95ea-11e3-8c71-ec5a9d5979bc} - F:\AutoRun.exe
HKU\S-1-5-21-734645772-2747100602-3289394029-1000\...\MountPoints2: {d0a77535-ef32-11de-a91a-a6709fc8b795} - G:\setupSNK.exe
HKU\S-1-5-21-734645772-2747100602-3289394029-1000\...\MountPoints2: {e62236ee-6030-11de-9804-a8f7a8386e2c} - F:\AutoRun.exe
HKU\S-1-5-21-734645772-2747100602-3289394029-1000\...\MountPoints2: {e6223701-6030-11de-9804-a8f7a8386e2c} - G:\AutoRun.exe
HKU\S-1-5-21-734645772-2747100602-3289394029-1000\...\MountPoints2: {f3adc311-73fa-11e0-bc04-b93b3a3865d2} - G:\NokiaPCIA_Autorun.exe
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://xooxle.net/?lr=EEEE
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://xooxle.net/?lr=EEEE
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
C:\Program Files\Google\Google Toolbar
BHO: Skype Plug-In -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
C:\Program Files\Skype\Toolbars
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
CHR HomePage: hxxp://xooxle.net/?lr=EEEE
CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2011-07-12]
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\ProgramData\ezsid.dat
C:\Users\Zita\AppData\Local\Temp
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
End
Dále otevřte adresář c:\windows\minidump, jaho obsah zabalte do raru a přiložte k vašemu příštímu postu.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu (pády Win Vista SP2 na ntb)
Níže nový log po fixnutí pomocí FRST a v příloze minidump:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version:16-08-2014 03
Ran by Zita at 2014-08-17 13:19:06 Run:2
Running from D:\Install software\Kontrola havěti
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
HKU\S-1-5-21-734645772-2747100602-3289394029-1000\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-08-20] (Google Inc.)
c:\Program Files\Google\GoogleToolbarNotifier
HKU\S-1-5-21-734645772-2747100602-3289394029-1000\...\MountPoints2: F - F:\AutoRun.exe
HKU\S-1-5-21-734645772-2747100602-3289394029-1000\...\MountPoints2: G - G:\AutoRun.exe
HKU\S-1-5-21-734645772-2747100602-3289394029-1000\...\MountPoints2: {0ce39054-9199-11df-99f8-b3849a73d6d8} - F:\Launcher.exe
HKU\S-1-5-21-734645772-2747100602-3289394029-1000\...\MountPoints2: {30e54ac5-7015-11e0-a23a-a83e25eb0a10} - F:\NokiaPCIA_Autorun.exe
HKU\S-1-5-21-734645772-2747100602-3289394029-1000\...\MountPoints2: {4f58dd01-106e-11de-91ce-0016ead06574} - F:\AutoRun.exe
HKU\S-1-5-21-734645772-2747100602-3289394029-1000\...\MountPoints2: {4f58dd20-106e-11de-91ce-0016ead06574} - G:\AutoRun.exe
HKU\S-1-5-21-734645772-2747100602-3289394029-1000\...\MountPoints2: {81b94334-ed88-11e0-b392-b24126c0b873} - F:\AutoRun.exe
HKU\S-1-5-21-734645772-2747100602-3289394029-1000\...\MountPoints2: {89e2d272-95ea-11e3-8c71-ec5a9d5979bc} - F:\AutoRun.exe
HKU\S-1-5-21-734645772-2747100602-3289394029-1000\...\MountPoints2: {d0a77535-ef32-11de-a91a-a6709fc8b795} - G:\setupSNK.exe
HKU\S-1-5-21-734645772-2747100602-3289394029-1000\...\MountPoints2: {e62236ee-6030-11de-9804-a8f7a8386e2c} - F:\AutoRun.exe
HKU\S-1-5-21-734645772-2747100602-3289394029-1000\...\MountPoints2: {e6223701-6030-11de-9804-a8f7a8386e2c} - G:\AutoRun.exe
HKU\S-1-5-21-734645772-2747100602-3289394029-1000\...\MountPoints2: {f3adc311-73fa-11e0-bc04-b93b3a3865d2} - G:\NokiaPCIA_Autorun.exe
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://xooxle.net/?lr=EEEE
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://xooxle.net/?lr=EEEE
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
C:\Program Files\Google\Google Toolbar
BHO: Skype Plug-In -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
C:\Program Files\Skype\Toolbars
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
CHR HomePage: hxxp://xooxle.net/?lr=EEEE
CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2011-07-12]
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\ProgramData\ezsid.dat
C:\Users\Zita\AppData\Local\Temp
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
End
*****************
HKU\S-1-5-21-734645772-2747100602-3289394029-1000\Software\Microsoft\Windows\CurrentVersion\Run\\swg => Value not found.
