Dobrý den,
dneska mi zamrznul NB a už je to delší doba co jsem ho nechával prověřit, proto prosím o kontrolu logu, předem děkuji.
aScan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-09-2016
Ran by Luke (administrator) on LUKE-PC (27-09-2016 21:21:15)
Running from C:\Users\Luke\Desktop
Loaded Profiles: Luke (Available Profiles: Luke)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) D:\Programy\Avast\AvastSvc.exe
() C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe
(Motorola Inc.) C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\System Control Manager\MSIService.exe
(O2Micro International) C:\Windows\System32\drivers\o2flash.exe
() C:\Program Files (x86)\proXPN\bin\proXpnService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Connectify) C:\Program Files (x86)\Connectify\ConnectifyService.exe
(Connectify) C:\Program Files (x86)\Connectify\Connectifyd.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe
(AVAST Software) D:\Programy\Avast\AvastUI.exe
(Mozilla Corporation) D:\Programy\Mozilla Firefox\firefox.exe
(forum.viry.cz) C:\Users\Luke\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SMSERIAL] => C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [1702400 2009-05-05] (Motorola Inc.)
HKLM-x32\...\Run: [MGSysCtrl] => C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe [2244608 2009-11-06] (Micro-Star International Co., Ltd.)
HKLM-x32\...\Run: [AvastUI.exe] => d:\Programy\Avast\AvastUI.exe [9107616 2016-09-26] (AVAST Software)
HKU\S-1-5-21-3018940299-4034966965-747033422-1000\...\Run: [DAEMON Tools Lite] => D:\Programy\DAEMON Tools Lite\DTLite.exe [4910912 2011-08-02] (DT Soft Ltd)
HKU\S-1-5-21-3018940299-4034966965-747033422-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8894680 2016-08-05] (Piriform Ltd)
HKU\S-1-5-21-3018940299-4034966965-747033422-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\avastSS.scr [53208 2016-09-26] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => d:\Programy\Avast\ashShA64.dll [2016-09-26] (AVAST Software)
BootExecute: autocheck autochk /p \??\G:autocheck autochk *
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 62.129.50.20 85.135.32.100
Tcpip\..\Interfaces\{6942569A-13AF-413E-9BB0-DBFC228DDE3A}: [DhcpNameServer] 62.129.50.20 85.135.32.100
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3018940299-4034966965-747033422-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3018940299-4034966965-747033422-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3018940299-4034966965-747033422-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://seznam.cz/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-05-23] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> d:\Programy\Avast\aswWebRepIE64.dll [2016-09-26] (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-05-23] (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> D:\Programy\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-05-23] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> d:\Programy\Avast\aswWebRepIE.dll [2016-09-26] (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-05-23] (Oracle Corporation)
Handler-x32: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\Programy\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Luke\AppData\Roaming\Mozilla\Firefox\Profiles\4e5nnssu.default
FF DefaultSearchUrl:
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.seznam.cz/
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_162.dll [2016-09-13] ()
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-05-23] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-23] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2011-09-30] (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_162.dll [2016-09-13] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-05-23] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-23] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2011-09-30] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> d:\Programy\VLC\npvlc.dll [2014-02-05] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-07-28] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3018940299-4034966965-747033422-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Luke\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2012-12-07] (Unity Technologies ApS)
