Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

vytizeni procesoru a disku

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
Jeanbob
Návštěvník
Návštěvník
Příspěvky: 10
Registrován: 19 lis 2006 10:49

vytizeni procesoru a disku

#1 Příspěvek od Jeanbob »

zdravim,
prosim o preventivku. Obcas mi driv vyletelo ve Spravci Uloh disk, pri otevirani prohlizece nebo pri aktualizacich ESETu.
Ted mi ale vylitava u ESETu procesor a hlavne notebook zamrzne pri nacitani screensaveru - sluzba frameworku ngen.exe (ve sluzbach ale nevim kde presne je, a jestli ji vubec muzu vypnout)

diky

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19.04.2018
Ran by Vojtěch (administrator) on NH4E7QW (20-04-2018 21:49:20)
Running from C:\Users\Vojtěch\Desktop
Loaded Profiles: Vojtěch (Available Profiles: Vojtěch)
Platform: Windows 8 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 10 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
() C:\Program Files (x86)\Photodex\ProShowProducer\scsiaccess.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\HP Color LaserJet CM1312 MFP Series\hppfaxprintersrv.exe
(f.lux Software LLC) C:\Users\Vojtěch\AppData\Local\FluxSoftware\Flux\flux.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(HP Inc.) C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Ghisler Software GmbH) C:\totalcmd\TOTALCMD.EXE
(Opera Software) C:\Program Files\Opera\52.0.2871.64\opera.exe
(Opera Software) C:\Program Files\Opera\52.0.2871.64\opera_crashreporter.exe
(Opera Software) C:\Program Files\Opera\52.0.2871.64\opera.exe
(Opera Software) C:\Program Files\Opera\52.0.2871.64\opera.exe
(Opera Software) C:\Program Files\Opera\52.0.2871.64\opera.exe
(Opera Software) C:\Program Files\Opera\52.0.2871.64\opera.exe
(Opera Software) C:\Program Files\Opera\52.0.2871.64\opera.exe
(Opera Software) C:\Program Files\Opera\52.0.2871.64\opera.exe
(Opera Software) C:\Program Files\Opera\52.0.2871.64\opera.exe
(Opera Software) C:\Program Files\Opera\52.0.2871.64\opera.exe
(Opera Software) C:\Program Files\Opera\52.0.2871.64\opera.exe
(Opera Software) C:\Program Files\Opera\52.0.2871.64\opera.exe
(Opera Software) C:\Program Files\Opera\52.0.2871.64\opera.exe
(Farbar) C:\Users\Vojtěch\Desktop\FRST64 (1).exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2012-11-12] (IDT, Inc.)
HKLM\...\Run: [HP Color LaserJet CM1312 MFP Series Fax] => C:\Program Files (x86)\HP\HP Color LaserJet CM1312 MFP Series\hppfaxprintersrv.exe [3700736 2009-09-22] (Hewlett-Packard Company)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES/MALWAREBYTES/ANTI-MALWARE\mbamtray.exe [2786768 2016-11-29] (Malwarebytes)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285832 2013-05-04] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [BtTray] => C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [371976 2012-09-19] (IVT Corporation)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [337184 2013-10-16] (Hewlett-Packard Company)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111136 2012-11-21] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [493088 2012-11-21] (CyberLink Corp.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM-x32\...\Run: [DelaypluginInstall] => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-866173097-1738320259-1985661619-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-866173097-1738320259-1985661619-1002\...\Run: [Boxoft Tools] => C:\ProgramData\Boxtools\Boxofttoolbox.exe [514048 2010-12-15] ()
HKU\S-1-5-21-866173097-1738320259-1985661619-1002\...\Run: [PC Suite Tray] => C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [1516632 2012-06-26] (Nokia)
HKU\S-1-5-21-866173097-1738320259-1985661619-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [3102496 2017-10-30] (Valve Corporation)
HKU\S-1-5-21-866173097-1738320259-1985661619-1002\...\Run: [5KPlayer] => C:\Program Files (x86)\DearMob\5KPlayer\5KPlayer.exe [26735424 2017-08-03] (Dearmob)
HKU\S-1-5-21-866173097-1738320259-1985661619-1002\...\Run: [f.lux] => C:\Users\Vojtěch\AppData\Local\FluxSoftware\Flux\flux.exe [1678840 2017-10-10] (f.lux Software LLC)
HKU\S-1-5-21-866173097-1738320259-1985661619-1002\...\Run: [CPN Notifier] => C:\Program Files (x86)\The Greek Poker 2.0\PokerNotifier.exe
HKU\S-1-5-21-866173097-1738320259-1985661619-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\Snow3.scr [352256 2009-06-29] (Thomas Olesch)
HKU\S-1-5-18\...\Run: [Power2GoExpress8] => C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe [1712672 2012-11-21] (CyberLink Corp.)
Lsa: [Notification Packages] DPPassFilter scecli
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2015-12-31]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{3FB67058-48F5-41DB-BA61-F9D104C15A78}: [DhcpNameServer] 10.11.0.1
Tcpip\..\Interfaces\{A4F71677-C072-4D8A-96CA-BDC340144CF4}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{B6DD668F-0FE8-4988-9F15-2792B0BCA99F}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-866173097-1738320259-1985661619-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll [2017-03-05] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-03-05] (Oracle Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-07-21] (HP Inc.)
BHO-x32: Free Download Manager -> {CC59E0F9-7E43-44FA-9FAA-8377850BF205} -> C:\Program Files (x86)\Free Download Manager\iefdm2.dll [2014-09-24] (FreeDownloadManager.ORG)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-21] (HP Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\SKYPE4~1.DLL [2017-01-02] (Skype Technologies)
Handler: WSWSVCUchrome - No CLSID Value

FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt
FF Extension: (DigitalPersona Extension) - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt [2013-12-10] [Legacy] [not signed]
FF HKU\S-1-5-21-866173097-1738320259-1985661619-1002\...\Firefox\Extensions: [acewebextension_unlisted@acestream.org] - C:\Users\Vojtěch\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_205.dll [2016-10-26] ()
FF Plugin: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-03-05] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-03-05] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_205.dll [2016-10-26] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.66 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-02-04] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-02-04] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll [2011-03-09] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: digitalpersona.com/ChromeDPAgent -> C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\ChromeExt\components\npChromeDPAgent.dll [2012-10-26] (DigitalPersona, Inc.)
FF Plugin HKU\S-1-5-21-866173097-1738320259-1985661619-1002: @citrixonline.com/appdetectorplugin -> C:\Users\Vojtěch\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2017-01-28] (Citrix Online)
FF Plugin ProgramFiles/Appdata: C:\Users\Vojtěch\AppData\Roaming\mozilla\plugins\npPxPlay.dll [2014-03-18] ( )

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\Default [2018-04-15]
CHR Extension: (Ace Script) - C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjbepbhonbojpoaenhckjocchgfiaofo [2017-12-29]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-12-29]
CHR Extension: (Chrome Media Router) - C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-03-31]
CHR HKU\S-1-5-21-866173097-1738320259-1985661619-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1612552 2012-09-26] (IVT Corporation)
R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [146184 2012-09-19] (IVT Corporation)
R2 DpHost; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [488824 2012-10-26] (DigitalPersona, Inc.)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2847736 2018-04-02] (ESET)
S3 FLCDLOCK; c:\Windows\SysWOW64\flcdlock.exe [477056 2012-11-19] (Hewlett-Packard Company)
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [107520 2016-09-15] (Freemake) [File not signed]
R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2016-09-15] (Ellora Assets Corp.) [File not signed]
S3 GDOCService; C:\Program Files (x86)\Global Graphics\gDocPDFServer\MWFSrv.exe [77824 2010-08-27] (Global Graphics) [File not signed]
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [681760 2013-10-16] (Hewlett-Packard Company)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [217088 2007-11-06] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [139264 2007-11-06] (Hewlett-Packard Co.) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [332144 2017-11-21] (HP Inc.)
R2 HPTouchpointAnalyticsService; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [332216 2017-11-22] (HP Inc.)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131032 2014-02-04] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165336 2014-02-04] (Intel Corporation)
S3 Macromedia Licensing Service; C:\Program Files (x86)\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe [68096 2015-03-22] () [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4317648 2016-11-29] (Malwarebytes)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [File not signed]
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1719040 2016-08-10] (PDF Complete Inc)