"c:\Program Files\Google\GoogleToolbarNotifier" => File/Directory not found.
"HKU\S-1-5-21-734645772-2747100602-3289394029-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\S-1-5-21-734645772-2747100602-3289394029-1000" => Key not found.
"HKU\S-1-5-21-734645772-2747100602-3289394029-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\S-1-5-21-734645772-2747100602-3289394029-1000" => Key not found.
"HKU\S-1-5-21-734645772-2747100602-3289394029-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0ce39054-9199-11df-99f8-b3849a73d6d8}" => Key not found.
"HKCR\CLSID\{0ce39054-9199-11df-99f8-b3849a73d6d8}" => Key not found.
"HKU\S-1-5-21-734645772-2747100602-3289394029-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{30e54ac5-7015-11e0-a23a-a83e25eb0a10}" => Key not found.
"HKCR\CLSID\{30e54ac5-7015-11e0-a23a-a83e25eb0a10}" => Key not found.
"HKU\S-1-5-21-734645772-2747100602-3289394029-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4f58dd01-106e-11de-91ce-0016ead06574}" => Key not found.
"HKCR\CLSID\{4f58dd01-106e-11de-91ce-0016ead06574}" => Key not found.
"HKU\S-1-5-21-734645772-2747100602-3289394029-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4f58dd20-106e-11de-91ce-0016ead06574}" => Key not found.
"HKCR\CLSID\{4f58dd20-106e-11de-91ce-0016ead06574}" => Key not found.
"HKU\S-1-5-21-734645772-2747100602-3289394029-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{81b94334-ed88-11e0-b392-b24126c0b873}" => Key not found.
"HKCR\CLSID\{81b94334-ed88-11e0-b392-b24126c0b873}" => Key not found.
"HKU\S-1-5-21-734645772-2747100602-3289394029-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{89e2d272-95ea-11e3-8c71-ec5a9d5979bc}" => Key not found.
"HKCR\CLSID\{89e2d272-95ea-11e3-8c71-ec5a9d5979bc}" => Key not found.
"HKU\S-1-5-21-734645772-2747100602-3289394029-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d0a77535-ef32-11de-a91a-a6709fc8b795}" => Key not found.
"HKCR\CLSID\{d0a77535-ef32-11de-a91a-a6709fc8b795}" => Key not found.
"HKU\S-1-5-21-734645772-2747100602-3289394029-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e62236ee-6030-11de-9804-a8f7a8386e2c}" => Key not found.
"HKCR\CLSID\{e62236ee-6030-11de-9804-a8f7a8386e2c}" => Key not found.
"HKU\S-1-5-21-734645772-2747100602-3289394029-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e6223701-6030-11de-9804-a8f7a8386e2c}" => Key not found.
"HKCR\CLSID\{e6223701-6030-11de-9804-a8f7a8386e2c}" => Key not found.
"HKU\S-1-5-21-734645772-2747100602-3289394029-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f3adc311-73fa-11e0-bc04-b93b3a3865d2}" => Key not found.
"HKCR\CLSID\{f3adc311-73fa-11e0-bc04-b93b3a3865d2}" => Key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => Key not found.
"HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}" => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" => Key not found.
"HKCR\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}" => Key not found.
"HKCR\CLSID\{3049C3E9-B461-4BC5-8870-4C09146192CA}" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => Key not found.
"HKCR\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => Key not found.
"C:\Program Files\Google\Google Toolbar" => File/Directory not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => Key not found.
"HKCR\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => Key not found.
"C:\Program Files\Skype\Toolbars" => File/Directory not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => Value not found.
"HKCR\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}" => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Value not found.
"HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}" => Key not found.
"HKCR\PROTOCOLS\Handler\skype-ie-addon-data" => Key not found.
"HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => Key not found.
Chrome HomePage deleted successfully.
"HKLM\SOFTWARE\Google\Chrome\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk" => Key not found.
"C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx" => File/Directory not found.
"C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job" => File/Directory not found.
"C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job" => File/Directory not found.
"C:\ProgramData\ezsid.dat" => File/Directory not found.
"C:\Users\Zita\AppData\Local\Temp" directory move:
C:\Users\Zita\AppData\Local\Temp\AUCHECK_PARSER.txt => Moved successfully.
C:\Users\Zita\AppData\Local\Temp\Banner_OO_Defrag_Professional_15.bmp => Moved successfully.
Could not move "C:\Users\Zita\AppData\Local\Temp\DAT20913.tmp" => Scheduled to move on reboot.
Could not move "C:\Users\Zita\AppData\Local\Temp\FACTORY0.fpt" => Scheduled to move on reboot.