FF Extension: (Fasterfox Lite) - C:\Users\Luke\AppData\Roaming\Mozilla\Firefox\Profiles\4e5nnssu.default\extensions\FasterFox_Lite@BigRedBrent [2016-04-27]
FF Extension: (Adblock Plus Pop-up Addon) - C:\Users\Luke\AppData\Roaming\Mozilla\Firefox\Profiles\4e5nnssu.default\extensions\adblockpopups@jessehakanen.net.xpi [2016-04-27]
FF Extension: (NoScript) - C:\Users\Luke\AppData\Roaming\Mozilla\Firefox\Profiles\4e5nnssu.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-08-09]
FF Extension: (iMacros for Firefox) - C:\Users\Luke\AppData\Roaming\Mozilla\Firefox\Profiles\4e5nnssu.default\Extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}.xpi [2016-08-25]
FF Extension: (Easy Youtube Video Downloader Express) - C:\Users\Luke\AppData\Roaming\Mozilla\Firefox\Profiles\4e5nnssu.default\Extensions\{b9acf540-acba-11e1-8ccb-001fd0e08bd4}.xpi [2016-09-04]
FF Extension: (Adblock Plus) - C:\Users\Luke\AppData\Roaming\Mozilla\Firefox\Profiles\4e5nnssu.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-30]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - d:\Programy\Avast\WebRep\FF
FF Extension: (Avast Online Security) - d:\Programy\Avast\WebRep\FF [2016-09-26]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - d:\Programy\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - d:\Programy\Avast\SafePrice\FF [2016-09-26]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - d:\Programy\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - d:\Programy\Avast\SafePrice\FF
StartMenuInternet: FIREFOX.EXE - D:\Programy\Mozilla Firefox\firefox.exe
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - d:\Programy\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; d:\Programy\Avast\AvastSvc.exe [197128 2016-09-26] (AVAST Software)
R2 Connectify; C:\Program Files (x86)\Connectify\ConnectifyService.exe [256568 2016-08-11] (Connectify)
R2 DokanMounter; C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe [14848 2011-01-10] () [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 Micro Star SCM; C:\Program Files (x86)\System Control Manager\MSIService.exe [160768 2009-07-09] (Micro-Star International Co., Ltd.) [File not signed]
S3 Microsoft Office Groove Audit Service; D:\Programy\Microsoft Office\Office12\GrooveAuditService.exe [64856 2009-02-26] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
R2 proXPN VPN; C:\Program Files (x86)\proXPN\bin\proXPNService.exe [127352 2016-05-17] ()
S2 SkypeUpdate; D:\Programy\Skype\Updater\Updater.exe [324224 2016-07-25] (Skype Technologies)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
U4 AvastVBoxSvc; "d:\Programy\Avast\ng\vbox\AvastVBoxSVC.exe" [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-09-26] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-09-26] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-09-26] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-09-26] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-09-26] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969184 2016-09-26] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513632 2016-09-26] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-09-26] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [292704 2016-09-26] (AVAST Software)
R1 cfywlan1; C:\Windows\System32\DRIVERS\cfywlan1.sys [36736 2016-09-25] (Connectify)
R1 cnnctfy3; C:\Windows\System32\DRIVERS\cnnctfy3.sys [43872 2016-09-25] (Connectify)
R2 Dokan; C:\Windows\system32\drivers\dokan.sys [120408 2011-01-10] (Windows (R) Win 7 DDK provider)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [270912 2011-10-01] (DT Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [18528 2014-11-18] ()
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [14944 2014-11-18] ()
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [10848 2014-11-18] ()
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [10208 2014-11-18] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2015-10-13] (NVIDIA Corporation)
R3 O2MDRDR; C:\Windows\System32\DRIVERS\o2mdx64.sys [64160 2009-07-14] (O2Micro )
R3 smserial; C:\Windows\System32\DRIVERS\smserial.sys [1202688 2009-05-05] (Motorola Inc.)