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75064 2014-10-10] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [214520 2014-11-21] ()
R2 ScsiAccess; C:\Program Files (x86)\Photodex\ProShowProducer\ScsiAccess.exe [181312 2014-03-18] () [File not signed]
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [327680 2012-11-12] (IDT, Inc.) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2015-07-06] (Microsoft Corporation)
S2 postgresql-x64-9.3; "C:\Program Files\PostgreSQL\9.3\bin\pg_ctl.exe" runservice -N "postgresql-x64-9.3" -D "C:/Program Files/PostgreSQL/9.3/data" -w [X] <==== ATTENTION
S2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [35496 2012-07-09] (Advanced Micro Devices, Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [29696 2012-09-20] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2013-12-21] ()
U5 BlueletAudio; C:\Windows\System32\Drivers\BlueletAudio.sys [34912 2012-06-15] (Ralink Corporation.)
R3 BtAudioBusSrv; C:\Windows\System32\Drivers\BtAudioBus.sys [23136 2012-06-15] (IVT Corporation)
S3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [56904 2012-07-19] (Ralink Corporation)
S3 btUrbFilterDrv; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [48608 2012-10-02] (Ralink Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 DAMDrv; C:\Windows\system32\DRIVERS\DAMDrv64.sys [64832 2012-11-09] (Hewlett-Packard Company)
S3 dtproscsibus; C:\Windows\System32\drivers\dtproscsibus.sys [30264 2017-01-02] (Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [132280 2018-04-02] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [212096 2016-10-13] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [180024 2018-04-02] (ESET)
R1 epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [70960 2018-04-02] (ESET)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77408 2016-12-12] ()
S0 giveio; C:\Windows\SysWOW64\drivers\giveio.sys [5248 1996-04-03] () [File not signed]
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2015-11-12] (LogMeIn Inc.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2013-12-21] ()
R2 MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [176064 2016-12-10] (Malwarebytes)
S3 MBAMFarflt; C:\Windows\system32\drivers\farflt.sys [102856 2016-12-12] (Malwarebytes)
S3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [43968 2016-12-12] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [250816 2018-04-15] (Malwarebytes)
S3 MBAMWebProtection; C:\Windows\system32\drivers\mwac.sys [91584 2016-12-12] (Malwarebytes)
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1204424 2013-12-02] (Ralink Technology, Corp.)
R3 SensorsServiceDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [198656 2012-07-26] (Microsoft Corporation)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-15] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [43832 2012-08-15] (Synaptics Incorporated)
R3 SNP2UVC; C:\Windows\system32\DRIVERS\snp2uvc.sys [1864328 2012-10-04] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [394296 2017-01-02] (Duplex Secure Ltd.)
U3 TrueSight; C:\Windows\System32\Drivers\TrueSight.sys [30848 2015-12-29] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-06] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [281944 2015-07-06] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-06-27] (Hewlett-Packard Development Company, L.P.)
U0 aswVmm; no ImagePath
U5 BlueletAudio; C:\Windows\SysWOW64\Drivers\BlueletAudio.sys [34912 2012-06-15] (Ralink Corporation.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 NPF; system32\drivers\NPF.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-04-20 21:49 - 2018-04-20 21:51 - 000023229 _____ C:\Users\Vojtěch\Desktop\FRST.txt