C:\Users\Zita\AppData\Local\Temp\JAUReg.log => Moved successfully.
C:\Users\Zita\AppData\Local\Temp\JavaDeployReg.log => Moved successfully.
C:\Users\Zita\AppData\Local\Temp\java_install.log => Moved successfully.
C:\Users\Zita\AppData\Local\Temp\java_install_reg.log => Moved successfully.
C:\Users\Zita\AppData\Local\Temp\java_install_sp.log => Moved successfully.
C:\Users\Zita\AppData\Local\Temp\jinstall.cfg => Moved successfully.
C:\Users\Zita\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe => Moved successfully.
C:\Users\Zita\AppData\Local\Temp\juninstall_log.html => Moved successfully.
C:\Users\Zita\AppData\Local\Temp\jusched.log => Moved successfully.
C:\Users\Zita\AppData\Local\Temp\log3 => Moved successfully.
C:\Users\Zita\AppData\Local\Temp\OOLU.log => Moved successfully.
C:\Users\Zita\AppData\Local\Temp\RD8759.tmp => Moved successfully.
C:\Users\Zita\AppData\Local\Temp\SYMEVENT.LOG => Moved successfully.
C:\Users\Zita\AppData\Local\Temp\tmp7435.tmp => Moved successfully.
C:\Users\Zita\AppData\Local\Temp\tmp7435.xml => Moved successfully.
C:\Users\Zita\AppData\Local\Temp\tmp7436.tmp => Moved successfully.
C:\Users\Zita\AppData\Local\Temp\tmpA820.tmp => Moved successfully.
C:\Users\Zita\AppData\Local\Temp\tmpA820.xml => Moved successfully.
C:\Users\Zita\AppData\Local\Temp\tmpA821.tmp => Moved successfully.
C:\Users\Zita\AppData\Local\Temp\Zita.bmp => Moved successfully.
C:\Users\Zita\AppData\Local\Temp\~619F.bat => Moved successfully.
C:\Users\Zita\AppData\Local\Temp\~619F.tmp => Moved successfully.
C:\Users\Zita\AppData\Local\Temp\~DF5FC7.tmp => Moved successfully.
C:\Users\Zita\AppData\Local\Temp\~DF63D5.tmp => Moved successfully.
C:\Users\Zita\AppData\Local\Temp\~DF6B18.tmp => Moved successfully.
C:\Users\Zita\AppData\Local\Temp\~DF6EC7.tmp => Moved successfully.
C:\Users\Zita\AppData\Local\Temp\Low\JavaDeployReg.log => Moved successfully.
C:\Users\Zita\AppData\Local\Temp\Low\hsperfdata_Zita\4404 => Moved successfully.
C:\Users\Zita\AppData\Local\Temp\hsperfdata_Zita\1700 => Moved successfully.
Could not move "C:\Users\Zita\AppData\Local\Temp" directory. => Scheduled to move on reboot.
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe" => Error: No automatic fix found for this entry.
=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-08-17 13:31:15)<=
C:\Users\Zita\AppData\Local\Temp\DAT20913.tmp => Is moved successfully.
C:\Users\Zita\AppData\Local\Temp\FACTORY0.fpt => Is moved successfully.
C:\Users\Zita\AppData\Local\Temp => Moved successfully.
==== End of Fixlog ====
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version:16-08-2014 03
Ran by Zita at 2014-08-17 13:19:06 Run:2
Running from D:\Install software\Kontrola havěti
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
HKU\S-1-5-21-734645772-2747100602-3289394029-1000\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-08-20] (Google Inc.)
