VIRY.CZ

Za vzorek dekuji.

Doporucuji zapnout funkci bodu obnoveni a pak provedte cast s fixlistem http://forum.viry.cz/viewtopic.php?p=1397609#p1397609

A tady je ten fixlog

A ten bod obnovy jsem na Vaše doporučení taky zapl

-----------------------------------------------

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 19-05-2015
Ran by Patrik at 2015-05-21 00:15:24 Run:1
Running from C:\Users\Patrik\Desktop
Loaded Profiles: Patrik (Available profiles: Patrik & Free)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
Folder: C:\Windows\inf\msrdbu
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [NtVdmSrv] => C:\Windows\inf\ntvdm.vbe [1219 2013-06-20] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-675987936-426717420-316962544-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3673184 2013-07-03] (Disc Soft Ltd)
HKU\S-1-5-21-675987936-426717420-316962544-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8204056 2015-04-23] (Piriform Ltd)
C:\Windows\inf\ntvdm.vbe
C:\Windows\inf\ntvdm.inf

URLSearchHook: HKLM-x32 - Default Value = {CCC7B151-1D8C-11E3-B2AD-F3EF3D58318D}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
CHR DefaultSearchKeyword: Default -> yahoo.com
CHR DefaultSearchURL: Default -> http://search.yahoo.com/search?fr=chr-g ... =443898&p={searchTerms}
CHR DefaultSuggestURL: Default -> http://ff.search.yahoo.com/gossip?outpu ... n&command={searchTerms}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\pdf.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
S3 GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS [X]

2015-05-20 23:03 - 2015-05-20 23:03 - 00029696 _____ () C:\Users\Patrik\AppData\Local\MSGBOX.EXE
2015-05-20 23:03 - 2015-05-20 23:03 - 00015327 _____ () C:\Users\Patrik\Desktop\LM.bat
2015-05-20 23:01 - 2015-05-20 23:02 - 00112640 _____ (forum.viry.cz) C:\Users\Patrik\Desktop\FRSTLauncher.exe
2015-05-20 22:50 - 2015-05-20 22:55 - 00000000 ____D () C:\AdwCleaner
2015-05-20 22:49 - 2015-05-20 22:49 - 02209792 _____ () C:\Users\Patrik\Desktop\adwcleaner_4.204.exe
2015-05-20 22:27 - 2015-05-20 22:27 - 01222144 _____ () C:\Users\Patrik\Downloads\RSITx64.exe
2015-05-20 22:27 - 2015-05-20 22:27 - 00000000 ____D () C:\rsit
2015-05-20 22:27 - 2015-05-20 22:27 - 00000000 ____D () C:\Program Files\trend micro
2015-05-20 22:24 - 2015-05-20 22:24 - 00008976 _____ () C:\Users\Patrik\Downloads\hijackthis.log
2015-05-20 22:22 - 2015-05-20 22:22 - 00388608 _____ (Trend Micro Inc.) C:\Users\Patrik\Downloads\HijackThis.exe
2015-05-20 21:47 - 2015-05-20 21:47 - 06484352 _____ (Piriform Ltd) C:\Users\Patrik\Downloads\ccsetup505.exe
2014-09-06 22:32 - 2014-09-06 22:32 - 0005034 _____ () C:\ProgramData\pubjtini.xmz
Task: {86DFA549-FA7F-49DC-A747-5331A3114DE0} - System32\Tasks\{265E910A-8636-4F25-8DDA-458C51682B09} => pcalua.exe -a "C:\Users\Patrik\Desktop\Diablo 2\d2instcz.exe" -d "C:\Users\Patrik\Desktop\Diablo 2"
Task: {C0BE7D25-9FFD-4A67-800B-0111B2A7AAE3} - System32\Tasks\{52759110-CCB0-4A87-8F86-7B340DDDA1C4} => pcalua.exe -a D:\setup.exe -d D:\
Task: {CB0A5215-F7A9-41BB-8F4A-B7D4EDC87EE0} - System32\Tasks\{38BEECB4-08FD-4A0B-A2DC-7AD5D8BA5E4F} => pcalua.exe -a "C:\Users\Patrik\Desktop\Ostatní Programy\VCredist\vcredist_x64.exe" -d "C:\Users\Patrik\Desktop\Ostatní Programy\VCredist"
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
AlternateDataStreams: C:\ProgramData\TEMP:AD022376
C:\Windows\inf\msrdbu

IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com
Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.

