Omlouvám se za delší odmlku. Přidávám log z OTL
All processes killed
========== OTL ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2fa28606-de77-4029-af96-b231e3b8f827}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}\ not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2fa28606-de77-4029-af96-b231e3b8f827}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}\ not found.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2fa28606-de77-4029-af96-b231e3b8f827}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{89B44CB8-9803-4846-9DB8-CC8C34354D6B}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{89B44CB8-9803-4846-9DB8-CC8C34354D6B}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@adobe.com/FlashPlayer\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Apple.com/iTunes,version=\ deleted successfully.
127.0.0.1 localhost removed from HOSTS file successfully
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Facebook Update deleted successfully.
C:\Users\Tomáš\AppData\Local\Facebook\Update\FacebookUpdate.exe moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{7815BE26-237D-41A8-A98F-F7BD75F71086}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7815BE26-237D-41A8-A98F-F7BD75F71086}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
File Protocol\Handler\ms-help - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.
File Protocol\Handler\skype4com - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype-ie-addon-data\ deleted successfully.
File Protocol\Handler\skype-ie-addon-data - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlpg\ deleted successfully.
File Protocol\Handler\wlpg - No CLSID value found not found.
C:\Windows\SysNative\perfh005.dat moved successfully.
C:\Windows\SysNative\perfh009.dat moved successfully.
C:\Windows\SysNative\perfc005.dat moved successfully.
C:\Windows\SysNative\perfc009.dat moved successfully.
========== FILES ==========
File\Folder C:\WINDOWS\System32\*.tmp not found.
C:\WINDOWS\msdownld.tmp folder moved successfully.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\System32\dllcache\*.tmp not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
File\Folder C:\WINDOWS\system32\DUMP*.tmp not found.
c:\windows\Tasks\Adobe Flash Player Updater.job moved successfully.
c:\windows\Tasks\HPCeeScheduleForTOMAS-HP$.job moved successfully.
c:\windows\Tasks\HPCeeScheduleForTomáš.job moved successfully.
File\Folder C:\*.tmp not found.
File\Folder C:\WINDOWS\System32\drivers\*.tmp not found.
File\Folder C:\Documents and Settings\All Users\Data aplikací\*.tmp not found.
File\Folder C:\Windows\SysNative\drivers\*.tmp not found.
File\Folder C:\Windows\SysWow64\drivers\*.tmp not found.
File\Folder C:\Program Files (x86)\*.tmp not found.
File\Folder C:\Windows\SysWow64\*.tmp not found.
File\Folder C:\Windows\SysNative\*.tmp not found.
C:\32788R22FWJFW folder moved successfully.
Folder move failed. C:\Qoobox\BackEnv scheduled to be moved on reboot.
C:\Qoobox folder moved successfully.
C:\found.000\dir0000.chk folder moved successfully.
C:\found.000 folder moved successfully.
File\Folder [1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ] not found.
C:\Users\Tomáš\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini moved successfully.
========== REGISTRY ==========
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
->Temp folder emptied: 0 bytes
User: Tom ç
->Temp folder emptied: 0 bytes
User: Tomáš
->Temp folder emptied: 7183157 bytes
->Temporary Internet Files folder emptied: 7212297 bytes
->Java cache emptied: 860159 bytes
->Google Chrome cache emptied: 68006622 bytes
->Flash cache emptied: 1206 bytes
User: user
->Temp folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 93684 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 36063419 bytes
RecycleBin emptied: 1410447160 bytes
Total Files Cleaned = 1 459,00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 01032013_202552
Files\Folders moved on Reboot...
File\Folder C:\Qoobox\BackEnv not found!
C:\Users\Tomáš\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Tomáš\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z29B0S00\300x250iframeintlv2[1].htm moved successfully.
C:\Users\Tomáš\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z29B0S00\989002608[1].htm moved successfully.
C:\Users\Tomáš\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z29B0S00\AdDisplayTrackerServlet[1].htm moved successfully.