c:\Program Files\Google\GoogleToolbarNotifier
HKU\S-1-5-21-734645772-2747100602-3289394029-1000\...\MountPoints2: F - F:\AutoRun.exe
HKU\S-1-5-21-734645772-2747100602-3289394029-1000\...\MountPoints2: G - G:\AutoRun.exe
HKU\S-1-5-21-734645772-2747100602-3289394029-1000\...\MountPoints2: {0ce39054-9199-11df-99f8-b3849a73d6d8} - F:\Launcher.exe
HKU\S-1-5-21-734645772-2747100602-3289394029-1000\...\MountPoints2: {30e54ac5-7015-11e0-a23a-a83e25eb0a10} - F:\NokiaPCIA_Autorun.exe
HKU\S-1-5-21-734645772-2747100602-3289394029-1000\...\MountPoints2: {4f58dd01-106e-11de-91ce-0016ead06574} - F:\AutoRun.exe
HKU\S-1-5-21-734645772-2747100602-3289394029-1000\...\MountPoints2: {4f58dd20-106e-11de-91ce-0016ead06574} - G:\AutoRun.exe
HKU\S-1-5-21-734645772-2747100602-3289394029-1000\...\MountPoints2: {81b94334-ed88-11e0-b392-b24126c0b873} - F:\AutoRun.exe
HKU\S-1-5-21-734645772-2747100602-3289394029-1000\...\MountPoints2: {89e2d272-95ea-11e3-8c71-ec5a9d5979bc} - F:\AutoRun.exe
HKU\S-1-5-21-734645772-2747100602-3289394029-1000\...\MountPoints2: {d0a77535-ef32-11de-a91a-a6709fc8b795} - G:\setupSNK.exe
HKU\S-1-5-21-734645772-2747100602-3289394029-1000\...\MountPoints2: {e62236ee-6030-11de-9804-a8f7a8386e2c} - F:\AutoRun.exe
HKU\S-1-5-21-734645772-2747100602-3289394029-1000\...\MountPoints2: {e6223701-6030-11de-9804-a8f7a8386e2c} - G:\AutoRun.exe
HKU\S-1-5-21-734645772-2747100602-3289394029-1000\...\MountPoints2: {f3adc311-73fa-11e0-bc04-b93b3a3865d2} - G:\NokiaPCIA_Autorun.exe
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://xooxle.net/?lr=EEEE
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://xooxle.net/?lr=EEEE
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
C:\Program Files\Google\Google Toolbar
BHO: Skype Plug-In -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
C:\Program Files\Skype\Toolbars
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
CHR HomePage: hxxp://xooxle.net/?lr=EEEE
CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2011-07-12]
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\ProgramData\ezsid.dat
C:\Users\Zita\AppData\Local\Temp
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
End
*****************
HKU\S-1-5-21-734645772-2747100602-3289394029-1000\Software\Microsoft\Windows\CurrentVersion\Run\\swg => Value not found.
"c:\Program Files\Google\GoogleToolbarNotifier" => File/Directory not found.
"HKU\S-1-5-21-734645772-2747100602-3289394029-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\S-1-5-21-734645772-2747100602-3289394029-1000" => Key not found.
"HKU\S-1-5-21-734645772-2747100602-3289394029-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\S-1-5-21-734645772-2747100602-3289394029-1000" => Key not found.
"HKU\S-1-5-21-734645772-2747100602-3289394029-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0ce39054-9199-11df-99f8-b3849a73d6d8}" => Key not found.
"HKCR\CLSID\{0ce39054-9199-11df-99f8-b3849a73d6d8}" => Key not found.
"HKU\S-1-5-21-734645772-2747100602-3289394029-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{30e54ac5-7015-11e0-a23a-a83e25eb0a10}" => Key not found.
"HKCR\CLSID\{30e54ac5-7015-11e0-a23a-a83e25eb0a10}" => Key not found.
"HKU\S-1-5-21-734645772-2747100602-3289394029-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4f58dd01-106e-11de-91ce-0016ead06574}" => Key not found.
"HKCR\CLSID\{4f58dd01-106e-11de-91ce-0016ead06574}" => Key not found.
"HKU\S-1-5-21-734645772-2747100602-3289394029-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4f58dd20-106e-11de-91ce-0016ead06574}" => Key not found.
"HKCR\CLSID\{4f58dd20-106e-11de-91ce-0016ead06574}" => Key not found.
"HKU\S-1-5-21-734645772-2747100602-3289394029-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{81b94334-ed88-11e0-b392-b24126c0b873}" => Key not found.
"HKCR\CLSID\{81b94334-ed88-11e0-b392-b24126c0b873}" => Key not found.
"HKU\S-1-5-21-734645772-2747100602-3289394029-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{89e2d272-95ea-11e3-8c71-ec5a9d5979bc}" => Key not found.
"HKCR\CLSID\{89e2d272-95ea-11e3-8c71-ec5a9d5979bc}" => Key not found.
"HKU\S-1-5-21-734645772-2747100602-3289394029-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d0a77535-ef32-11de-a91a-a6709fc8b795}" => Key not found.
"HKCR\CLSID\{d0a77535-ef32-11de-a91a-a6709fc8b795}" => Key not found.
"HKU\S-1-5-21-734645772-2747100602-3289394029-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e62236ee-6030-11de-9804-a8f7a8386e2c}" => Key not found.
"HKCR\CLSID\{e62236ee-6030-11de-9804-a8f7a8386e2c}" => Key not found.
"HKU\S-1-5-21-734645772-2747100602-3289394029-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e6223701-6030-11de-9804-a8f7a8386e2c}" => Key not found.
"HKCR\CLSID\{e6223701-6030-11de-9804-a8f7a8386e2c}" => Key not found.
"HKU\S-1-5-21-734645772-2747100602-3289394029-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f3adc311-73fa-11e0-bc04-b93b3a3865d2}" => Key not found.