2018-04-20 21:48 - 2018-04-20 21:48 - 002404352 _____ (Farbar) C:\Users\Vojtěch\Desktop\FRST64 (1).exe
2018-04-20 21:48 - 2018-04-20 21:48 - 000112640 _____ (forum.viry.cz) C:\Users\Vojtěch\Desktop\FRSTLauncher.exe
2018-04-20 21:48 - 2018-04-20 21:48 - 000029696 _____ C:\Users\Vojtěch\AppData\Local\MSGBOX.EXE
2018-04-20 21:48 - 2018-04-20 21:48 - 000015327 _____ C:\Users\Vojtěch\Desktop\LM.bat
2018-04-20 19:33 - 2018-04-20 19:40 - 1593235526 _____ C:\Users\Vojtěch\Downloads\Cube.1997.1080p.BrRip.x264.cze.eng.mkv
2018-04-20 19:25 - 2018-04-20 21:47 - 000001078 _____ C:\Windows\system32dbgraw.bmp
2018-04-20 00:05 - 2018-04-20 00:06 - 093291525 _____ C:\Users\Vojtěch\Downloads\Baby Driver (2017) Soundtrack - Baby Driver Soundtrack (OST).rar
2018-04-20 00:03 - 2018-04-20 00:04 - 126519254 _____ C:\Users\Vojtěch\Downloads\VA - Baby Driver Vol. 2 OST (2018) [MP3].rar
2018-04-19 20:19 - 2018-04-19 20:34 - 3708221023 _____ C:\Users\Vojtěch\Downloads\Strážci-_-Watchmen-1080p-Bluray-AC3-5.1-CZ-2009.mkv
2018-04-15 18:06 - 2018-04-15 18:06 - 000000000 ____D C:\Users\Vojtěch\AppData\Local\CPN
2018-04-15 18:05 - 2018-04-15 18:05 - 000001262 _____ C:\Users\Vojtěch\Desktop\The Greek Poker 2.0.lnk
2018-04-15 18:04 - 2018-04-15 18:05 - 000000000 ____D C:\Program Files (x86)\The Greek Poker 2.0
2018-04-15 16:26 - 2018-04-15 16:26 - 000000000 ____D C:\Users\Vojtěch\AppData\Roaming\IDT
2018-04-11 20:39 - 2018-04-11 20:39 - 000020665 _____ C:\Users\Vojtěch\Downloads\NFL-2017-RS-W01-IND@LAR_720pier.ru.mkv.torrent
2018-04-11 20:00 - 2018-04-11 20:00 - 000020690 _____ C:\Users\Vojtěch\Downloads\NFL-2017.09.01_PRE04_CLE@CHI_720pier.ru.mkv.torrent
2018-04-11 19:28 - 2018-04-11 19:28 - 000013920 _____ C:\Users\Vojtěch\Downloads\NFL-2017-09-07..W1_KC@NE.720.mkv.torrent
2018-04-11 16:50 - 2018-04-11 16:51 - 127553754 _____ C:\Users\Vojtěch\Downloads\Michal Tučný - 1993 - Snídaně v trávě.zip
2018-04-06 09:30 - 2018-04-06 09:31 - 000026540 _____ C:\Users\Vojtěch\Downloads\Black-s-Game(0000217201) (1).zip
2018-04-04 16:28 - 2018-04-11 18:53 - 000000000 ____D C:\Users\Vojtěch\Downloads\(
2018-04-04 16:18 - 2018-04-04 16:18 - 000018659 _____ C:\Users\Vojtěch\Downloads\NBA-2018.04.03_ATL@MIA_60fps.mkv.torrent
2018-04-02 15:42 - 2018-04-02 15:42 - 000000000 _____ C:\Users\Vojtěch\Desktop\low-key nit.txt
2018-04-01 21:54 - 2018-04-01 22:01 - 1540709991 _____ C:\Users\Vojtěch\Downloads\Upstream Color (2013) by Pashowski.mp4
2018-04-01 21:54 - 2018-04-01 21:54 - 000037785 _____ C:\Users\Vojtěch\Downloads\Upstream Color (2013) by Pashowski-cze.srt
2018-04-01 15:59 - 2018-04-01 16:19 - 4223145307 _____ C:\Users\Vojtěch\Downloads\The.Autopsy.of.Jane.Doe.2016.1080p.BluRay.DTS.x264-MAJO.mkv
2018-04-01 15:59 - 2018-04-01 15:59 - 000038354 _____ C:\Users\Vojtěch\Downloads\The.Autopsy.of.Jane.Doe.2016.1080p.BluRay.DTS.x264-MAJO.srt
2018-04-01 12:38 - 2018-04-11 21:14 - 000000000 ____D C:\Users\Vojtěch\AppData\LocalLow\BitTorrent
2018-03-25 11:19 - 2018-03-25 11:22 - 776908354 _____ C:\Users\Vojtěch\Downloads\The Conspiracy 2012 BRRip X264-PLAYNOW.mkv
2018-03-25 11:19 - 2018-03-25 11:19 - 000072903 _____ C:\Users\Vojtěch\Downloads\The Conspiracy 2012 BRRip X264-PLAYNOW.srt
2018-03-22 18:23 - 2018-03-22 18:33 - 2196865882 _____ C:\Users\Vojtěch\Downloads\Anihilace_Annihilation_2018_HC.titulky.CZ_1080p.avi
2018-03-21 09:39 - 2018-03-21 09:39 - 000614430 _____ C:\Users\Vojtěch\Downloads\b47c1d5d-4458-4401-b548-1723a48ae0d3.tmp

