Modrá obrazovka

Zpráva

#16 Příspěvek od **Márty84** » 07 úno 2018 11:45

Iva212 píše:A tie nálezy predtým čo to vlastne bolo?

Nic vezneho, vetsi problem je ten disk, to muze byt pricina potizi. Uvidime po docisteni.

Dejte nove logy z FRST

Iva212 · #17 Příspěvek od **Iva212** » 07 úno 2018 16:39

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 27.01.2018
Ran by Iva (administrator) on IVA-PC (07-02-2018 16:26:52)
Running from C:\Users\Iva\Desktop
Loaded Profiles: Iva (Available Profiles: Iva)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Lexmark International, Inc.) C:\Windows\System32\LEXBCES.EXE
(Lexmark International, Inc.) C:\Windows\System32\LEXPPS.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\sched.exe
(Microsoft Corporation) C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe
(Microsoft Corporation) C:\Windows\System32\IgrsSvcs.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Lenovo(beijing) Limited) C:\Program Files\Lenovo\Energy Management\utility.exe
(Lenovo (Beijing) Limited) C:\Program Files\Lenovo\Energy Management\Energy Management.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.Systray.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avguard.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avshadow.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation)
HKLM\...\Run: [EnergyUtility] => C:\Program Files\Lenovo\Energy Management\utility.exe [4081480 2009-07-15] (Lenovo(beijing) Limited)
HKLM\...\Run: [Energy Management] => C:\Program Files\Lenovo\Energy Management\Energy Management.exe [5064520 2009-06-25] (Lenovo (Beijing) Limited)
HKLM\...\Run: [Avira SystrayStartTrigger] => C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe [98024 2017-12-21] (Avira Operations GmbH & Co. KG)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{5A6B09D9-D8F4-4C90-A6A4-7B84A2405D60}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-30654545-3194649466-4156373986-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://accounts.google.com/ServiceLogin?service=mail&passive=true&rm=false&continue=hxxp://mail.google.com/mail/&scc=1&ltmpl=default&ltmplcache=2
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-21-30654545-3194649466-4156373986-1003 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2013-10-08] (Oracle Corporation)
BHO: Pomocník pri prihlasovaní v konte Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-03-30] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-10-08] (Oracle Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default [2018-02-07]
FF user.js: detected! => C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\user.js [2016-11-27]
FF Session Restore: Mozilla\Firefox\Profiles\ihm4dqwj.default -> is enabled.
FF Extension: (Flash Video Downloader) - C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\Extensions\artur.dubovoy@gmail.com.xpi [2018-01-20]
FF Extension: (1-Click YouTube Video Downloader) - C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\Extensions\YoutubeDownloader@PeterOlayev.com.xpi [2018-01-11]
FF Extension: (Flash and Video Download) - C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a}.xpi [2018-02-04]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_25_0_0_127.dll [2017-04-08] ()
FF Plugin: @canon.com/EPPEX -> C:\Program Files\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2013-10-08] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2013-10-08] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.4 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2009-06-09] (Microsoft Corp.)
FF Plugin: @SonyCreativeSoftware.com/Media Go,version=1.0 -> C:\Program Files\Sony\Media Go\npmediago.dll [2010-01-20] (Sony Media Software and Services Inc)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-30654545-3194649466-4156373986-1003: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Iva\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2012-10-11] (Skype Limited)