"HKCR\CLSID\{f3adc311-73fa-11e0-bc04-b93b3a3865d2}" => Key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => Key not found.
"HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}" => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" => Key not found.
"HKCR\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}" => Key not found.
"HKCR\CLSID\{3049C3E9-B461-4BC5-8870-4C09146192CA}" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => Key not found.
"HKCR\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => Key not found.
"C:\Program Files\Google\Google Toolbar" => File/Directory not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => Key not found.
"HKCR\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => Key not found.
"C:\Program Files\Skype\Toolbars" => File/Directory not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => Value not found.
"HKCR\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}" => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Value not found.
"HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}" => Key not found.
"HKCR\PROTOCOLS\Handler\skype-ie-addon-data" => Key not found.
"HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => Key not found.
Chrome HomePage deleted successfully.
"HKLM\SOFTWARE\Google\Chrome\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk" => Key not found.
"C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx" => File/Directory not found.
"C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job" => File/Directory not found.
"C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job" => File/Directory not found.
"C:\ProgramData\ezsid.dat" => File/Directory not found.
"C:\Users\Zita\AppData\Local\Temp" directory move:
C:\Users\Zita\AppData\Local\Temp\AUCHECK_PARSER.txt => Moved successfully.
C:\Users\Zita\AppData\Local\Temp\Banner_OO_Defrag_Professional_15.bmp => Moved successfully.
Could not move "C:\Users\Zita\AppData\Local\Temp\DAT20913.tmp" => Scheduled to move on reboot.
Could not move "C:\Users\Zita\AppData\Local\Temp\FACTORY0.fpt" => Scheduled to move on reboot.
C:\Users\Zita\AppData\Local\Temp\JAUReg.log => Moved successfully.
C:\Users\Zita\AppData\Local\Temp\JavaDeployReg.log => Moved successfully.
C:\Users\Zita\AppData\Local\Temp\java_install.log => Moved successfully.
C:\Users\Zita\AppData\Local\Temp\java_install_reg.log => Moved successfully.
C:\Users\Zita\AppData\Local\Temp\java_install_sp.log => Moved successfully.
C:\Users\Zita\AppData\Local\Temp\jinstall.cfg => Moved successfully.
C:\Users\Zita\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe => Moved successfully.
C:\Users\Zita\AppData\Local\Temp\juninstall_log.html => Moved successfully.
C:\Users\Zita\AppData\Local\Temp\jusched.log => Moved successfully.
C:\Users\Zita\AppData\Local\Temp\log3 => Moved successfully.
C:\Users\Zita\AppData\Local\Temp\OOLU.log => Moved successfully.
C:\Users\Zita\AppData\Local\Temp\RD8759.tmp => Moved successfully.
C:\Users\Zita\AppData\Local\Temp\SYMEVENT.LOG => Moved successfully.
C:\Users\Zita\AppData\Local\Temp\tmp7435.tmp => Moved successfully.
C:\Users\Zita\AppData\Local\Temp\tmp7435.xml => Moved successfully.
C:\Users\Zita\AppData\Local\Temp\tmp7436.tmp => Moved successfully.
C:\Users\Zita\AppData\Local\Temp\tmpA820.tmp => Moved successfully.
C:\Users\Zita\AppData\Local\Temp\tmpA820.xml => Moved successfully.
C:\Users\Zita\AppData\Local\Temp\tmpA821.tmp => Moved successfully.
C:\Users\Zita\AppData\Local\Temp\Zita.bmp => Moved successfully.
C:\Users\Zita\AppData\Local\Temp\~619F.bat => Moved successfully.
C:\Users\Zita\AppData\Local\Temp\~619F.tmp => Moved successfully.
C:\Users\Zita\AppData\Local\Temp\~DF5FC7.tmp => Moved successfully.
C:\Users\Zita\AppData\Local\Temp\~DF63D5.tmp => Moved successfully.
C:\Users\Zita\AppData\Local\Temp\~DF6B18.tmp => Moved successfully.
C:\Users\Zita\AppData\Local\Temp\~DF6EC7.tmp => Moved successfully.
C:\Users\Zita\AppData\Local\Temp\Low\JavaDeployReg.log => Moved successfully.
C:\Users\Zita\AppData\Local\Temp\Low\hsperfdata_Zita\4404 => Moved successfully.
C:\Users\Zita\AppData\Local\Temp\hsperfdata_Zita\1700 => Moved successfully.
Could not move "C:\Users\Zita\AppData\Local\Temp" directory. => Scheduled to move on reboot.
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe" => Error: No automatic fix found for this entry.
=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-08-17 13:31:15)<=
C:\Users\Zita\AppData\Local\Temp\DAT20913.tmp => Is moved successfully.
