Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach 
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Zamrzávající prohlížeč, zpomalené PC
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Zamrzávající prohlížeč, zpomalené PC
Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
-
blackspectre
- Návštěvník
- Příspěvky: 30
- Registrován: 04 úno 2015 23:39
Re: Zamrzávající prohlížeč, zpomalené PC
FRST spuštěn v nouzovém režimu, log níže, Addition.txt zabalen v příloze:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-02-2015
Ran by Michal (administrator) on MICHAL-PC on 08-02-2015 18:06:33
Running from C:\Users\Michal\Desktop
Loaded Profiles: Michal (Available profiles: Michal)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Safe Mode (with Networking)
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(forum.viry.cz) C:\Users\Michal\Desktop\FRST-OlderVersion\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [VIAxHCUtl] => C:\VIA_XHCI\usb3Monitor.exe [331776 2011-07-12] (VIA Technologies, Inc.)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2352072 2014-05-30] (NVIDIA Corporation)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [10396440 2014-04-15] (Logitech Inc.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5595336 2014-10-01] (ESET)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5028464 2012-01-12] (VIA)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-11-29] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-01-27] (Intel Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [444760 2014-03-07] (Razer Inc.)
HKLM-x32\...\Run: [Razer Naga Driver] => C:\Program Files (x86)\Razer\Naga\RazerNagaSysTray.exe
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [843480 2014-12-12] (BlueStack Systems, Inc.)
HKU\S-1-5-21-1165194453-1350465406-1964235809-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672384 2012-04-11] (DT Soft Ltd)
HKU\S-1-5-21-1165194453-1350465406-1964235809-1000\...\Run: [Steam] => E:\Hry\Steam\steam.exe [1942720 2015-01-23] (Valve Corporation)
HKU\S-1-5-21-1165194453-1350465406-1964235809-1000\...\Run: [EA Core] => "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
HKU\S-1-5-21-1165194453-1350465406-1964235809-1000\...\Run: [GarenaPlus] => "C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe" -autolaunch
HKU\S-1-5-21-1165194453-1350465406-1964235809-1000\...\MountPoints2: {d21b7b33-ec51-11e1-bab1-806e6f6e6963} - D:\Run.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1165194453-1350465406-1964235809-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/f ... wflash.cab
Handler-x32: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files (x86)\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\aamz0g9g.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @java.com/DTPlugin,version=10.11.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Windows\SysWOW64\npdeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @t.garena.com/garenatalk -> C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll ( Garena)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1165194453-1350465406-1964235809-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Michal\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Extension: Personas Plus - C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\aamz0g9g.default\Extensions\personas@christopher.beard.xpi [2012-08-22]
FF Extension: Adblock Plus - C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\aamz0g9g.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-03-30]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
Chrome:
=======
CHR Profile: C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-08]
CHR Extension: (Dokumenty Google) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-03-17]
CHR Extension: (Disk Google) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-03-17]
CHR Extension: (YouTube) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-03-17]
CHR Extension: (Vyhledávání Google) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-03-17]
CHR Extension: (Tabulky Google) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-08]
CHR Extension: (AdBlock) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-03-30]
CHR Extension: (Peněženka Google) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-02]
CHR Extension: (Gmail) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-03-17]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [409304 2014-12-12] (BlueStack Systems, Inc.)
S2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [388824 2014-12-12] (BlueStack Systems, Inc.)
S2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [786136 2014-12-12] (BlueStack Systems, Inc.)
S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2014-04-22] (Creative Labs) [File not signed]
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2014-04-22] (Creative Labs) [File not signed]
S2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [423424 2011-10-19] (Creative Technology Ltd) [File not signed]
S3 DAUpdaterSvc; E:\Hry\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [25832 2013-12-06] (BioWare)
S2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1349576 2014-10-01] (ESET)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2011-12-16] (Intel Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1631008 2014-05-30] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21055432 2014-05-30] (NVIDIA Corporation)
S3 Origin Client Service; E:\Hry\Origin\OriginClientService.exe [1903472 2015-01-21] (Electronic Arts)
S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2014-03-16] ()
S2 RzOvlMon; C:\Program Files (x86)\Razer\Core\64bit\rzovlmon.exe [32960 2014-02-21] (Razer, Inc.)
S2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2012-01-10] (VIA Technologies, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 MozillaMaintenance; "C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe" [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21616 2011-11-02] ()
S2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [122072 2014-12-12] (BlueStack Systems)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-08-22] (DT Soft Ltd)
S1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [243440 2014-10-10] (ESET)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [241368 2014-10-10] (ESET)
S1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [169280 2014-10-10] (ESET)
S2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [222280 2014-10-10] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [44632 2014-10-10] (ESET)
S0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [63160 2014-10-10] (ESET)
S0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
S2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
S2 npf; C:\Windows\System32\drivers\npf.sys [47632 2010-01-27] (CACE Technologies, Inc.)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-05-30] (NVIDIA Corporation)
S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] ()
S3 RzDxgk; C:\Windows\system32\drivers\RzDxgk.sys [129472 2014-02-21] (Razer, Inc.)
R3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [39080 2013-11-15] (Razer Inc)
R0 RzFilter; C:\Windows\System32\drivers\RzFilter.sys [74432 2014-02-21] (Razer, Inc.)
S3 rzjoystk; C:\Windows\System32\DRIVERS\rzjoystk.sys [19968 2011-03-24] (Razer USA Ltd)
R3 rzjstk; C:\Windows\System32\DRIVERS\rzjstk.sys [27816 2014-01-10] (Razer Inc)
R3 rzkeypadendpt; C:\Windows\System32\DRIVERS\rzkeypadendpt.sys [32936 2013-11-15] (Razer Inc)
R3 rzmpos; C:\Windows\System32\DRIVERS\rzmpos.sys [34984 2013-11-15] (Razer Inc)
S3 RzSynapse; C:\Windows\System32\DRIVERS\RzSynapse.sys [157184 2011-07-14] (Razer USA Ltd) [File not signed]
R3 VUSB3HUB; C:\Windows\System32\DRIVERS\ViaHub3.sys [205312 2012-01-20] (VIA Technologies, Inc.)