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-04-20 21:49 - 2016-04-18 21:34 - 000000000 ____D C:\FRST
2018-04-20 21:22 - 2017-01-28 18:54 - 000000562 _____ C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-866173097-1738320259-1985661619-1002.job
2018-04-20 21:14 - 2017-01-28 18:54 - 000000658 _____ C:\Windows\Tasks\G2MUploadTask-S-1-5-21-866173097-1738320259-1985661619-1002.job
2018-04-20 19:42 - 2017-08-04 22:29 - 000000000 ____D C:\Users\Vojtěch\AppData\Roaming\5KPlayer
2018-04-20 14:50 - 2013-10-05 23:31 - 000000000 ____D C:\Users\Vojtěch\AppData\Local\GHISLER
2018-04-20 14:28 - 2013-10-04 22:05 - 000002236 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-04-19 14:24 - 2012-11-22 06:19 - 000756994 _____ C:\Windows\system32\perfh005.dat
2018-04-19 14:24 - 2012-11-22 06:19 - 000163422 _____ C:\Windows\system32\perfc005.dat
2018-04-19 14:24 - 2012-07-26 09:28 - 001854972 _____ C:\Windows\system32\PerfStringBackup.INI
2018-04-19 14:23 - 2012-07-26 07:37 - 000000000 ____D C:\Windows\Inf
2018-04-18 22:36 - 2013-11-04 10:26 - 000904192 ___SH C:\Users\Vojtěch\Desktop\Thumbs.db
2018-04-17 16:17 - 2014-11-24 10:52 - 000000000 ____D C:\Users\Vojtěch\Downloads\13_POKER
2018-04-17 08:23 - 2014-05-07 19:57 - 000003174 _____ C:\Windows\System32\Tasks\HPCeeScheduleForVojtěch
2018-04-17 08:23 - 2014-05-07 19:57 - 000000356 _____ C:\Windows\Tasks\HPCeeScheduleForVojtěch.job
2018-04-17 08:23 - 2013-10-03 23:32 - 000000000 ____D C:\Users\Vojtěch
2018-04-15 16:33 - 2018-02-05 20:03 - 000000000 ____D C:\Users\Vojtěch\AppData\Roaming\BitTorrent
2018-04-15 16:33 - 2016-01-03 12:08 - 000000000 ____D C:\Users\Vojtěch\AppData\Local\CrashDumps
2018-04-15 16:18 - 2017-01-02 20:53 - 000000000 ____D C:\Program Files (x86)\Steam
2018-04-15 16:17 - 2016-12-10 12:42 - 000250816 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2018-04-15 16:16 - 2012-11-22 05:49 - 000000000 ____D C:\ProgramData\PDFC
2018-04-15 16:15 - 2012-09-26 10:53 - 000000950 _____ C:\Windows\SysWOW64\bscs.ini
2018-04-15 16:15 - 2012-07-26 09:22 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-04-15 16:13 - 2016-04-18 22:28 - 000000000 ____D C:\AdwCleaner
2018-04-15 15:57 - 2012-07-26 07:26 - 000262144 ___SH C:\Windows\system32\config\BBI
2018-04-15 11:37 - 2017-01-25 20:46 - 000000000 ____D C:\AmericasCardroom
2018-04-14 21:22 - 2017-11-09 20:03 - 000003830 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1510250587
2018-04-14 21:22 - 2017-11-09 20:03 - 000001015 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2018-04-14 21:22 - 2017-08-09 12:21 - 000000000 ____D C:\Program Files\Opera