C:\Users\Zita\AppData\Local\Temp\FACTORY0.fpt => Is moved successfully.
C:\Users\Zita\AppData\Local\Temp => Moved successfully.
==== End of Fixlog ====
- Přílohy
-
- Minidump.rar
- (614.49 KiB) Staženo 54 x
-
Rudy
- Site Admin
- Příspěvky: 119544
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu (pády Win Vista SP2 na ntb)
Vše bylo smazáno. Co se týká těch pádů, udělejte kontrolu RAM: http://forum.viry.cz/viewtopic.php?f=53&t=106788 .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu (pády Win Vista SP2 na ntb)
Panejo to je frmol:-) (omlouvám se, že mi trvalo celý den, než jsem se dostal k tomu dořešit problém podle návodu). RAM otestuji a napíšu, jak to dopadlo.
Zatím moc děkuji za pomoc.
Zatím moc děkuji za pomoc.
-
Rudy
- Site Admin
- Příspěvky: 119544
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu (pády Win Vista SP2 na ntb)
Zatím není zač!
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu (pády Win Vista SP2 na ntb)
RAM vypadá ok (test běžel přes noc a bez chyb). Zkusím, až se kamarád opět zastaví, ještě otestovat procesor a disk + reinstalovat NIS 2014 (při scanu došlo k 1x k výpisu paměti a 1x k resetu ntb). Po fixnutí FRSTem asi nebude třeba ještě kontrolovat pomocí Malwarebytes, že?
Ještě jednou moc děkuji a jinak je asi možné vlákno uzavřít.
Ještě jednou moc děkuji a jinak je asi možné vlákno uzavřít.
-
Rudy
- Site Admin
- Příspěvky: 119544
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu (pády Win Vista SP2 na ntb)
Disk můžeme otestovat snadno a rychle. Stáhněte, nainstalujte a spusťte CrystalDiskInfo: http://www.stahuj.centrum.cz/utility_a_ ... ldiskinfo/ a přes Úpravy kopírovat sem dejte log.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu (pády Win Vista SP2 na ntb)
Opět se omlouvám za zpoždění v reakci. Níže log z Crystal Disk Info:
----------------------------------------------------------------------------
CrystalDiskInfo 6.1.13 (C) 2008-2014 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows Vista Home Premium SP2 [6.0 Build 6002] (x86)
Date : 2014/08/22 19:55:07
-- Controller Map ----------------------------------------------------------
+ Intel(R) ICH9M/M-E Family 4 Port SATA AHCI Controller - 2929 [ATA]
+ Kanál IDE (0)
- WDC WD2500BEVS-22UST0 ATA Device
- Kanál IDE (1)
+ Kanál IDE (4)
- Optiarc DVD RW AD-7590S ATA Device
- Kanál IDE (5)
- Iniciátor iSCSI společnosti Microsoft [SCSI]
-- Disk List ---------------------------------------------------------------
(1) WDC WD2500BEVS-22UST0 : 250,0 GB [0/0/0, pd1] - wd
----------------------------------------------------------------------------
(1) WDC WD2500BEVS-22UST0
----------------------------------------------------------------------------
Model : WDC WD2500BEVS-22UST0
Firmware : 01.01A01
Serial Number : WD-WXE608KME010
Disk Size : 250,0 GB (8,4/137,4/250,0/250,0)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 488397168
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : ---- | SATA/150
Power On Hours : 25112 hod.