S3 XENfiltv; C:\Windows\System32\drivers\XENfiltv.sys [25600 2009-07-31] (Creative Technology Ltd.)
R3 xhcdrv; C:\Windows\System32\DRIVERS\xhcdrv.sys [254464 2012-01-20] (VIA Technologies, Inc.)
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S3 GGSAFERDriver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-08 18:06 - 2015-02-08 18:06 - 00016640 _____ () C:\Users\Michal\Desktop\FRST.txt
2015-02-08 18:06 - 2015-02-08 18:06 - 00000000 ____D () C:\Users\Michal\Desktop\FRST-OlderVersion
2015-02-08 17:51 - 2015-02-08 17:51 - 02132992 _____ (Farbar) C:\Users\Michal\Downloads\FRST64 (1).exe
2015-02-08 14:55 - 2015-02-08 14:50 - 00024064 _____ () C:\Windows\zoek-delete.exe
2015-02-08 14:50 - 2015-02-08 14:56 - 00008514 _____ () C:\zoek-results.log
2015-02-08 14:30 - 2015-02-08 14:30 - 00000000 ____D () C:\Users\Michal\Desktop\soubory
2015-02-08 14:30 - 2015-02-08 14:30 - 00000000 ____D () C:\Users\Michal\Desktop\hry 2
2015-02-08 13:56 - 2015-02-08 14:55 - 00000000 ____D () C:\zoek_backup
2015-02-08 13:30 - 2015-02-08 13:30 - 01295360 _____ () C:\Users\Michal\Desktop\zoek.exe
2015-02-08 13:29 - 2015-02-08 13:30 - 01388274 _____ (Thisisu) C:\Users\Michal\Desktop\JRT.exe
2015-02-06 23:33 - 2015-02-08 18:01 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0425cdd32c183.job
2015-02-06 23:33 - 2015-02-06 23:33 - 00003696 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1d0425cdd32c183
2015-02-06 18:29 - 2015-02-06 18:29 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-02-06 18:26 - 2015-02-06 18:27 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Michal\Downloads\mbam-setup-2.0.4.1028.exe
2015-02-05 18:31 - 2015-02-05 21:22 - 00000512 _____ () C:\PhysicalMBR.bin
2015-02-05 18:25 - 2015-02-05 18:24 - 00602112 _____ (OldTimer Tools) C:\Users\Michal\Desktop\OTL.exe
2015-02-04 23:46 - 2015-02-04 23:47 - 00243440 _____ () C:\Users\Michal\Downloads\Firefox Setup Stub 35.0.1 (1).exe
2015-02-04 22:53 - 2015-02-05 00:34 - 00000000 ____D () C:\AdwCleaner
2015-02-04 22:52 - 2015-02-08 18:06 - 02132992 _____ (Farbar) C:\Users\Michal\Desktop\FRST64.exe
2015-02-04 22:42 - 2015-02-04 22:40 - 02194432 _____ () C:\Users\Michal\Desktop\adwcleaner_4.109.exe
2015-02-04 22:40 - 2015-02-04 22:41 - 00823020 _____ () C:\Users\Michal\Downloads\adwcleaner_4.109.exe
2015-02-04 22:40 - 2015-02-04 22:41 - 00817180 _____ () C:\Users\Michal\Downloads\adwcleaner_4.109 (1).exe
2015-02-04 22:40 - 2015-02-04 22:41 - 00322240 _____ () C:\Users\Michal\Downloads\adwcleaner_4.109 (2).exe
2015-02-04 22:35 - 2015-02-08 18:01 - 00005320 _____ () C:\Windows\setupact.log
2015-02-04 22:23 - 2015-02-08 18:06 - 00000000 ____D () C:\FRST
2015-02-04 22:23 - 2015-02-04 22:32 - 00026721 _____ () C:\Users\Michal\Downloads\Addition.txt
2015-02-04 22:23 - 2015-02-04 22:23 - 00034812 _____ () C:\Users\Michal\Downloads\FRST.txt
2015-02-04 22:22 - 2015-02-04 22:22 - 02131968 _____ (Farbar) C:\Users\Michal\Downloads\FRST64.exe
2015-02-04 20:38 - 2015-02-04 23:47 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-02-04 20:37 - 2015-02-04 20:37 - 00243440 _____ () C:\Users\Michal\Downloads\Firefox Setup Stub 35.0.1.exe
2015-02-01 15:00 - 2015-02-01 15:13 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\Arc
2015-01-23 18:16 - 2015-01-23 18:05 - 00897960 _____ (Oracle Corporation) C:\Windows\SysWOW64\npdeployJava1.dll
2015-01-23 18:16 - 2015-01-23 18:05 - 00818088 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2015-01-18 15:56 - 2015-01-18 15:56 - 00000000 ____D () C:\Users\Michal\AppData\Local\Uber Entertainment
2015-01-14 18:31 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 18:31 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 18:31 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-14 18:31 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-14 18:31 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-14 18:31 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-14 18:31 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-14 18:31 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-14 18:31 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-14 18:31 - 2014-12-11 18:47 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 18:31 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 18:31 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-14 18:31 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-11 15:53 - 2015-01-11 15:54 - 00000000 ____D () C:\Users\Michal\Documents\Puzzle Quest
2015-01-11 15:21 - 2015-01-11 15:21 - 00007010 _____ () C:\Users\Michal\Desktop\Baen Ebooks Receipt.htm
2015-01-11 15:21 - 2015-01-11 15:21 - 00000000 ____D () C:\Users\Michal\Desktop\Baen Ebooks Receipt_files
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-08 18:01 - 2014-11-13 23:33 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cfff91d8ea63ea.job
2015-02-08 18:01 - 2014-10-22 17:27 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cfee1524ceec61.job
2015-02-08 18:01 - 2014-06-19 21:22 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf8bfc3abd2a84.job
2015-02-08 18:01 - 2012-08-22 13:36 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-02-08 18:01 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-08 17:57 - 2012-08-26 12:40 - 00408696 _____ () C:\Windows\system32\perfh011.dat
2015-02-08 17:57 - 2012-08-26 12:40 - 00122082 _____ () C:\Windows\system32\perfc011.dat
2015-02-08 17:57 - 2012-08-26 12:16 - 00375868 _____ () C:\Windows\system32\prfh0804.dat
2015-02-08 17:57 - 2012-08-26 12:16 - 00119574 _____ () C:\Windows\system32\prfc0804.dat
2015-02-08 17:57 - 2012-08-26 11:44 - 00420342 _____ () C:\Windows\system32\perfh012.dat
2015-02-08 17:57 - 2012-08-26 11:44 - 00120366 _____ () C:\Windows\system32\perfc012.dat
2015-02-08 17:57 - 2009-07-26 19:41 - 00668866 _____ () C:\Windows\system32\perfh005.dat
2015-02-08 17:57 - 2009-07-26 19:41 - 00141526 _____ () C:\Windows\system32\perfc005.dat
2015-02-08 17:57 - 2009-07-14 06:13 - 03151238 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-08 15:01 - 2009-07-14 05:45 - 00017264 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-08 15:01 - 2009-07-14 05:45 - 00017264 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-08 14:56 - 2012-08-22 14:47 - 00183506 _____ () C:\Windows\PFRO.log
2015-02-08 14:55 - 2012-08-22 13:09 - 00000000 ____D () C:\Users\Michal