C:\Users\Tomáš\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z29B0S00\emily[1].htm moved successfully.
C:\Users\Tomáš\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z29B0S00\PugTracker[1].htm moved successfully.
C:\Users\Tomáš\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z29B0S00\tag[1].htm moved successfully.
C:\Users\Tomáš\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UFY3BF0Z\AdDisplayTrackerServlet[1].htm moved successfully.
C:\Users\Tomáš\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UFY3BF0Z\adTagInfo[1].htm moved successfully.
C:\Users\Tomáš\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UFY3BF0Z\dppix[1].htm moved successfully.
C:\Users\Tomáš\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UFY3BF0Z\dpsync[1].htm moved successfully.
C:\Users\Tomáš\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CFKAFLUV\AdDisplayTrackerServlet[1].htm moved successfully.
C:\Users\Tomáš\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CFKAFLUV\AdDisplayTrackerServlet[2].htm moved successfully.
C:\Users\Tomáš\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CFKAFLUV\Artemis[1].htm moved successfully.
C:\Users\Tomáš\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CFKAFLUV\dpsync[1].htm moved successfully.
C:\Users\Tomáš\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2WCXUQQ7\addons-tracker-v4[1].htm moved successfully.
C:\Users\Tomáš\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2WCXUQQ7\addons-v4[1].htm moved successfully.
C:\Users\Tomáš\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2WCXUQQ7\dpsync[1].htm moved successfully.
C:\Users\Tomáš\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2WCXUQQ7\freq[1].htm moved successfully.
C:\Users\Tomáš\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2WCXUQQ7\syncuppixels[1].htm moved successfully.
File move failed. C:\windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
Prosím o kontrolu logu - problémy s PC +
Re: Prosím o kontrolu logu - problémy s PC
https://www.virustotal.com/file/19360a6 ... /analysis/
https://www.virustotal.com/file/6d85f70 ... /analysis/
BioTrustFace.dat nelze otestovat, má 85MB a lze otestovat jen 32 MB, takže co teď?
https://www.virustotal.com/file/6d85f70 ... /analysis/
BioTrustFace.dat nelze otestovat, má 85MB a lze otestovat jen 32 MB, takže co teď?
Re: Prosím o kontrolu logu - problémy s PC
aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-01-03 21:12:09
-----------------------------
21:12:09.164 OS Version: Windows x64 6.1.7601 Service Pack 1
21:12:09.165 Number of processors: 4 586 0x2A07
21:12:09.167 ComputerName: TOMAS-HP UserName: Tomáš
21:12:12.695 Initialize success
21:12:13.668 AVAST engine defs: 13010300
21:12:17.622 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
21:12:17.627 Disk 0 Vendor: Hitachi_ JEDO Size: 610480MB BusType: 3
21:12:17.643 Disk 0 MBR read successfully
21:12:17.649 Disk 0 MBR scan
21:12:17.656 Disk 0 Windows 7 default MBR code
21:12:17.662 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 300 MB offset 2048
21:12:17.674 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 587735 MB offset 616448
21:12:17.711 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 17321 MB offset 1204297728
21:12:17.730 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 5115 MB offset 1239771136
21:12:17.765 Disk 0 scanning C:\windows\system32\drivers
21:12:32.435 Service scanning
21:13:04.922 Modules scanning
21:13:04.941 Disk 0 trace - called modules:
21:13:04.964 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys ACPI.sys iaStor.sys hal.dll
21:13:04.975 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004ed7060]
21:13:04.987 3 CLASSPNP.SYS[fffff88001ba043f] -> nt!IofCallDriver -> [0xfffffa8004ff3b10]
21:13:04.999 5 hpdskflt.sys[fffff88001b47361] -> nt!IofCallDriver -> [0xfffffa8004c5da40]