Power On Count : 1965 krát
Temperature : 41 C (105 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, AAM, 48bit LBA, NCQ
APM Level : 0080h [ON]
AAM Level : 80FEh [OFF]
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000002 Počet chyb čtení
03 192 188 _21 000000000556 Čas na roztočení ploten
04 _98 _98 __0 0000000008ED Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 200 200 _51 000000000000 Počet chybných hledání
09 _66 _66 __0 000000006218 Hodin v činnosti
0A 100 100 _51 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 _51 000000000000 Počet pokusů o překalibrování
0C _99 _99 __0 0000000007AD Počet cyklů zapnutí zařízení
C0 200 200 __0 000000000025 Počet vypnutí disku
C1 __3 __3 __0 000000090891 Počet cyklů načítání/vymazání
C2 106 _92 __0 000000000029 Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 100 253 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 100 253 _51 000000000000 Počet chyb při zápisu sektorů
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2057 442D 5758 4536 3038 4B4D 4530 3130
020: 0000 4000 0032 3031 2E30 3141 3031 5744 4320 5744
030: 3235 3030 4245 5653 2D32 3255 5354 3020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0000 0000 0007 3FFF 0010 003F FC10 00FB 0100
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 0702 0000 004C 0040
080: 01FE 0000 746B 7F09 6163 7469 BC09 6163 407F 002E
090: 0000 0080 FFFE 0000 80FE 0000 0000 0000 0000 0000
100: 5970 1D1C 0000 0000 0000 0000 0000 0000 5001 4EE2
110: AC65 1957 0000 0000 0000 0000 0000 0000 0000 4010
120: 4010 0000 0000 0000 0000 0000 0000 0000 0009 0000
130: 0000 0000 0000 167A 0000 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 303F 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 1000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 7BA5
-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 0F 00 C8 C8 02 00 00 00 00 00 00 03 03
010: 00 C0 BC 56 05 00 00 00 00 00 04 32 00 62 62 ED
020: 08 00 00 00 00 00 05 33 00 C8 C8 00 00 00 00 00
030: 00 00 07 0E 00 C8 C8 00 00 00 00 00 00 00 09 32
040: 00 42 42 18 62 00 00 00 00 00 0A 13 00 64 64 00
050: 00 00 00 00 00 00 0B 12 00 64 64 00 00 00 00 00
060: 00 00 0C 32 00 63 63 AD 07 00 00 00 00 00 C0 32
070: 00 C8 C8 25 00 00 00 00 00 00 C1 32 00 03 03 91
080: 08 09 00 00 00 00 C2 22 00 6A 5C 29 00 00 00 00
090: 00 00 C4 32 00 C8 C8 00 00 00 00 00 00 00 C5 12
0A0: 00 C8 C8 00 00 00 00 00 00 00 C6 10 00 64 FD 00
0B0: 00 00 00 00 00 00 C7 3E 00 C8 C8 00 00 00 00 00
0C0: 00 00 C8 09 00 64 FD 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 DC 23 01 7B
170: 03 00 01 00 02 6E 05 00 00 00 00 00 00 00 00 00
180: 00 01 01 04 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 60
-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 C8 C8 C8 C8 00 00 00 00 00 00 03 15
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 8C 00 00 00 00 00 00 00 00
030: 00 00 07 33 C8 C8 C8 C8 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 33 00 00 00 00
050: 00 00 00 00 00 00 0B 33 00 00 00 00 00 00 00 00
060: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 C0 00
070: 00 00 00 00 00 00 00 00 00 00 C1 00 00 00 00 00
080: 00 00 00 00 00 00 C2 00 00 00 00 00 00 00 00 00
090: 00 00 C4 00 00 00 00 00 00 00 00 00 00 00 C5 00
0A0: 00 00 00 00 00 00 00 00 00 00 C6 00 00 00 00 00
0B0: 00 00 00 00 00 00 C7 00 00 00 00 00 00 00 00 00
0C0: 00 00 C8 33 00 00 00 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 B1
Ještě doplním, že Malwarebytes spadne pokaždé při heuristické analýze (zbytek - registry, souborový systém, spustitelnou oblast atd. proběhne bez pádu).
----------------------------------------------------------------------------
CrystalDiskInfo 6.1.13 (C) 2008-2014 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows Vista Home Premium SP2 [6.0 Build 6002] (x86)
Date : 2014/08/22 19:55:07
-- Controller Map ----------------------------------------------------------
+ Intel(R) ICH9M/M-E Family 4 Port SATA AHCI Controller - 2929 [ATA]
+ Kanál IDE (0)
- WDC WD2500BEVS-22UST0 ATA Device
- Kanál IDE (1)
+ Kanál IDE (4)
- Optiarc DVD RW AD-7590S ATA Device
- Kanál IDE (5)
- Iniciátor iSCSI společnosti Microsoft [SCSI]
-- Disk List ---------------------------------------------------------------
(1) WDC WD2500BEVS-22UST0 : 250,0 GB [0/0/0, pd1] - wd
----------------------------------------------------------------------------
(1) WDC WD2500BEVS-22UST0
----------------------------------------------------------------------------
Model : WDC WD2500BEVS-22UST0
Firmware : 01.01A01
Serial Number : WD-WXE608KME010
Disk Size : 250,0 GB (8,4/137,4/250,0/250,0)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 488397168
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : ---- | SATA/150
Power On Hours : 25112 hod.