2015-02-08 14:39 - 2012-08-22 13:32 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-08 14:37 - 2013-03-17 11:12 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-08 13:49 - 2012-08-22 13:09 - 01625784 _____ () C:\Windows\WindowsUpdate.log
2015-02-08 13:47 - 2014-10-22 17:27 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cfee1524e581f6.job
2015-02-08 13:44 - 2014-11-13 23:33 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cfff91d905665f.job
2015-02-07 09:05 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PLA
2015-02-06 23:33 - 2014-11-13 23:33 - 00003948 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1cfff91d905665f
2015-02-06 23:33 - 2014-11-13 23:33 - 00003696 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1cfff91d8ea63ea
2015-02-05 21:19 - 2012-08-23 21:09 - 00000000 ____D () C:\Program Files (x86)\Garena Plus
2015-02-05 18:33 - 2013-03-17 11:13 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-02-04 23:47 - 2012-08-22 18:15 - 00001163 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-02-04 23:47 - 2012-08-22 18:15 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-02-04 22:35 - 2012-08-22 13:32 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-02-04 21:37 - 2012-08-22 13:32 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-04 21:37 - 2012-08-22 13:32 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-04 21:00 - 2012-08-22 20:13 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\Skype
2015-02-04 20:02 - 2014-02-07 18:53 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\Battle.net
2015-02-04 20:02 - 2013-06-02 16:28 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\vlc
2015-02-04 20:02 - 2013-03-20 20:06 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2015-02-04 20:02 - 2013-03-17 11:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-02-04 20:02 - 2012-08-22 18:21 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\GHISLER
2015-02-04 20:02 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2015-02-04 18:49 - 2014-02-07 18:53 - 00000000 ____D () C:\Users\Michal\AppData\Local\Battle.net
2015-01-31 11:42 - 2012-08-22 21:42 - 00000000 ____D () C:\Users\Michal\AppData\Local\Skyrim
2015-01-31 11:40 - 2012-08-22 14:48 - 03105908 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-01-25 20:16 - 2012-09-17 15:13 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\mIRC
2015-01-23 18:16 - 2013-10-19 07:50 - 00000000 ____D () C:\ProgramData\Oracle
2015-01-23 18:16 - 2012-08-30 21:25 - 00000000 ____D () C:\Program Files (x86)\Java
2015-01-23 18:06 - 2013-01-23 18:31 - 00319912 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2015-01-23 18:06 - 2013-01-23 18:31 - 00191400 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2015-01-23 18:06 - 2013-01-23 18:31 - 00190888 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2015-01-23 18:06 - 2013-01-23 18:31 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-01-23 18:06 - 2013-01-23 18:31 - 00000000 ____D () C:\Program Files\Java
2015-01-23 18:05 - 2014-10-21 06:33 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-01-23 18:05 - 2013-06-20 05:58 - 00272296 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2015-01-23 18:05 - 2012-08-30 21:25 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2015-01-23 18:05 - 2012-08-30 21:25 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2015-01-21 22:19 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-01-21 22:16 - 2013-09-27 14:01 - 00000000 ____D () C:\ProgramData\Origin
2015-01-14 22:46 - 2013-07-17 18:04 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-14 22:41 - 2012-08-22 13:42 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-10 18:53 - 2015-01-01 12:13 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\Omerta
==================== Files in the root of some directories =======
2014-01-04 12:27 - 2003-09-03 07:46 - 0010960 _____ () C:\Program Files (x86)\EULA.txt
2014-01-04 12:27 - 2014-01-04 12:27 - 0000349 _____ () C:\Program Files (x86)\INSTALL.LOG
2014-01-04 12:27 - 2003-12-18 11:33 - 0020102 _____ () C:\Program Files (x86)\Readme.txt
2013-07-25 05:59 - 2010-01-26 10:11 - 0444283 _____ () C:\Program Files (x86)\Common Files\WinPcapNmap.exe
2012-08-23 21:19 - 2014-01-11 20:16 - 0045270 _____ () C:\Users\Michal\AppData\Roaming\room_v3.dat
Some content of TEMP:
====================
C:\Users\Michal\AppData\Local\Temp\linfmbig.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-02-04 18:39
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: () (Fixed) (Total:119.14 GB) (Free:30.35 GB) NTFS
Drive e: () (Fixed) (Total:931.51 GB) (Free:88.94 GB) NTFS
Drive f: () (Fixed) (Total:2794.39 GB) (Free:2004.96 GB) NTFS
Available physical RAM: 7149.52 MB
Total physical RAM: 8153.81 MB
Percentage of memory in use: 12%
==================== MBR and Partition Table ==================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: F4E60BF0)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=119.1 GB) - (Type=07 NTFS)
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 7E341E7C)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 2794.5 GB) (Disk ID: 00000000)
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf8bfc3abd2a84.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cfee1524ceec61.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cfff91d8ea63ea.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0425cdd32c183.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cfee1524e581f6.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cfff91d905665f.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AV: ESET Smart Security 8.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: ESET Personální firewall (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Michal\Desktop" je 14 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-02-2015
Ran by Michal (administrator) on MICHAL-PC on 08-02-2015 18:06:33
Running from C:\Users\Michal\Desktop
Loaded Profiles: Michal (Available profiles: Michal)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Safe Mode (with Networking)
