winlog.exe 100pro vytížení procesoru

Zpráva

#16 Příspěvek od **vyosek** » 17 čer 2014 07:02

Tvorba fixlistu pro FRST

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Start
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-12-11] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKU\S-1-5-21-3304260785-2353553996-2048135476-1001\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564528 2013-12-11] (Samsung)
HKU\S-1-5-21-3304260785-2353553996-2048135476-1001\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845168 2013-12-11] (Samsung)
HKU\S-1-5-21-3304260785-2353553996-2048135476-1001\...\Run: [KiesAirMessage] => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
HKU\S-1-5-21-3304260785-2353553996-2048135476-1001\...\Run: [Steam] => D:\Steam\steam.exe [1775808 2014-05-28] (Valve Corporation)
HKU\S-1-5-21-3304260785-2353553996-2048135476-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
AppInit_DLLs: C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL => C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL File Not Found
AppInit_DLLs-x32: C:\PROGRA~2\NVIDIA~1\3DVISI~1\nvStInit.dll => "C:\PROGRA~2\NVIDIA~1\3DVISI~1\nvStInit.dll" File Not Found
Startup: C:\Users\Still-Alive\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk

SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=coolmsd&cd=2XzuyEtN2Y1L1Qzu0DyEtA0DyB0EtB0B0C0BtAtDyE0D0AtDtN0D0Tzu0CyDyEtCtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1R1F1F1I1H1B1Q&cr=667946291&ir=
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=coolmsd&cd=2XzuyEtN2Y1L1Qzu0DyEtA0DyB0EtB0B0C0BtAtDyE0D0AtDtN0D0Tzu0CyDyEtCtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1R1F1F1I1H1B1Q&cr=667946291&ir=
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=coolmsd&cd=2XzuyEtN2Y1L1Qzu0DyEtA0DyB0EtB0B0C0BtAtDyE0D0AtDtN0D0Tzu0CyDyEtCtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1R1F1F1I1H1B1Q&cr=667946291&ir=

FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
S3 GPUZ; \??\C:\Users\STILL-~1\AppData\Local\Temp\GPUZ.sys [X]
S3 MSICDSetup; \??\E:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\E:\NTIOLib_X64.sys [X]

2014-06-17 07:55 - 2014-06-17 07:55 - 00112640 _____ (forum.viry.cz) C:\Users\Still-Alive\Desktop\FRSTLauncher.exe
2014-06-17 07:55 - 2014-06-17 07:55 - 00029696 _____ () C:\Users\Still-Alive\AppData\Local\MSGBOX.EXE
2014-06-17 07:55 - 2014-06-17 07:55 - 00015327 _____ () C:\Users\Still-Alive\Desktop\LM.bat
2014-06-17 07:38 - 2014-06-17 07:39 - 00000000 ____D () C:\AdwCleaner
2014-06-17 07:38 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-06-17 07:37 - 2014-06-17 07:37 - 01333465 _____ () C:\Users\Still-Alive\Desktop\adwcleaner_3.212.exe
2014-06-16 22:12 - 2014-06-16 22:12 - 00007017 _____ () C:\wtf.txt
2014-06-16 21:47 - 2014-06-16 21:47 - 00009233 _____ () C:\malvare.txt
2014-06-16 21:25 - 2014-06-16 21:25 - 11167316 _____ () C:\Users\Still-Alive\Desktop\cc-setup.exe
2014-06-06 06:13 - 2014-06-06 06:13 - 00000000 ____D () C:\Users\Still-Alive\AppData\Roaming\WinUpdate
C:\Users\Still-Alive\AppData\Local\Temp\46061uninstall.exe
C:\Users\Still-Alive\AppData\Local\Temp\drm_dyndata_7380014.dll
C:\Users\Still-Alive\AppData\Local\Temp\drm_dyndata_7390005.dll
C:\Users\Still-Alive\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpyl42cw.dll
C:\Users\Still-Alive\AppData\Local\Temp\Execute2App.exe
C:\Users\Still-Alive\AppData\Local\Temp\InstHelper.exe
C:\Users\Still-Alive\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Still-Alive\AppData\Local\Temp\Kies2RemoveAll.exe
C:\Users\Still-Alive\AppData\Local\Temp\msvcp90.dll
C:\Users\Still-Alive\AppData\Local\Temp\msvcr90.dll
C:\Users\Still-Alive\AppData\Local\Temp\nv3DVStreaming.dll
C:\Users\Still-Alive\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Still-Alive\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Still-Alive\AppData\Local\Temp\nvStereoApiI.dll
C:\Users\Still-Alive\AppData\Local\Temp\nvStInst.exe
C:\Users\Still-Alive\AppData\Local\Temp\ose00000.exe
C:\Users\Still-Alive\AppData\Local\Temp\proxy_vole7513451595786976459.dll
C:\Users\Still-Alive\AppData\Local\Temp\Quarantine.exe
C:\Users\Still-Alive\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Still-Alive\AppData\Local\Temp\sonarinst.exe
C:\Users\Still-Alive\AppData\Local\Temp\Sqlite3.dll
C:\Users\Still-Alive\AppData\Local\Temp\utt40A8.tmp.exe