Power On Count : 1965 krát
Temperature : 41 C (105 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, AAM, 48bit LBA, NCQ
APM Level : 0080h [ON]
AAM Level : 80FEh [OFF]
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000002 Počet chyb čtení
03 192 188 _21 000000000556 Čas na roztočení ploten
04 _98 _98 __0 0000000008ED Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 200 200 _51 000000000000 Počet chybných hledání
09 _66 _66 __0 000000006218 Hodin v činnosti
0A 100 100 _51 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 _51 000000000000 Počet pokusů o překalibrování
0C _99 _99 __0 0000000007AD Počet cyklů zapnutí zařízení
C0 200 200 __0 000000000025 Počet vypnutí disku
C1 __3 __3 __0 000000090891 Počet cyklů načítání/vymazání
C2 106 _92 __0 000000000029 Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 100 253 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 100 253 _51 000000000000 Počet chyb při zápisu sektorů
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2057 442D 5758 4536 3038 4B4D 4530 3130
020: 0000 4000 0032 3031 2E30 3141 3031 5744 4320 5744
030: 3235 3030 4245 5653 2D32 3255 5354 3020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0000 0000 0007 3FFF 0010 003F FC10 00FB 0100
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 0702 0000 004C 0040
080: 01FE 0000 746B 7F09 6163 7469 BC09 6163 407F 002E
090: 0000 0080 FFFE 0000 80FE 0000 0000 0000 0000 0000
100: 5970 1D1C 0000 0000 0000 0000 0000 0000 5001 4EE2
110: AC65 1957 0000 0000 0000 0000 0000 0000 0000 4010
120: 4010 0000 0000 0000 0000 0000 0000 0000 0009 0000
130: 0000 0000 0000 167A 0000 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 303F 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 1000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 7BA5
-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 0F 00 C8 C8 02 00 00 00 00 00 00 03 03
010: 00 C0 BC 56 05 00 00 00 00 00 04 32 00 62 62 ED
020: 08 00 00 00 00 00 05 33 00 C8 C8 00 00 00 00 00
030: 00 00 07 0E 00 C8 C8 00 00 00 00 00 00 00 09 32
040: 00 42 42 18 62 00 00 00 00 00 0A 13 00 64 64 00
050: 00 00 00 00 00 00 0B 12 00 64 64 00 00 00 00 00
060: 00 00 0C 32 00 63 63 AD 07 00 00 00 00 00 C0 32
070: 00 C8 C8 25 00 00 00 00 00 00 C1 32 00 03 03 91
080: 08 09 00 00 00 00 C2 22 00 6A 5C 29 00 00 00 00
090: 00 00 C4 32 00 C8 C8 00 00 00 00 00 00 00 C5 12
0A0: 00 C8 C8 00 00 00 00 00 00 00 C6 10 00 64 FD 00
0B0: 00 00 00 00 00 00 C7 3E 00 C8 C8 00 00 00 00 00
0C0: 00 00 C8 09 00 64 FD 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 DC 23 01 7B
170: 03 00 01 00 02 6E 05 00 00 00 00 00 00 00 00 00
180: 00 01 01 04 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 60
-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 C8 C8 C8 C8 00 00 00 00 00 00 03 15
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 8C 00 00 00 00 00 00 00 00
030: 00 00 07 33 C8 C8 C8 C8 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 33 00 00 00 00
050: 00 00 00 00 00 00 0B 33 00 00 00 00 00 00 00 00
060: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 C0 00
070: 00 00 00 00 00 00 00 00 00 00 C1 00 00 00 00 00
080: 00 00 00 00 00 00 C2 00 00 00 00 00 00 00 00 00
090: 00 00 C4 00 00 00 00 00 00 00 00 00 00 00 C5 00
0A0: 00 00 00 00 00 00 00 00 00 00 C6 00 00 00 00 00
0B0: 00 00 00 00 00 00 C7 00 00 00 00 00 00 00 00 00
0C0: 00 00 C8 33 00 00 00 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 B1
Ještě doplním, že Malwarebytes spadne pokaždé při heuristické analýze (zbytek - registry, souborový systém, spustitelnou oblast atd. proběhne bez pádu).
-
Rudy
- Site Admin
- Příspěvky: 119544
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu (pády Win Vista SP2 na ntb)
Diskem to není, je OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu (pády Win Vista SP2 na ntb)
Děkuji za info a pomoc. Při posledním pokusu doběhla heuristická analýza marwerbytes bez pádu aplikace, dokonce nakonec i defragmentace bez pádu (systémový disk byl dost fragmentovaný), ale NIS stále padá při kompletní kontrole (rychlá proběhne korektně).
Je možné, že jsou nakopnuté widle, zkusím opravit pomocí recovery disku (pokud to bude možné), případně nový install win vista, případně přechod na win 7.
Ještě jednou děkuji a myslím, že je možné vlákno uzavřít
Je možné, že jsou nakopnuté widle, zkusím opravit pomocí recovery disku (pokud to bude možné), případně nový install win vista, případně přechod na win 7.
Ještě jednou děkuji a myslím, že je možné vlákno uzavřít
-
Rudy
- Site Admin
- Příspěvky: 119544
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu (pády Win Vista SP2 na ntb)
OK a nemáte zač! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?