Chrome:
=======
CHR DefaultProfile: Default
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Iva\AppData\Local\Google\Chrome\User Data\Default [2018-02-06]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Iva\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-25]
CHR Extension: (Chrome Media Router) - C:\Users\Iva\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-10]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [142648 2014-07-23] (SUPERAntiSpyware.com)
S2 AntiVirMailService; C:\Program Files\Avira\Antivirus\avmailc7.exe [1128944 2017-12-19] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files\Avira\Antivirus\sched.exe [492560 2018-01-06] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\Antivirus\avguard.exe [492560 2018-01-06] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files\Avira\Antivirus\avwebg7.exe [1526832 2017-12-19] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe [444600 2017-12-21] (Avira Operations GmbH & Co. KG)
S3 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [582944 2009-07-01] (Broadcom Corporation.)
R2 IGRS; C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe [38152 2009-07-14] (Lenovo Group Limited)
S3 Lenovo ReadyComm AppSvc; C:\Program Files\Lenovo\ReadyComm\AppSvc.exe [414984 2009-07-28] (Lenovo Group Limited)
S3 Lenovo ReadyComm ConnSvc; C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe [472328 2009-07-28] (Lenovo Group Limited)
R2 LexBceS; C:\windows\System32\LEXBCES.EXE [303104 2003-08-18] (Lexmark International, Inc.) [File not signed]
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4563920 2017-11-01] (Malwarebytes)
S4 MSSQLServerADHelper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [44384 2010-12-10] (Microsoft Corporation)
S3 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [503080 2010-05-04] (Nero AG)
S3 PS_MDP; C:\Program Files\Lenovo\ReadyComm\PS_MDP.dll [276296 2009-07-16] (Lenovo Group Limited)
R2 ReadyComm.DirectRouter; C:\Program Files\Lenovo\ReadyComm\common\router.dll [103688 2009-07-14] (Lenovo Group Limited)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ACPIVPC; C:\windows\System32\DRIVERS\AcpiVpc.sys [23136 2010-01-20] (Lenovo Corporation)
R0 avdevprot; C:\windows\System32\DRIVERS\avdevprot.sys [46440 2017-06-20] (Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\windows\System32\DRIVERS\avgntflt.sys [130912 2017-10-05] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\windows\System32\DRIVERS\avipbb.sys [153664 2017-09-05] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\windows\System32\DRIVERS\avkmgr.sys [35840 2017-03-23] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\windows\System32\DRIVERS\avnetflt.sys [59000 2017-03-23] (Avira Operations GmbH & Co. KG)
S3 Bridge0; C:\windows\System32\drivers\WDBridge.sys [63240 2009-07-28] (Lenovo)
R3 Btcsrusb; C:\windows\System32\Drivers\btcusb.sys [47504 2016-11-27] (IVT Corporation.)
R1 HWiNFO32; C:\windows\system32\drivers\HWiNFO32.SYS [23840 2016-11-27] (REALiX(tm))
S3 MBAMSwissArmy; C:\windows\System32\Drivers\mbamswissarmy.sys [221112 2018-02-06] (Malwarebytes)
R2 npf; C:\windows\System32\drivers\npf.sys [50704 2010-01-27] (CACE Technologies, Inc.)
S3 RSUSBSTOR; C:\windows\System32\Drivers\RtsUStor.sys [171520 2009-07-30] (Realtek Semiconductor Corp.) [File not signed]
S3 RTSUER; C:\windows\System32\Drivers\RtsUer.sys [304344 2016-11-27] (Realsil Semiconductor Corporation)
S3 s1039mdm; C:\windows\System32\DRIVERS\s1039mdm.sys [124016 2010-03-15] (MCCI Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 SmbDrvI; C:\windows\System32\DRIVERS\Smb_driver_Intel.sys [26792 2016-11-27] (Synaptics Incorporated)
R3 SNP2UVC; C:\windows\System32\DRIVERS\snp2uvc.sys [1759616 2009-03-13] ()
R3 wdmirror; C:\windows\System32\DRIVERS\WDMirror.sys [11792 2009-07-16] (Windows (R) Codename Longhorn DDK provider)
S3 wsvd; C:\windows\System32\DRIVERS\wsvd.sys [81704 2009-07-21] (CyberLink)