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Hosts:
End

Ulozte vytvoreny TXT jako fixlist.txt
Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

Kliknete na Fix
Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

Still242 · #17 Příspěvek od **Still242** » 17 čer 2014 07:12

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 16-06-2014
Ran by Still-Alive at 2014-06-17 08:09:35 Run:1
Running from C:\Users\Still-Alive\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-12-11] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKU\S-1-5-21-3304260785-2353553996-2048135476-1001\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564528 2013-12-11] (Samsung)
HKU\S-1-5-21-3304260785-2353553996-2048135476-1001\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845168 2013-12-11] (Samsung)
HKU\S-1-5-21-3304260785-2353553996-2048135476-1001\...\Run: [KiesAirMessage] => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
HKU\S-1-5-21-3304260785-2353553996-2048135476-1001\...\Run: [Steam] => D:\Steam\steam.exe [1775808 2014-05-28] (Valve Corporation)
HKU\S-1-5-21-3304260785-2353553996-2048135476-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
AppInit_DLLs: C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL => C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL File Not Found
AppInit_DLLs-x32: C:\PROGRA~2\NVIDIA~1\3DVISI~1\nvStInit.dll => "C:\PROGRA~2\NVIDIA~1\3DVISI~1\nvStInit.dll" File Not Found
Startup: C:\Users\Still-Alive\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk

SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.mysearchdial.com/results.p ... 946291&ir=
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.mysearchdial.com/results.p ... 946291&ir=
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.mysearchdial.com/results.p ... 946291&ir=

FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
S3 GPUZ; \??\C:\Users\STILL-~1\AppData\Local\Temp\GPUZ.sys [X]
S3 MSICDSetup; \??\E:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\E:\NTIOLib_X64.sys [X]

2014-06-17 07:55 - 2014-06-17 07:55 - 00112640 _____ (forum.viry.cz) C:\Users\Still-Alive\Desktop\FRSTLauncher.exe
2014-06-17 07:55 - 2014-06-17 07:55 - 00029696 _____ () C:\Users\Still-Alive\AppData\Local\MSGBOX.EXE
2014-06-17 07:55 - 2014-06-17 07:55 - 00015327 _____ () C:\Users\Still-Alive\Desktop\LM.bat
2014-06-17 07:38 - 2014-06-17 07:39 - 00000000 ____D () C:\AdwCleaner
2014-06-17 07:38 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-06-17 07:37 - 2014-06-17 07:37 - 01333465 _____ () C:\Users\Still-Alive\Desktop\adwcleaner_3.212.exe
2014-06-16 22:12 - 2014-06-16 22:12 - 00007017 _____ () C:\wtf.txt
2014-06-16 21:47 - 2014-06-16 21:47 - 00009233 _____ () C:\malvare.txt
2014-06-16 21:25 - 2014-06-16 21:25 - 11167316 _____ () C:\Users\Still-Alive\Desktop\cc-setup.exe
2014-06-06 06:13 - 2014-06-06 06:13 - 00000000 ____D () C:\Users\Still-Alive\AppData\Roaming\WinUpdate
C:\Users\Still-Alive\AppData\Local\Temp\46061uninstall.exe
C:\Users\Still-Alive\AppData\Local\Temp\drm_dyndata_7380014.dll
C:\Users\Still-Alive\AppData\Local\Temp\drm_dyndata_7390005.dll
C:\Users\Still-Alive\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpyl42cw.dll
C:\Users\Still-Alive\AppData\Local\Temp\Execute2App.exe
C:\Users\Still-Alive\AppData\Local\Temp\InstHelper.exe
C:\Users\Still-Alive\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Still-Alive\AppData\Local\Temp\Kies2RemoveAll.exe
C:\Users\Still-Alive\AppData\Local\Temp\msvcp90.dll
C:\Users\Still-Alive\AppData\Local\Temp\msvcr90.dll
C:\Users\Still-Alive\AppData\Local\Temp\nv3DVStreaming.dll
C:\Users\Still-Alive\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Still-Alive\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Still-Alive\AppData\Local\Temp\nvStereoApiI.dll
C:\Users\Still-Alive\AppData\Local\Temp\nvStInst.exe
C:\Users\Still-Alive\AppData\Local\Temp\ose00000.exe
C:\Users\Still-Alive\AppData\Local\Temp\proxy_vole7513451595786976459.dll
C:\Users\Still-Alive\AppData\Local\Temp\Quarantine.exe
C:\Users\Still-Alive\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Still-Alive\AppData\Local\Temp\sonarinst.exe
C:\Users\Still-Alive\AppData\Local\Temp\Sqlite3.dll
C:\Users\Still-Alive\AppData\Local\Temp\utt40A8.tmp.exe