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(forum.viry.cz) C:\Users\Michal\Desktop\FRST-OlderVersion\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [VIAxHCUtl] => C:\VIA_XHCI\usb3Monitor.exe [331776 2011-07-12] (VIA Technologies, Inc.)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2352072 2014-05-30] (NVIDIA Corporation)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [10396440 2014-04-15] (Logitech Inc.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5595336 2014-10-01] (ESET)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5028464 2012-01-12] (VIA)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-11-29] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-01-27] (Intel Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [444760 2014-03-07] (Razer Inc.)
HKLM-x32\...\Run: [Razer Naga Driver] => C:\Program Files (x86)\Razer\Naga\RazerNagaSysTray.exe
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [843480 2014-12-12] (BlueStack Systems, Inc.)
HKU\S-1-5-21-1165194453-1350465406-1964235809-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672384 2012-04-11] (DT Soft Ltd)
HKU\S-1-5-21-1165194453-1350465406-1964235809-1000\...\Run: [Steam] => E:\Hry\Steam\steam.exe [1942720 2015-01-23] (Valve Corporation)
HKU\S-1-5-21-1165194453-1350465406-1964235809-1000\...\Run: [EA Core] => "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
HKU\S-1-5-21-1165194453-1350465406-1964235809-1000\...\Run: [GarenaPlus] => "C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe" -autolaunch
HKU\S-1-5-21-1165194453-1350465406-1964235809-1000\...\MountPoints2: {d21b7b33-ec51-11e1-bab1-806e6f6e6963} - D:\Run.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1165194453-1350465406-1964235809-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/f ... wflash.cab
Handler-x32: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files (x86)\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\aamz0g9g.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @java.com/DTPlugin,version=10.11.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Windows\SysWOW64\npdeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @t.garena.com/garenatalk -> C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll ( Garena)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1165194453-1350465406-1964235809-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Michal\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Extension: Personas Plus - C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\aamz0g9g.default\Extensions\personas@christopher.beard.xpi [2012-08-22]
FF Extension: Adblock Plus - C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\aamz0g9g.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-03-30]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
Chrome:
=======
CHR Profile: C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-08]
CHR Extension: (Dokumenty Google) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-03-17]
CHR Extension: (Disk Google) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-03-17]
CHR Extension: (YouTube) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-03-17]
CHR Extension: (Vyhledávání Google) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-03-17]
CHR Extension: (Tabulky Google) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-08]
CHR Extension: (AdBlock) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-03-30]
CHR Extension: (Peněženka Google) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-02]
CHR Extension: (Gmail) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-03-17]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [409304 2014-12-12] (BlueStack Systems, Inc.)
S2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [388824 2014-12-12] (BlueStack Systems, Inc.)
S2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [786136 2014-12-12] (BlueStack Systems, Inc.)
S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2014-04-22] (Creative Labs) [File not signed]
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2014-04-22] (Creative Labs) [File not signed]
S2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [423424 2011-10-19] (Creative Technology Ltd) [File not signed]
S3 DAUpdaterSvc; E:\Hry\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [25832 2013-12-06] (BioWare)
S2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1349576 2014-10-01] (ESET)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2011-12-16] (Intel Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1631008 2014-05-30] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21055432 2014-05-30] (NVIDIA Corporation)
S3 Origin Client Service; E:\Hry\Origin\OriginClientService.exe [1903472 2015-01-21] (Electronic Arts)
S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2014-03-16] ()
S2 RzOvlMon; C:\Program Files (x86)\Razer\Core\64bit\rzovlmon.exe [32960 2014-02-21] (Razer, Inc.)
S2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2012-01-10] (VIA Technologies, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 MozillaMaintenance; "C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe" [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21616 2011-11-02] ()
S2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [122072 2014-12-12] (BlueStack Systems)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-08-22] (DT Soft Ltd)
S1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [243440 2014-10-10] (ESET)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [241368 2014-10-10] (ESET)
S1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [169280 2014-10-10] (ESET)
S2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [222280 2014-10-10] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [44632 2014-10-10] (ESET)
S0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [63160 2014-10-10] (ESET)
S0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
S2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
S2 npf; C:\Windows\System32\drivers\npf.sys [47632 2010-01-27] (CACE Technologies, Inc.)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-05-30] (NVIDIA Corporation)
S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] ()
S3 RzDxgk; C:\Windows\system32\drivers\RzDxgk.sys [129472 2014-02-21] (Razer, Inc.)
R3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [39080 2013-11-15] (Razer Inc)
R0 RzFilter; C:\Windows\System32\drivers\RzFilter.sys [74432 2014-02-21] (Razer, Inc.)