U5 AppMgmt; C:\windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-02-07 06:54 - 2018-02-07 07:05 - 184508985 _____ C:\Users\Iva\Downloads\Ulice 3399 dil.mp4
2018-02-06 21:58 - 2018-02-06 21:58 - 000221112 _____ (Malwarebytes) C:\windows\system32\Drivers\mbamswissarmy.sys
2018-02-06 19:43 - 2018-02-06 19:43 - 000752348 _____ C:\Users\Iva\Downloads\Organizacna_struktura_platna_od_01.03.2015.pdf
2018-02-06 04:40 - 2018-02-06 04:51 - 190821053 _____ C:\Users\Iva\Downloads\Ulice 3398 dil.mp4
2018-02-05 20:44 - 2018-02-05 20:44 - 000000896 _____ C:\Users\Iva\Desktop\HD Tune.lnk
2018-02-05 20:31 - 2018-02-05 20:31 - 000014262 _____ C:\Users\Iva\Desktop\MBAM SCAN.txt
2018-02-04 12:42 - 2018-02-04 12:42 - 000002020 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-02-04 12:42 - 2018-02-04 12:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-02-04 12:42 - 2018-02-04 12:42 - 000000000 ____D C:\Program Files\Malwarebytes
2018-02-04 12:42 - 2017-11-29 09:11 - 000059896 _____ C:\windows\system32\Drivers\mbae.sys
2018-02-04 08:33 - 2018-02-04 08:23 - 008206624 _____ (Malwarebytes) C:\Users\Iva\Desktop\adwcleaner_7.0.7.0.exe
2018-02-02 21:49 - 2018-02-02 21:49 - 000022268 _____ C:\Users\Iva\Desktop\Addition.txt
2018-02-02 21:45 - 2018-02-07 16:29 - 000013098 _____ C:\Users\Iva\Desktop\FRST.txt
2018-02-02 21:36 - 2018-02-02 21:38 - 000112640 _____ (forum.viry.cz) C:\Users\Iva\Desktop\FRSTLauncher(1).exe
2018-02-02 21:29 - 2018-02-02 21:29 - 001754112 _____ (Farbar) C:\Users\Iva\Desktop\FRST.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-02-07 16:09 - 2009-07-14 05:34 - 000018736 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-02-07 16:09 - 2009-07-14 05:34 - 000018736 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-02-07 06:32 - 2009-09-23 02:25 - 000848194 _____ C:\windows\system32\PerfStringBackup.INI
2018-02-07 06:32 - 2009-07-14 03:37 - 000000000 ____D C:\windows\inf
2018-02-07 06:30 - 2016-11-19 16:55 - 000000000 ____D C:\Users\Iva\AppData\LocalLow\Mozilla
2018-02-07 06:25 - 2009-07-14 05:53 - 000000006 ____H C:\windows\Tasks\SA.DAT
2018-02-06 21:57 - 2016-01-18 15:45 - 000000000 ____D C:\Users\Iva\Desktop\Kontrola_Cistenie_Oprava_disku
2018-02-05 20:44 - 2014-04-03 21:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune
2018-02-05 20:44 - 2014-04-03 21:21 - 000000000 ____D C:\Program Files\HD Tune
2018-02-04 13:03 - 2017-12-03 18:51 - 000000000 ____D C:\KMPlayer
2018-02-04 12:42 - 2012-10-02 18:09 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-02-04 08:47 - 2016-11-27 19:56 - 000000000 ____D C:\ProgramData\IObit
2018-02-04 08:47 - 2013-12-09 21:34 - 000000000 ____D C:\AdwCleaner
2018-02-04 08:47 - 2010-01-29 17:48 - 000000000 ____D C:\Users\Iva
2018-02-04 08:46 - 2016-11-27 19:57 - 000000000 ____D C:\Users\Iva\AppData\LocalLow\IObit
2018-02-04 08:46 - 2016-11-27 19:57 - 000000000 ____D C:\Program Files\Common Files\IObit
2018-02-04 08:46 - 2016-11-27 19:56 - 000000000 ____D C:\Users\Iva\AppData\Roaming\IObit
2018-02-02 21:42 - 2014-04-01 15:42 - 000000000 ____D C:\FRST
2018-01-30 18:45 - 2012-04-25 04:28 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
2018-01-30 14:13 - 2014-03-31 17:01 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-01-29 20:37 - 2014-12-29 09:54 - 000000000 ____D C:\Dokumenty_od_29-12-2014
2018-01-29 20:33 - 2015-02-08 09:56 - 000000000 ____D C:\Users\Iva\Downloads\Jedlo
2018-01-19 16:18 - 2017-12-14 17:43 - 000000000 ____D C:\Users\Iva\Downloads\Doklady
2018-01-14 08:46 - 2010-01-29 18:56 - 000113968 _____ C:\Users\Iva\AppData\Local\GDIPFONTCACHEV1.DAT
2018-01-14 08:44 - 2009-07-14 05:33 - 000412888 _____ C:\windows\system32\FNTCACHE.DAT
2018-01-10 17:15 - 2013-07-24 19:02 - 000000000 ____D C:\windows\system32\MRT
2018-01-10 17:04 - 2017-10-11 16:08 - 126487616 ____C (Microsoft Corporation) C:\windows\system32\MRT-KB890830.exe
2018-01-10 17:03 - 2010-01-29 18:41 - 126487616 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe

==================== Files in the root of some directories =======

2012-04-04 20:10 - 2010-01-26 10:11 - 000444283 _____ () C:\Program Files\Common Files\WinPcapNmap.exe
2011-09-26 20:23 - 2011-10-01 08:24 - 000007722 _____ () C:\Users\Iva\AppData\Roaming\mdbu.bin
2010-05-08 19:34 - 2014-01-13 18:21 - 000005632 _____ () C:\Users\Iva\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-01-16 09:01 - 2017-01-23 09:44 - 000007608 _____ () C:\Users\Iva\AppData\Local\Resmon.ResmonCfg

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\windows\explorer.exe => File is digitally signed
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-02-07 05:31

==================== End of FRST.txt ============================

#18 Příspěvek od **Márty84** » 07 úno 2018 21:05

Odinstalujte MBAM a SuperAntiSpyware

Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

SearchScopes: HKLM -> DefaultScope value is missing

FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found

ContextMenuHandlers1: [DefragglerShellExtension] -> [CC]{4380C993-0C43-4E02-9A7A-0D40B6EA7590} =>  -> No File
ContextMenuHandlers6: [DefragglerShellExtension] -> [CC]{4380C993-0C43-4E02-9A7A-0D40B6EA7590} =>  -> No File

Task: {469828B2-72F9-42A7-BCEB-C0F86FD65980} - \Driver Booster SkipUAC (Iva) -> No File <==== ATTENTION
Task: {84873E8E-F790-4CD4-B331-28E544A6C53B} - \GoogleUpdateTaskMachineUA -> No File <==== ATTENTION
Task: {B226F53B-E6B9-4009-9018-E0C25F4D2D5A} - \GoogleUpdateTaskMachineCore -> No File <==== ATTENTION

AlternateDataStreams: C:\Users\Iva:zylomtest [0]
AlternateDataStreams: C:\Users\Iva:zylomtr{000HQ7FF-AD7A-3FG6-LH31-23G9CBQV6VSR} [36]
AlternateDataStreams: C:\ProgramData\Temp:7A602D78 [105]
AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1 [112]

DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ

Hosts:
EmptyTemp:
Reboot:
End

Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.

Iva212 · #19 Příspěvek od **Iva212** » 08 úno 2018 16:31

Fix result of Farbar Recovery Scan Tool (x86) Version: 27.01.2018
Ran by Iva (08-02-2018 16:19:54) Run:1
Running from C:\Users\Iva\Desktop
Loaded Profiles: Iva (Available Profiles: Iva)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

SearchScopes: HKLM -> DefaultScope value is missing

FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found

ContextMenuHandlers1: [DefragglerShellExtension] -> [CC]{4380C993-0C43-4E02-9A7A-0D40B6EA7590} => -> No File
ContextMenuHandlers6: [DefragglerShellExtension] -> [CC]{4380C993-0C43-4E02-9A7A-0D40B6EA7590} => -> No File