S3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam64.sys [14464 2009-02-13] (Western Digital Technologies) [File not signed]
S3 MSI_MSIBIOS_010507; \??\d:\Programy\MSI\Live Update 5\msibios64_100507.sys [X]
S3 NTIOLib_1_0_4; \??\d:\Programy\MSI\Live Update 5\NTIOLib_X64.sys [X]
U4 VBoxAswDrv; \??\d:\Programy\Avast\ng\vbox\VBoxAswDrv.sys [X]
S0 vmci; system32\DRIVERS\vmci.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-09-27 21:21 - 2016-09-27 21:21 - 00014459 _____ C:\Users\Luke\Desktop\FRST.txt
2016-09-27 21:20 - 2016-09-27 21:21 - 00000000 ____D C:\FRST
2016-09-27 21:19 - 2016-09-27 21:19 - 00112640 _____ (forum.viry.cz) C:\Users\Luke\Desktop\FRSTLauncher.exe
2016-09-27 21:12 - 2016-09-27 21:12 - 02403328 _____ (Farbar) C:\Users\Luke\Desktop\FRST64.exe
2016-09-27 13:31 - 2016-09-27 13:33 - 00000000 ____D C:\temp
2016-09-26 16:41 - 2016-09-26 16:41 - 00992960 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2016-09-26 16:41 - 2016-09-26 16:41 - 00921280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2016-09-26 16:41 - 2016-09-26 16:41 - 00391496 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-09-26 16:41 - 2016-09-26 16:41 - 00053208 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-09-25 12:59 - 2016-09-25 12:59 - 00000394 _____ C:\Users\Public\Desktop\Connectify Hotspot 2016.lnk
2016-09-25 12:59 - 2016-09-25 12:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Connectify 2016
2016-09-25 12:57 - 2016-09-25 13:34 - 00000000 ____D C:\Program Files (x86)\Connectify
2016-09-25 12:57 - 2016-09-25 12:57 - 00043872 _____ (Connectify) C:\Windows\system32\Drivers\cnnctfy3.sys
2016-09-25 12:57 - 2016-09-25 12:57 - 00036736 _____ (Connectify) C:\Windows\system32\Drivers\cfywlan1.sys
2016-09-25 12:04 - 2016-09-25 13:02 - 00000000 ____D C:\ProgramData\Connectify
2016-09-15 11:31 - 2016-09-15 11:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Partition Master 10.8
2016-09-15 11:31 - 2016-09-15 11:31 - 00000915 _____ C:\Users\Luke\Desktop\EaseUS Partition Master 10.8.lnk
2016-09-15 11:31 - 2015-09-21 00:30 - 03557000 _____ C:\Windows\system32\BootMan.exe
2016-09-15 11:31 - 2015-09-21 00:19 - 02658952 _____ C:\Windows\SysWOW64\BootMan.exe
2016-09-15 11:31 - 2014-11-18 14:46 - 00021088 _____ C:\Windows\SysWOW64\EuEpmGdi.dll
2016-09-15 11:31 - 2014-11-18 14:46 - 00017504 _____ C:\Windows\system32\EuEpmGdi.dll
2016-09-15 11:31 - 2014-11-18 14:39 - 00018528 _____ C:\Windows\system32\epmntdrv.sys
2016-09-15 11:31 - 2014-11-18 14:39 - 00014944 _____ C:\Windows\SysWOW64\epmntdrv.sys
2016-09-15 11:31 - 2014-11-18 14:39 - 00010848 _____ C:\Windows\system32\EuGdiDrv.sys
2016-09-15 11:31 - 2014-11-18 14:39 - 00010208 _____ C:\Windows\SysWOW64\EuGdiDrv.sys
2016-09-15 11:31 - 2014-11-18 14:38 - 00101984 _____ C:\Windows\system32\setupempdrvx64.exe
2016-09-15 11:31 - 2014-11-18 14:38 - 00088160 _____ C:\Windows\SysWOW64\setupempdrv03.exe
2016-08-30 07:57 - 2016-08-30 07:57 - 00000000 ____D C:\Program Files (x86)\Skype
2016-08-29 07:18 - 2016-09-02 10:33 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-08-29 07:18 - 2016-08-29 07:18 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-08-28 17:28 - 2016-08-28 17:28 - 00000000 ____D C:\Users\Luke\Documents\SkidRow
2016-08-28 17:28 - 2016-08-28 17:28 - 00000000 ____D C:\Users\Luke\AppData\Local\BLACKHOLE
2016-08-28 17:20 - 2016-08-28 17:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FiolaSoft Studio
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-09-27 20:58 - 2009-07-14 06:45 - 00031312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-09-27 20:58 - 2009-07-14 06:45 - 00031312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-09-27 20:57 - 2012-04-13 17:48 - 00000000 ___RD C:\Users\Luke\Desktop\games
2016-09-27 20:52 - 2012-07-08 13:15 - 00000435 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2016-09-27 20:52 - 2012-01-21 09:26 - 00007597 _____ C:\Users\Luke\AppData\Local\Resmon.ResmonCfg
2016-09-27 20:51 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-09-27 20:50 - 2012-06-05 07:28 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-09-27 20:49 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-09-27 18:20 - 2011-04-12 10:34 - 00669132 _____ C:\Windows\system32\perfh005.dat