S3 rzjoystk; C:\Windows\System32\DRIVERS\rzjoystk.sys [19968 2011-03-24] (Razer USA Ltd)
R3 rzjstk; C:\Windows\System32\DRIVERS\rzjstk.sys [27816 2014-01-10] (Razer Inc)
R3 rzkeypadendpt; C:\Windows\System32\DRIVERS\rzkeypadendpt.sys [32936 2013-11-15] (Razer Inc)
R3 rzmpos; C:\Windows\System32\DRIVERS\rzmpos.sys [34984 2013-11-15] (Razer Inc)
S3 RzSynapse; C:\Windows\System32\DRIVERS\RzSynapse.sys [157184 2011-07-14] (Razer USA Ltd) [File not signed]
R3 VUSB3HUB; C:\Windows\System32\DRIVERS\ViaHub3.sys [205312 2012-01-20] (VIA Technologies, Inc.)
S3 XENfiltv; C:\Windows\System32\drivers\XENfiltv.sys [25600 2009-07-31] (Creative Technology Ltd.)
R3 xhcdrv; C:\Windows\System32\DRIVERS\xhcdrv.sys [254464 2012-01-20] (VIA Technologies, Inc.)
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S3 GGSAFERDriver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-08 18:06 - 2015-02-08 18:06 - 00016640 _____ () C:\Users\Michal\Desktop\FRST.txt
2015-02-08 18:06 - 2015-02-08 18:06 - 00000000 ____D () C:\Users\Michal\Desktop\FRST-OlderVersion
2015-02-08 17:51 - 2015-02-08 17:51 - 02132992 _____ (Farbar) C:\Users\Michal\Downloads\FRST64 (1).exe
2015-02-08 14:55 - 2015-02-08 14:50 - 00024064 _____ () C:\Windows\zoek-delete.exe
2015-02-08 14:50 - 2015-02-08 14:56 - 00008514 _____ () C:\zoek-results.log
2015-02-08 14:30 - 2015-02-08 14:30 - 00000000 ____D () C:\Users\Michal\Desktop\soubory
2015-02-08 14:30 - 2015-02-08 14:30 - 00000000 ____D () C:\Users\Michal\Desktop\hry 2
2015-02-08 13:56 - 2015-02-08 14:55 - 00000000 ____D () C:\zoek_backup
2015-02-08 13:30 - 2015-02-08 13:30 - 01295360 _____ () C:\Users\Michal\Desktop\zoek.exe
2015-02-08 13:29 - 2015-02-08 13:30 - 01388274 _____ (Thisisu) C:\Users\Michal\Desktop\JRT.exe
2015-02-06 23:33 - 2015-02-08 18:01 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0425cdd32c183.job
2015-02-06 23:33 - 2015-02-06 23:33 - 00003696 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1d0425cdd32c183
2015-02-06 18:29 - 2015-02-06 18:29 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-02-06 18:26 - 2015-02-06 18:27 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Michal\Downloads\mbam-setup-2.0.4.1028.exe
2015-02-05 18:31 - 2015-02-05 21:22 - 00000512 _____ () C:\PhysicalMBR.bin
2015-02-05 18:25 - 2015-02-05 18:24 - 00602112 _____ (OldTimer Tools) C:\Users\Michal\Desktop\OTL.exe
2015-02-04 23:46 - 2015-02-04 23:47 - 00243440 _____ () C:\Users\Michal\Downloads\Firefox Setup Stub 35.0.1 (1).exe
2015-02-04 22:53 - 2015-02-05 00:34 - 00000000 ____D () C:\AdwCleaner
2015-02-04 22:52 - 2015-02-08 18:06 - 02132992 _____ (Farbar) C:\Users\Michal\Desktop\FRST64.exe
2015-02-04 22:42 - 2015-02-04 22:40 - 02194432 _____ () C:\Users\Michal\Desktop\adwcleaner_4.109.exe
2015-02-04 22:40 - 2015-02-04 22:41 - 00823020 _____ () C:\Users\Michal\Downloads\adwcleaner_4.109.exe
2015-02-04 22:40 - 2015-02-04 22:41 - 00817180 _____ () C:\Users\Michal\Downloads\adwcleaner_4.109 (1).exe
2015-02-04 22:40 - 2015-02-04 22:41 - 00322240 _____ () C:\Users\Michal\Downloads\adwcleaner_4.109 (2).exe
2015-02-04 22:35 - 2015-02-08 18:01 - 00005320 _____ () C:\Windows\setupact.log
2015-02-04 22:23 - 2015-02-08 18:06 - 00000000 ____D () C:\FRST
2015-02-04 22:23 - 2015-02-04 22:32 - 00026721 _____ () C:\Users\Michal\Downloads\Addition.txt
2015-02-04 22:23 - 2015-02-04 22:23 - 00034812 _____ () C:\Users\Michal\Downloads\FRST.txt
2015-02-04 22:22 - 2015-02-04 22:22 - 02131968 _____ (Farbar) C:\Users\Michal\Downloads\FRST64.exe
2015-02-04 20:38 - 2015-02-04 23:47 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-02-04 20:37 - 2015-02-04 20:37 - 00243440 _____ () C:\Users\Michal\Downloads\Firefox Setup Stub 35.0.1.exe
2015-02-01 15:00 - 2015-02-01 15:13 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\Arc
2015-01-23 18:16 - 2015-01-23 18:05 - 00897960 _____ (Oracle Corporation) C:\Windows\SysWOW64\npdeployJava1.dll
2015-01-23 18:16 - 2015-01-23 18:05 - 00818088 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2015-01-18 15:56 - 2015-01-18 15:56 - 00000000 ____D () C:\Users\Michal\AppData\Local\Uber Entertainment
2015-01-14 18:31 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 18:31 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 18:31 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-14 18:31 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-14 18:31 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-14 18:31 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-14 18:31 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-14 18:31 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-14 18:31 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-14 18:31 - 2014-12-11 18:47 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 18:31 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 18:31 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-14 18:31 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-11 15:53 - 2015-01-11 15:54 - 00000000 ____D () C:\Users\Michal\Documents\Puzzle Quest
2015-01-11 15:21 - 2015-01-11 15:21 - 00007010 _____ () C:\Users\Michal\Desktop\Baen Ebooks Receipt.htm
2015-01-11 15:21 - 2015-01-11 15:21 - 00000000 ____D () C:\Users\Michal\Desktop\Baen Ebooks Receipt_files
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-08 18:01 - 2014-11-13 23:33 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cfff91d8ea63ea.job
2015-02-08 18:01 - 2014-10-22 17:27 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cfee1524ceec61.job
2015-02-08 18:01 - 2014-06-19 21:22 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf8bfc3abd2a84.job
2015-02-08 18:01 - 2012-08-22 13:36 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-02-08 18:01 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-08 17:57 - 2012-08-26 12:40 - 00408696 _____ () C:\Windows\system32\perfh011.dat