21:13:05.004 7 ACPI.sys[fffff88000ee57a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004c61050]
21:13:05.974 AVAST engine scan C:\windows
21:13:09.119 AVAST engine scan C:\windows\system32
21:16:20.210 AVAST engine scan C:\windows\system32\drivers
21:16:35.310 AVAST engine scan C:\Users\Tomáš
21:23:08.438 AVAST engine scan C:\ProgramData
21:27:35.840 Scan finished successfully
21:27:57.173 Disk 0 MBR has been saved successfully to "C:\Users\Tomáš\Desktop\MBR.dat"
21:27:57.179 The log file has been saved successfully to "C:\Users\Tomáš\Desktop\aswMBR.txt"
Run date: 2013-01-03 21:12:09
-----------------------------
21:12:09.164 OS Version: Windows x64 6.1.7601 Service Pack 1
21:12:09.165 Number of processors: 4 586 0x2A07
21:12:09.167 ComputerName: TOMAS-HP UserName: Tomáš
21:12:12.695 Initialize success
21:12:13.668 AVAST engine defs: 13010300
21:12:17.622 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
21:12:17.627 Disk 0 Vendor: Hitachi_ JEDO Size: 610480MB BusType: 3
21:12:17.643 Disk 0 MBR read successfully
21:12:17.649 Disk 0 MBR scan
21:12:17.656 Disk 0 Windows 7 default MBR code
21:12:17.662 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 300 MB offset 2048
21:12:17.674 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 587735 MB offset 616448
21:12:17.711 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 17321 MB offset 1204297728
21:12:17.730 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 5115 MB offset 1239771136
21:12:17.765 Disk 0 scanning C:\windows\system32\drivers
21:12:32.435 Service scanning
21:13:04.922 Modules scanning
21:13:04.941 Disk 0 trace - called modules:
21:13:04.964 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys ACPI.sys iaStor.sys hal.dll
21:13:04.975 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004ed7060]
21:13:04.987 3 CLASSPNP.SYS[fffff88001ba043f] -> nt!IofCallDriver -> [0xfffffa8004ff3b10]
21:13:04.999 5 hpdskflt.sys[fffff88001b47361] -> nt!IofCallDriver -> [0xfffffa8004c5da40]
21:13:05.004 7 ACPI.sys[fffff88000ee57a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004c61050]
21:13:05.974 AVAST engine scan C:\windows
21:13:09.119 AVAST engine scan C:\windows\system32
21:16:20.210 AVAST engine scan C:\windows\system32\drivers
21:16:35.310 AVAST engine scan C:\Users\Tomáš
21:23:08.438 AVAST engine scan C:\ProgramData
21:27:35.840 Scan finished successfully
21:27:57.173 Disk 0 MBR has been saved successfully to "C:\Users\Tomáš\Desktop\MBR.dat"
21:27:57.179 The log file has been saved successfully to "C:\Users\Tomáš\Desktop\aswMBR.txt"
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43294
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu - problémy s PC +
BioTrustFace.dat to nech.
Jaké jsou problémy?
Jaké jsou problémy?
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Prosím o kontrolu logu - problémy s PC +
řekl bych, že to s tím internetem už je v pořádku, ale OS pořád strašně dlouho nabíhá...
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43294
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu - problémy s PC +
Udělej znovu crystaldiskinfo
+
Memtest 86
http://www.memtest86.com/
klikni vlevo na Free Download , vyber:
ISO image for creating bootable CD (Windows - zip) , stáhni , rozbal , otevři , vypal třeba v programu:
http://www.slunecnice.cz/sw/active-iso-burner/
Vlož do mechaniky a nabootuj z něj.
Test udělej alespoň 8h ( přes noc).
+
Memtest 86
http://www.memtest86.com/
klikni vlevo na Free Download , vyber:
ISO image for creating bootable CD (Windows - zip) , stáhni , rozbal , otevři , vypal třeba v programu:
http://www.slunecnice.cz/sw/active-iso-burner/
Vlož do mechaniky a nabootuj z něj.
Test udělej alespoň 8h ( přes noc).
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 111 hostů