2016-09-27 18:20 - 2011-04-12 10:34 - 00141760 _____ C:\Windows\system32\perfc005.dat
2016-09-27 18:20 - 2009-07-14 07:13 - 01584626 _____ C:\Windows\system32\PerfStringBackup.INI
2016-09-27 18:10 - 2011-10-01 07:36 - 00000000 ____D C:\Users\Luke\AppData\Roaming\Media Player Classic
2016-09-27 17:10 - 2012-02-21 23:46 - 00003962 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{019F7B96-477B-404E-9997-AF0C8B76BC04}
2016-09-27 09:39 - 2014-03-06 13:22 - 00000000 ____D C:\Users\Luke\AppData\Local\Battle.net
2016-09-26 21:47 - 2016-03-23 06:55 - 00003888 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1458708905
2016-09-26 16:43 - 2011-09-30 17:31 - 00513632 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2016-09-26 16:43 - 2011-09-30 17:30 - 00969184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2016-09-26 16:42 - 2012-07-15 17:42 - 00003882 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-09-26 16:41 - 2016-03-23 06:54 - 00037144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2016-09-26 16:41 - 2015-01-05 19:35 - 00163416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2016-09-26 16:41 - 2015-01-05 19:35 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-09-26 16:41 - 2013-03-19 10:51 - 00292704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2016-09-26 16:41 - 2013-03-19 10:51 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-09-26 16:41 - 2012-04-02 11:41 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2016-09-26 16:41 - 2011-09-30 17:31 - 00513496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.147490101526710
2016-09-26 16:41 - 2011-09-30 17:30 - 00969560 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.147490101273907
2016-09-26 16:41 - 2011-09-30 17:30 - 00108816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2016-09-25 18:47 - 2011-10-01 08:10 - 00000000 ____D C:\Users\Luke\AppData\Roaming\uTorrent
2016-09-25 18:45 - 2015-09-19 17:47 - 00000000 ____D C:\Users\Luke\AppData\LocalLow\uTorrent
2016-09-25 17:45 - 2012-02-08 18:08 - 00000000 ____D C:\Users\Luke\AppData\Roaming\vlc
2016-09-25 08:35 - 2012-05-14 10:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-09-23 20:33 - 2013-02-06 20:59 - 00000000 ____D C:\Users\Luke\AppData\Roaming\Skype
2016-09-23 19:33 - 2013-02-06 20:58 - 00000000 ____D C:\ProgramData\Skype
2016-09-22 06:53 - 2009-07-14 07:08 - 00032536 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-09-17 15:24 - 2015-06-01 21:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\webium's modpack
2016-09-15 17:22 - 2014-12-31 12:28 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-09-13 19:50 - 2012-06-05 07:28 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-09-13 19:50 - 2012-06-05 07:28 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-09-13 19:50 - 2012-03-25 22:31 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-09-13 19:50 - 2012-01-14 10:08 - 00000000 ____D C:\Windows\system32\Macromed
2016-09-13 19:50 - 2011-09-30 17:41 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-09-06 20:34 - 2012-07-01 18:17 - 00000000 ____D C:\Users\Luke\AppData\Roaming\AIMP3
2016-09-02 09:43 - 2011-09-30 20:52 - 00000000 ____D C:\Users\Luke\AppData\Local\Adobe
2016-08-29 07:18 - 2011-09-30 17:43 - 00000000 ____D C:\ProgramData\Adobe
2016-08-28 17:28 - 2011-10-01 07:40 - 00000000 ____D C:\Users\Luke\AppData\Roaming\DAEMON Tools Lite
2016-08-28 14:48 - 2015-12-09 21:01 - 00001066 _____ C:\Users\Luke\Desktop\1 26 33.txt
==================== Files in the root of some directories =======
2012-01-21 09:26 - 2016-09-27 20:52 - 0007597 _____ () C:\Users\Luke\AppData\Local\Resmon.ResmonCfg
2012-03-29 17:58 - 2012-01-29 17:58 - 0000032 ____R () C:\ProgramData\hash.dat
2014-05-30 11:41 - 2014-05-31 08:50 - 0001275 _____ () C:\ProgramData\hpzinstall.log
Files to move or delete:
====================
C:\ProgramData\hash.dat
Some files in TEMP:
====================
C:\Users\Luke\AppData\Local\Temp\proxy_vole1793012809778883444.dll
C:\Users\Luke\AppData\Local\Temp\proxy_vole397600058219924539.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-09-25 20:05