2015-02-08 17:57 - 2012-08-26 12:40 - 00122082 _____ () C:\Windows\system32\perfc011.dat
2015-02-08 17:57 - 2012-08-26 12:16 - 00375868 _____ () C:\Windows\system32\prfh0804.dat
2015-02-08 17:57 - 2012-08-26 12:16 - 00119574 _____ () C:\Windows\system32\prfc0804.dat
2015-02-08 17:57 - 2012-08-26 11:44 - 00420342 _____ () C:\Windows\system32\perfh012.dat
2015-02-08 17:57 - 2012-08-26 11:44 - 00120366 _____ () C:\Windows\system32\perfc012.dat
2015-02-08 17:57 - 2009-07-26 19:41 - 00668866 _____ () C:\Windows\system32\perfh005.dat
2015-02-08 17:57 - 2009-07-26 19:41 - 00141526 _____ () C:\Windows\system32\perfc005.dat
2015-02-08 17:57 - 2009-07-14 06:13 - 03151238 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-08 15:01 - 2009-07-14 05:45 - 00017264 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-08 15:01 - 2009-07-14 05:45 - 00017264 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-08 14:56 - 2012-08-22 14:47 - 00183506 _____ () C:\Windows\PFRO.log
2015-02-08 14:55 - 2012-08-22 13:09 - 00000000 ____D () C:\Users\Michal
2015-02-08 14:39 - 2012-08-22 13:32 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-08 14:37 - 2013-03-17 11:12 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-08 13:49 - 2012-08-22 13:09 - 01625784 _____ () C:\Windows\WindowsUpdate.log
2015-02-08 13:47 - 2014-10-22 17:27 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cfee1524e581f6.job
2015-02-08 13:44 - 2014-11-13 23:33 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cfff91d905665f.job
2015-02-07 09:05 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PLA
2015-02-06 23:33 - 2014-11-13 23:33 - 00003948 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1cfff91d905665f
2015-02-06 23:33 - 2014-11-13 23:33 - 00003696 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1cfff91d8ea63ea
2015-02-05 21:19 - 2012-08-23 21:09 - 00000000 ____D () C:\Program Files (x86)\Garena Plus
2015-02-05 18:33 - 2013-03-17 11:13 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-02-04 23:47 - 2012-08-22 18:15 - 00001163 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-02-04 23:47 - 2012-08-22 18:15 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-02-04 22:35 - 2012-08-22 13:32 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-02-04 21:37 - 2012-08-22 13:32 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-04 21:37 - 2012-08-22 13:32 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-04 21:00 - 2012-08-22 20:13 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\Skype
2015-02-04 20:02 - 2014-02-07 18:53 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\Battle.net
2015-02-04 20:02 - 2013-06-02 16:28 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\vlc
2015-02-04 20:02 - 2013-03-20 20:06 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2015-02-04 20:02 - 2013-03-17 11:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-02-04 20:02 - 2012-08-22 18:21 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\GHISLER
2015-02-04 20:02 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2015-02-04 18:49 - 2014-02-07 18:53 - 00000000 ____D () C:\Users\Michal\AppData\Local\Battle.net
2015-01-31 11:42 - 2012-08-22 21:42 - 00000000 ____D () C:\Users\Michal\AppData\Local\Skyrim
2015-01-31 11:40 - 2012-08-22 14:48 - 03105908 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-01-25 20:16 - 2012-09-17 15:13 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\mIRC
2015-01-23 18:16 - 2013-10-19 07:50 - 00000000 ____D () C:\ProgramData\Oracle
2015-01-23 18:16 - 2012-08-30 21:25 - 00000000 ____D () C:\Program Files (x86)\Java
2015-01-23 18:06 - 2013-01-23 18:31 - 00319912 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2015-01-23 18:06 - 2013-01-23 18:31 - 00191400 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2015-01-23 18:06 - 2013-01-23 18:31 - 00190888 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2015-01-23 18:06 - 2013-01-23 18:31 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-01-23 18:06 - 2013-01-23 18:31 - 00000000 ____D () C:\Program Files\Java
2015-01-23 18:05 - 2014-10-21 06:33 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-01-23 18:05 - 2013-06-20 05:58 - 00272296 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2015-01-23 18:05 - 2012-08-30 21:25 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2015-01-23 18:05 - 2012-08-30 21:25 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2015-01-21 22:19 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-01-21 22:16 - 2013-09-27 14:01 - 00000000 ____D () C:\ProgramData\Origin
2015-01-14 22:46 - 2013-07-17 18:04 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-14 22:41 - 2012-08-22 13:42 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-10 18:53 - 2015-01-01 12:13 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\Omerta
==================== Files in the root of some directories =======
2014-01-04 12:27 - 2003-09-03 07:46 - 0010960 _____ () C:\Program Files (x86)\EULA.txt
2014-01-04 12:27 - 2014-01-04 12:27 - 0000349 _____ () C:\Program Files (x86)\INSTALL.LOG
2014-01-04 12:27 - 2003-12-18 11:33 - 0020102 _____ () C:\Program Files (x86)\Readme.txt
2013-07-25 05:59 - 2010-01-26 10:11 - 0444283 _____ () C:\Program Files (x86)\Common Files\WinPcapNmap.exe
2012-08-23 21:19 - 2014-01-11 20:16 - 0045270 _____ () C:\Users\Michal\AppData\Roaming\room_v3.dat
Some content of TEMP:
====================
C:\Users\Michal\AppData\Local\Temp\linfmbig.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-02-04 18:39
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: () (Fixed) (Total:119.14 GB) (Free:30.35 GB) NTFS