Task: {469828B2-72F9-42A7-BCEB-C0F86FD65980} - \Driver Booster SkipUAC (Iva) -> No File <==== ATTENTION
Task: {84873E8E-F790-4CD4-B331-28E544A6C53B} - \GoogleUpdateTaskMachineUA -> No File <==== ATTENTION
Task: {B226F53B-E6B9-4009-9018-E0C25F4D2D5A} - \GoogleUpdateTaskMachineCore -> No File <==== ATTENTION

AlternateDataStreams: C:\Users\Iva:zylomtest [0]
AlternateDataStreams: C:\Users\Iva:zylomtr{000HQ7FF-AD7A-3FG6-LH31-23G9CBQV6VSR} [36]
AlternateDataStreams: C:\ProgramData\Temp:7A602D78 [105]
AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1 [112]

DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\Software\Mozilla\Thunderbird\Extensions\\eplgTb@eset.com" => removed successfully.
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\DefragglerShellExtension" => removed successfully.
HKLM\Software\Classes\CLSID\[CC]{4380C993-0C43-4E02-9A7A-0D40B6EA7590} => not found
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\DefragglerShellExtension" => removed successfully.
HKLM\Software\Classes\CLSID\[CC]{4380C993-0C43-4E02-9A7A-0D40B6EA7590} => not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{469828B2-72F9-42A7-BCEB-C0F86FD65980} => could not remove. ErrorCode1: 0x00000002
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{469828B2-72F9-42A7-BCEB-C0F86FD65980}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster SkipUAC (Iva)" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{84873E8E-F790-4CD4-B331-28E544A6C53B}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{84873E8E-F790-4CD4-B331-28E544A6C53B}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B226F53B-E6B9-4009-9018-E0C25F4D2D5A}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B226F53B-E6B9-4009-9018-E0C25F4D2D5A}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully.
C:\Users\Iva => ":zylomtest" ADS removed successfully.
C:\Users\Iva => ":zylomtr{000HQ7FF-AD7A-3FG6-LH31-23G9CBQV6VSR}" ADS removed successfully.
C:\ProgramData\Temp => ":7A602D78" ADS removed successfully.
C:\ProgramData\Temp => ":D1B5B4F1" ADS removed successfully.
"HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update" => removed successfully.
"HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ" => removed successfully.
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 13514799 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 39130 B
Edge => 0 B
Chrome => 37939280 B
Firefox => 384200378 B
Opera => 549888 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 33058 B
Public => 0 B
ProgramData => 0 B
systemprofile => 49697 B
LocalService => 33326 B
NetworkService => 33058 B
Iva => 272716836 B

RecycleBin => 0 B
EmptyTemp: => 684.3 MB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 16:22:41 ====

#20 Příspěvek od **Márty84** » 08 úno 2018 19:39

Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

vyosek píše: DelFix https://toolslib.net/downloads/finish/2/
Stahnete a spustte

Ponechte zatrzitkou pouze u volby Remove disinfection tools

Kliknete na Run

Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)

Defragmentujte disk(y) (SSD Disky ne!)
Stahnete program Defraggler https://www.piriform.com/defraggler/download/standard
Pri instalaci opet pozor na toolbar a dalsi nesmysly.
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.

Pak napiste, jak to s pc vypada.

Iva212 · #21 Příspěvek od **Iva212** » 11 úno 2018 20:44

Tak snád som to všetko zvládla.
NTB je oveľa svižnejší.

Dakujem

#22 Příspěvek od **Márty84** » 13 úno 2018 17:04

Nemate zac!

Kdyby se opakovala modra smrt, nebo byl jiny problem, budem tady

Mejte se krasne a treba zase nekdy

VIRY.CZ

Modrá obrazovka

Re: Modrá obrazovka

Re: Modrá obrazovka

Re: Modrá obrazovka

Re: Modrá obrazovka

Re: Modrá obrazovka

Re: Modrá obrazovka

Re: Modrá obrazovka