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Hosts:
End
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\KiesTrayAgent => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value deleted successfully.
HKU\S-1-5-21-3304260785-2353553996-2048135476-1001\Software\Microsoft\Windows\CurrentVersion\Run\\KiesPreload => value deleted successfully.
HKU\S-1-5-21-3304260785-2353553996-2048135476-1001\Software\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKU\S-1-5-21-3304260785-2353553996-2048135476-1001\Software\Microsoft\Windows\CurrentVersion\Run\\KiesAirMessage => value deleted successfully.
HKU\S-1-5-21-3304260785-2353553996-2048135476-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Steam => value deleted successfully.
HKU\S-1-5-21-3304260785-2353553996-2048135476-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Skype => value deleted successfully.
"C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL" => Value Data removed successfully.
"C:\PROGRA~2\NVIDIA~1\3DVISI~1\nvStInit.dll" => Value Data removed successfully.
C:\Users\Still-Alive\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk => Moved successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
'HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}' => Key deleted successfully.
'HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}'=> Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
'HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}' => Key deleted successfully.
'HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}'=> Key not found.
HKLM\Software\Mozilla\Thunderbird\Extensions\\eplgTb@eset.com => value deleted successfully.
HKLM\Software\Wow6432Node\Mozilla\Thunderbird\Extensions\\eplgTb@eset.com => value deleted successfully.
dgderdrv => Service deleted successfully.
GPUZ => Service deleted successfully.
MSICDSetup => Service deleted successfully.
NTIOLib_1_0_C => Service deleted successfully.
C:\Users\Still-Alive\Desktop\FRSTLauncher.exe => Moved successfully.
C:\Users\Still-Alive\AppData\Local\MSGBOX.EXE => Moved successfully.
C:\Users\Still-Alive\Desktop\LM.bat => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Windows\SysWOW64\sqlite3.dll => Moved successfully.
C:\Users\Still-Alive\Desktop\adwcleaner_3.212.exe => Moved successfully.
C:\wtf.txt => Moved successfully.
C:\malvare.txt => Moved successfully.
C:\Users\Still-Alive\Desktop\cc-setup.exe => Moved successfully.
C:\Users\Still-Alive\AppData\Roaming\WinUpdate => Moved successfully.
C:\Users\Still-Alive\AppData\Local\Temp\46061uninstall.exe => Moved successfully.
C:\Users\Still-Alive\AppData\Local\Temp\drm_dyndata_7380014.dll => Moved successfully.
C:\Users\Still-Alive\AppData\Local\Temp\drm_dyndata_7390005.dll => Moved successfully.
C:\Users\Still-Alive\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpyl42cw.dll => Moved successfully.
C:\Users\Still-Alive\AppData\Local\Temp\Execute2App.exe => Moved successfully.
C:\Users\Still-Alive\AppData\Local\Temp\InstHelper.exe => Moved successfully.
C:\Users\Still-Alive\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe => Moved successfully.
C:\Users\Still-Alive\AppData\Local\Temp\Kies2RemoveAll.exe => Moved successfully.
C:\Users\Still-Alive\AppData\Local\Temp\msvcp90.dll => Moved successfully.
C:\Users\Still-Alive\AppData\Local\Temp\msvcr90.dll => Moved successfully.
C:\Users\Still-Alive\AppData\Local\Temp\nv3DVStreaming.dll => Moved successfully.
C:\Users\Still-Alive\AppData\Local\Temp\nvSCPAPI.dll => Moved successfully.
C:\Users\Still-Alive\AppData\Local\Temp\nvSCPAPI64.dll => Moved successfully.
C:\Users\Still-Alive\AppData\Local\Temp\nvStereoApiI.dll => Moved successfully.
C:\Users\Still-Alive\AppData\Local\Temp\nvStInst.exe => Moved successfully.
C:\Users\Still-Alive\AppData\Local\Temp\ose00000.exe => Moved successfully.
"C:\Users\Still-Alive\AppData\Local\Temp\proxy_vole7513451595786976459.dll" => File/Directory not found.
C:\Users\Still-Alive\AppData\Local\Temp\Quarantine.exe => Moved successfully.
C:\Users\Still-Alive\AppData\Local\Temp\SkypeSetup.exe => Moved successfully.
C:\Users\Still-Alive\AppData\Local\Temp\sonarinst.exe => Moved successfully.
C:\Users\Still-Alive\AppData\Local\Temp\Sqlite3.dll => Moved successfully.
C:\Users\Still-Alive\AppData\Local\Temp\utt40A8.tmp.exe => Moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

==== End of Fixlog ====

#18 Příspěvek od **vyosek** » 17 čer 2014 07:23

Tak jeste uklidime

T-Cleaner http://vyosek.tym.cz/pro_usery/T-Cleaner.exe

Stahnete a spustte
Pro potvrzeni volby mackejte A, Enter
Po pouziti utilitu smazte
Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

Still242 · #19 Příspěvek od **Still242** » 17 čer 2014 07:24

Děkuji za pomoc

#20 Příspěvek od **vyosek** » 17 čer 2014 07:29

Nemate zac, rad jsem pomohl

Zase nekdy Obrázek

A na zaklade Pravidla o zamykani temat

VIRY.CZ

winlog.exe 100pro vytížení procesoru

Re: winlog.exe 100pro vytížení procesoru

Re: winlog.exe 100pro vytížení procesoru

Re: winlog.exe 100pro vytížení procesoru

Re: winlog.exe 100pro vytížení procesoru

Re: winlog.exe 100pro vytížení procesoru