2018-04-11 16:51 - 2013-11-07 21:20 - 000000000 ____D C:\Users\Vojtěch\Downloads\02_hudba
2018-04-08 21:18 - 2017-09-28 09:59 - 000000000 ____D C:\Users\Vojtěch\Documents\My Kindle Content
2018-04-08 13:07 - 2017-07-08 22:28 - 000000000 ____D C:\Users\Vojtěch\AppData\Local\GoToMeeting
2018-04-08 13:07 - 2017-01-28 18:54 - 000003660 _____ C:\Windows\System32\Tasks\G2MUploadTask-S-1-5-21-866173097-1738320259-1985661619-1002
2018-04-08 13:07 - 2017-01-28 18:54 - 000003564 _____ C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-866173097-1738320259-1985661619-1002
2018-04-06 21:10 - 2017-05-07 17:55 - 000000000 ____D C:\Users\Vojtěch\AppData\Local\PokerStars.CZ
2018-04-06 19:32 - 2017-01-23 22:45 - 000000000 ____D C:\Program Files (x86)\PokerTracker 4
2018-04-02 18:28 - 2016-10-13 16:39 - 000180024 _____ (ESET) C:\Windows\system32\Drivers\ehdrv.sys
2018-04-02 18:28 - 2016-10-13 16:39 - 000132280 _____ (ESET) C:\Windows\system32\Drivers\eamonm.sys
2018-04-02 18:28 - 2016-10-13 16:39 - 000070960 _____ (ESET) C:\Windows\system32\Drivers\epfwwfpr.sys
2018-03-31 16:39 - 2013-11-07 21:31 - 000000000 ____D C:\Users\Vojtěch\Downloads\00_sazkarnet
2018-03-30 21:35 - 2018-01-14 11:53 - 000000000 ____D C:\Users\Vojtěch\AppData\Local\Equilab
2018-03-29 12:23 - 2018-01-26 20:04 - 000000000 ____D C:\Users\Vojtěch\AppData\Roaming\GGNetwork
2018-03-29 12:19 - 2018-01-26 20:05 - 000000000 ____D C:\Users\Vojtěch\AppData\Local\BREAKOUTPOKER
2018-03-29 12:19 - 2018-01-26 20:03 - 000000000 ____D C:\Program Files (x86)\BreakoutPoker
2018-03-29 07:03 - 2012-07-26 10:12 - 000000000 ____D C:\Windows\system32\NDF

==================== Files in the root of some directories =======

2015-05-26 17:20 - 2015-05-26 17:20 - 000000040 _____ () C:\Users\Vojtěch\AppData\Roaming\cdr.ini
2018-04-20 21:48 - 2018-04-20 21:48 - 000029696 _____ () C:\Users\Vojtěch\AppData\Local\MSGBOX.EXE
2015-11-19 14:19 - 2015-11-19 14:19 - 000000000 _____ () C:\Users\Vojtěch\AppData\Local\{A365E46F-AAE6-4A5E-A4F0-FEF0DDD7E94B}

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-04-18 22:34

==================== End of FRST.txt ============================

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: vytizeni procesoru a disku

#2 Příspěvek od Conder »

Ahoj :)

:arrow: Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
  • Uloz na plochu a ukonci vsetky programy
  • Spusti AdwCleaner ako spravca
  • Odsuhlas licencne podmienky
  • Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
  • Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
  • Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
  • Otvori sa log, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Odpovědět