Drive e: () (Fixed) (Total:931.51 GB) (Free:88.94 GB) NTFS
Drive f: () (Fixed) (Total:2794.39 GB) (Free:2004.96 GB) NTFS
Available physical RAM: 7149.52 MB
Total physical RAM: 8153.81 MB
Percentage of memory in use: 12%
==================== MBR and Partition Table ==================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: F4E60BF0)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=119.1 GB) - (Type=07 NTFS)
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 7E341E7C)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 2794.5 GB) (Disk ID: 00000000)
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf8bfc3abd2a84.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cfee1524ceec61.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cfff91d8ea63ea.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0425cdd32c183.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cfee1524e581f6.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cfff91d905665f.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AV: ESET Smart Security 8.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: ESET Personální firewall (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Michal\Desktop" je 14 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
- Přílohy
-
- Addition.rar
- (10.49 KiB) Staženo 63 x
Re: Zamrzávající prohlížeč, zpomalené PC
Odinstalujte jeden z Antiviru. Bezi tam Eset a MSE. Jeden musi pryc! Otevrete si poznamkovy blok a zkopirujte do nej tento skript
Kód: Vybrat vše
Start
CloseProcesses:
CreateRestorePoint:
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-1165194453-1350465406-1964235809-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672384 2012-04-11] (DT Soft Ltd)
HKU\S-1-5-21-1165194453-1350465406-1964235809-1000\...\Run: [Steam] => E:\Hry\Steam\steam.exe [1942720 2015-01-23] (Valve Corporation)
HKU\S-1-5-21-1165194453-1350465406-1964235809-1000\...\Run: [GarenaPlus] => "C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe" -autolaunch
S3 GGSAFERDriver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
2015-02-08 14:55 - 2015-02-08 14:50 - 00024064 _____ () C:\Windows\zoek-delete.exe
2015-02-08 14:50 - 2015-02-08 14:56 - 00008514 _____ () C:\zoek-results.log
2015-02-08 13:56 - 2015-02-08 14:55 - 00000000 ____D () C:\zoek_backup
2015-02-06 18:26 - 2015-02-06 18:27 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Michal\Downloads\mbam-setup-2.0.4.1028.exe
2015-02-04 20:02 - 2013-03-20 20:06 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf8bfc3abd2a84.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cfee1524ceec61.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cfff91d8ea63ea.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0425cdd32c183.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cfee1524e581f6.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cfff91d905665f.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Hosts:
EmptyTemp:
Reboot:
EndKliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
-
blackspectre
- Návštěvník
- Příspěvky: 30
- Registrován: 04 úno 2015 23:39
Re: Zamrzávající prohlížeč, zpomalené PC
Zde výpis z logu:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 08-02-2015
Ran by Michal at 2015-02-09 11:20:17 Run:1
Running from C:\Users\Michal\Desktop
Loaded Profiles: Michal (Available profiles: Michal)
Boot Mode: Safe Mode (with Networking)
==============================================
Content of fixlist:
*****************
Start
CloseProcesses:
CreateRestorePoint:
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-1165194453-1350465406-1964235809-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672384 2012-04-11] (DT Soft Ltd)
HKU\S-1-5-21-1165194453-1350465406-1964235809-1000\...\Run: [Steam] => E:\Hry\Steam\steam.exe [1942720 2015-01-23] (Valve Corporation)
HKU\S-1-5-21-1165194453-1350465406-1964235809-1000\...\Run: [GarenaPlus] => "C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe" -autolaunch
S3 GGSAFERDriver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
2015-02-08 14:55 - 2015-02-08 14:50 - 00024064 _____ () C:\Windows\zoek-delete.exe
2015-02-08 14:50 - 2015-02-08 14:56 - 00008514 _____ () C:\zoek-results.log
2015-02-08 13:56 - 2015-02-08 14:55 - 00000000 ____D () C:\zoek_backup
2015-02-06 18:26 - 2015-02-06 18:27 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Michal\Downloads\mbam-setup-2.0.4.1028.exe
2015-02-04 20:02 - 2013-03-20 20:06 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf8bfc3abd2a84.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cfee1524ceec61.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cfff91d8ea63ea.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0425cdd32c183.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cfee1524e581f6.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cfff91d905665f.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Hosts:
EmptyTemp:
Reboot:
End
*****************
Processes closed successfully.
Error: Restore point can only be created in normal mode.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKU\S-1-5-21-1165194453-1350465406-1964235809-1000\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => value deleted successfully.
HKU\S-1-5-21-1165194453-1350465406-1964235809-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Steam => value deleted successfully.
HKU\S-1-5-21-1165194453-1350465406-1964235809-1000\Software\Microsoft\Windows\CurrentVersion\Run\\GarenaPlus => value deleted successfully.
GGSAFERDriver => Service deleted successfully.
MBAMSwissArmy => Service deleted successfully.
C:\Windows\zoek-delete.exe => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\Michal\Downloads\mbam-setup-2.0.4.1028.exe => Moved successfully.