==================== End of FRST.txt ============================
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: () (Fixed) (Total:39.06 GB) (Free:3.56 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:259.03 GB) (Free:11.05 GB) NTFS
Available physical RAM: 2320.11 MB
Total physical RAM: 4095.16 MB
Percentage of memory in use: 43%
==================== MBR and Partition Table ==================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 00000001)
Partition 1: (Active) - (Size=39.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=259 GB) - (Type=07 NTFS)
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: Avast Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Luke\Desktop" je 9 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring
"C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Connectify Hotspot
C:\Program Files (x86)\Connectify\Connectify.exe autorun [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
"D:\Programy\DAEMON Tools Lite\DTLite.exe" -autorun [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EaseUS EPM tray
d:\Programy\EaseUS Partition Master 10.8\bin\EpmNews.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EaseUS EPM Tray Agent
"d:\Programy\EaseUS Partition Master 10.8\bin\TrayPopupE\TrayTipAgentE.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor
"D:\Programy\Microsoft Office\Office12\GrooveMonitor.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent
"C:\Users\Luke\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\XboxStat
"C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth Manager.lnk
C:\PROGRA~2\Toshiba\BLUETO~1\TosBtMng.exe
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu.
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Prosím o kontrolu.
- Přílohy
-
- Addition.zip
- (11.96 KiB) Staženo 92 x
Re: Prosím o kontrolu.
ahoj,
preventivne:
1. spust s príkazového riadku chkdsk /F
2. prescanuj PC s MBAM
preventivne:
1. spust s príkazového riadku chkdsk /F
2. prescanuj PC s MBAM
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Prosím o kontrolu.
chkdsk proběhl asi bez problému.
Malwarebytes Anti-Malware
www.malwarebytes.org
Datum skenování: 28.9.2016
Čas skenování: 11:16
Protokol: ddd.txt
Správce: Ano
Verze: 2.2.1.1043
Databáze malwaru: v2016.09.28.04
Databáze rootkitů: v2016.09.26.02
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto
OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: Luke
Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 609408
Uplynulý čas: 2 hod, 56 min, 44 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 0
(Nenalezeny žádné škodlivé položky)
Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 0
(Nenalezeny žádné škodlivé položky)
Soubory: 1
RiskWare.TOR, C:\temp\HBCD\Programs\Files\Tor.7z, , [2b5942357228ef47184dc472649e2cd4],
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
Malwarebytes Anti-Malware
www.malwarebytes.org
Datum skenování: 28.9.2016
Čas skenování: 11:16
Protokol: ddd.txt
Správce: Ano
Verze: 2.2.1.1043
Databáze malwaru: v2016.09.28.04
Databáze rootkitů: v2016.09.26.02
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto
OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: Luke
Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 609408
Uplynulý čas: 2 hod, 56 min, 44 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 0
(Nenalezeny žádné škodlivé položky)
Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 0
(Nenalezeny žádné škodlivé položky)
Soubory: 1
RiskWare.TOR, C:\temp\HBCD\Programs\Files\Tor.7z, , [2b5942357228ef47184dc472649e2cd4],
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
Re: Prosím o kontrolu.
Nalez zmaz
PC je po AV stranke v poriadku, mohlo ist o nahodne zamrznutie
Ak by sa zopakovalo, skontroluj teplotu CPU
PC je po AV stranke v poriadku, mohlo ist o nahodne zamrznutie
Ak by sa zopakovalo, skontroluj teplotu CPU
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Prosím o kontrolu.
Super, děkuji za kontrolu a ať se daří. 
Re: Prosím o kontrolu.
dakujem - podobne
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Přispějete na provoz fóra?