C:\ProgramData\Spybot - Search & Destroy => Moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf8bfc3abd2a84.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cfee1524ceec61.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cfff91d8ea63ea.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0425cdd32c183.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cfee1524e581f6.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cfff91d905665f.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 250.2 MB temporary data.
The system needed a reboot.
==== End of Fixlog 11:20:18 ====
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 08-02-2015
Ran by Michal at 2015-02-09 11:20:17 Run:1
Running from C:\Users\Michal\Desktop
Loaded Profiles: Michal (Available profiles: Michal)
Boot Mode: Safe Mode (with Networking)
==============================================
Content of fixlist:
*****************
Start
CloseProcesses:
CreateRestorePoint:
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-1165194453-1350465406-1964235809-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672384 2012-04-11] (DT Soft Ltd)
HKU\S-1-5-21-1165194453-1350465406-1964235809-1000\...\Run: [Steam] => E:\Hry\Steam\steam.exe [1942720 2015-01-23] (Valve Corporation)
HKU\S-1-5-21-1165194453-1350465406-1964235809-1000\...\Run: [GarenaPlus] => "C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe" -autolaunch
S3 GGSAFERDriver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
2015-02-08 14:55 - 2015-02-08 14:50 - 00024064 _____ () C:\Windows\zoek-delete.exe
2015-02-08 14:50 - 2015-02-08 14:56 - 00008514 _____ () C:\zoek-results.log
2015-02-08 13:56 - 2015-02-08 14:55 - 00000000 ____D () C:\zoek_backup
2015-02-06 18:26 - 2015-02-06 18:27 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Michal\Downloads\mbam-setup-2.0.4.1028.exe
2015-02-04 20:02 - 2013-03-20 20:06 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf8bfc3abd2a84.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cfee1524ceec61.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cfff91d8ea63ea.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0425cdd32c183.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cfee1524e581f6.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cfff91d905665f.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Hosts:
EmptyTemp:
Reboot:
End
*****************
Processes closed successfully.
Error: Restore point can only be created in normal mode.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKU\S-1-5-21-1165194453-1350465406-1964235809-1000\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => value deleted successfully.
HKU\S-1-5-21-1165194453-1350465406-1964235809-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Steam => value deleted successfully.
HKU\S-1-5-21-1165194453-1350465406-1964235809-1000\Software\Microsoft\Windows\CurrentVersion\Run\\GarenaPlus => value deleted successfully.
GGSAFERDriver => Service deleted successfully.
MBAMSwissArmy => Service deleted successfully.
C:\Windows\zoek-delete.exe => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\Michal\Downloads\mbam-setup-2.0.4.1028.exe => Moved successfully.
C:\ProgramData\Spybot - Search & Destroy => Moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf8bfc3abd2a84.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cfee1524ceec61.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cfff91d8ea63ea.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0425cdd32c183.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cfee1524e581f6.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cfff91d905665f.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 250.2 MB temporary data.
The system needed a reboot.
==== End of Fixlog 11:20:18 ====
-
blackspectre
- Návštěvník
- Příspěvky: 30
- Registrován: 04 úno 2015 23:39
Re: Zamrzávající prohlížeč, zpomalené PC
Po provedení fixu se, se chod PC zrychlil a Mozilla se už nezasekává. Také se mi podařilo odinstalovat MSE, před provedením fixu to nešlo, protože se PC zaseknul, když jsme se znažil dostat do ovládacích panelů.
Problém s Adblockem nakonec vyřešila nová instalace, normálně Chrome nepoužívám, je tedy možné, že to s hlavním problémem nesouviselo.
Problém s Adblockem nakonec vyřešila nová instalace, normálně Chrome nepoužívám, je tedy možné, že to s hlavním problémem nesouviselo.
Re: Zamrzávající prohlížeč, zpomalené PC
Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce) vyosek píše:
- Stahnete a spustte
- Ponechte zatrzitkou pouze u volby Remote disinfection tools
- Kliknete na Run
Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)
Defragmentujte disk(y) (SSD Disky ne!)Stahnete program Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
Pri instalaci opet pozor na toolbar a dalsi nesmysly.
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.
Pak napiste, jak je na tom pc.Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
-
blackspectre
- Návštěvník
- Příspěvky: 30
- Registrován: 04 úno 2015 23:39
Re: Zamrzávající prohlížeč, zpomalené PC
Vše výše provedeno. PC běží svižně, s prohlížečem také nejsou žádné problémy. Z mé strany se zdá, že už vše funguje tak jak má.
Re: Zamrzávající prohlížeč, zpomalené PC
Fajn
Tak pc den dva testujte a napiste, jak to vypada. Pokud bude vse v poradku, mame hotovo
Tak pc den dva testujte a napiste, jak to vypada. Pokud bude vse v poradku, mame hotovo
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
-
blackspectre
- Návštěvník
- Příspěvky: 30
- Registrován: 04 úno 2015 23:39
Re: Zamrzávající prohlížeč, zpomalené PC
Dobrá děkuji, ke konci týdne se ozvu.
Re: Zamrzávající prohlížeč, zpomalené PC
OK
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
-
blackspectre
- Návštěvník
- Příspěvky: 30
- Registrován: 04 úno 2015 23:39
Re: Zamrzávající prohlížeč, zpomalené PC
Tak PC chodí bez potíží. Předpokládám tedy, že postupy, které jste připravil zabraly a zákeřná nákaza byla odstraněna. Za mě tedy rozhodně velký dík za Vaši pomoc. Posílám příspěvek na chod fóra a ještě jednou díky.
Re: Zamrzávající prohlížeč, zpomalené PC
To jsem rad
Nemate vubec zac!
Za pripadny prispevek dekujeme
Mejte se a treba zase nekdy
Nemate vubec zac!
Za pripadny prispevek dekujeme
Mejte se a treba zase nekdy
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Přispějete na provoz fóra?