========================= Folder: C:\Windows\inf\msrdbu ========================

2013-10-08 16:50 - 2013-06-07 13:45 - 0044727 ____S () C:\Windows\inf\msrdbu\diablo130302.cl
2013-10-08 16:50 - 2013-06-07 13:45 - 0030802 ____S () C:\Windows\inf\msrdbu\diakgcn121016.cl
2013-10-08 16:50 - 2013-06-07 13:45 - 0612352 ____S (The cURL library, http://curl.haxx.se/) C:\Windows\inf\msrdbu\libcurl.dll
2013-10-08 16:50 - 2013-06-07 13:45 - 1704448 ____S (The OpenSSL Project, http://www.openssl.org/) C:\Windows\inf\msrdbu\libeay32.dll
2013-10-08 16:50 - 2013-06-07 13:45 - 0279955 ____S () C:\Windows\inf\msrdbu\libidn-11.dll
2013-10-08 16:50 - 2013-06-07 13:45 - 0183382 ____S () C:\Windows\inf\msrdbu\librtmp.dll
2013-10-08 16:50 - 2013-06-07 13:45 - 0171008 ____S (The libssh2 library, http://www.libssh2.org/) C:\Windows\inf\msrdbu\libssh2.dll
2013-10-08 16:50 - 2013-06-07 13:45 - 0110094 ____S (libusb.org) C:\Windows\inf\msrdbu\libusb-1.0.dll
2013-10-08 16:50 - 2013-06-07 13:45 - 0568334 ____S () C:\Windows\inf\msrdbu\msrdbu.exe
2013-10-08 16:50 - 2013-06-07 13:45 - 0013062 ____S () C:\Windows\inf\msrdbu\phatk121016.cl
2013-10-08 16:50 - 2013-06-07 13:45 - 0043810 ____S () C:\Windows\inf\msrdbu\poclbm130302.cl
2013-10-08 16:50 - 2013-06-07 13:45 - 0023825 ____S () C:\Windows\inf\msrdbu\scrypt130511.cl
2013-10-08 16:50 - 2013-06-07 13:45 - 0364544 ____S (The OpenSSL Project, http://www.openssl.org/) C:\Windows\inf\msrdbu\ssleay32.dll
2013-10-08 16:50 - 2013-06-07 13:45 - 0084992 ____S () C:\Windows\inf\msrdbu\zlib1.dll
2013-10-08 16:50 - 2013-10-08 16:51 - 0000000 ____D () C:\Windows\inf\msrdbu\bitstreams
2013-10-08 16:50 - 2013-06-07 13:45 - 3682603 ____S () C:\Windows\inf\msrdbu\bitstreams\fpgaminer_top_fixed7_197MHz.ncd
2013-10-08 16:50 - 2013-06-07 13:45 - 2453192 ____S () C:\Windows\inf\msrdbu\bitstreams\ztex_ufm1_15b1.bit
2013-10-08 16:50 - 2013-06-07 13:45 - 4220316 ____S () C:\Windows\inf\msrdbu\bitstreams\ztex_ufm1_15d1.bit
2013-10-08 16:50 - 2013-06-07 13:45 - 4220313 ____S () C:\Windows\inf\msrdbu\bitstreams\ztex_ufm1_15d3.bit
2013-10-08 16:50 - 2013-06-07 13:45 - 0006792 ____S () C:\Windows\inf\msrdbu\bitstreams\ztex_ufm1_15d4.bin
2013-10-08 16:50 - 2013-06-07 13:45 - 4220313 ____S () C:\Windows\inf\msrdbu\bitstreams\ztex_ufm1_15d4.bit
2013-10-08 16:50 - 2013-06-07 13:45 - 0006794 ____S () C:\Windows\inf\msrdbu\bitstreams\ztex_ufm1_15y1.bin
2013-10-08 16:50 - 2013-06-07 13:45 - 4220313 ____S () C:\Windows\inf\msrdbu\bitstreams\ztex_ufm1_15y1.bit

====== End of Folder: ======

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\NvBackend => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\HP Software Update => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\NtVdmSrv => Value not found.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SDTray => value deleted successfully.
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SDWinLogon" => Key deleted successfully.
HKU\S-1-5-21-675987936-426717420-316962544-1000\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => value deleted successfully.
HKU\S-1-5-21-675987936-426717420-316962544-1000\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Monitoring => value deleted successfully.
C:\Windows\inf\ntvdm.vbe => Moved successfully.
C:\Windows\inf\ntvdm.inf => Moved successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\URLSearchHooks\\ => value deleted successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin" => Key deleted successfully.
Chrome DefaultSearchKeyword deleted successfully.
Chrome DefaultSearchURL deleted successfully.
Chrome DefaultSuggestURL deleted successfully.
C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\PepperFlash\pepflashplayer.dll not found.
C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\ppGoogleNaClPluginChrome.dll not found.
C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\pdf.dll not found.
C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll not found.
GMSIPCI => Service deleted successfully.
C:\Users\Patrik\AppData\Local\MSGBOX.EXE => Moved successfully.
C:\Users\Patrik\Desktop\LM.bat => Moved successfully.
C:\Users\Patrik\Desktop\FRSTLauncher.exe => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Users\Patrik\Desktop\adwcleaner_4.204.exe => Moved successfully.
C:\Users\Patrik\Downloads\RSITx64.exe => Moved successfully.
C:\rsit => Moved successfully.
C:\Program Files\trend micro => Moved successfully.
C:\Users\Patrik\Downloads\hijackthis.log => Moved successfully.
C:\Users\Patrik\Downloads\HijackThis.exe => Moved successfully.
C:\Users\Patrik\Downloads\ccsetup505.exe => Moved successfully.
C:\ProgramData\pubjtini.xmz => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{86DFA549-FA7F-49DC-A747-5331A3114DE0}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{86DFA549-FA7F-49DC-A747-5331A3114DE0}" => Key deleted successfully.
C:\Windows\System32\Tasks\{265E910A-8636-4F25-8DDA-458C51682B09} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{265E910A-8636-4F25-8DDA-458C51682B09}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C0BE7D25-9FFD-4A67-800B-0111B2A7AAE3}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C0BE7D25-9FFD-4A67-800B-0111B2A7AAE3}" => Key deleted successfully.
C:\Windows\System32\Tasks\{52759110-CCB0-4A87-8F86-7B340DDDA1C4} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{52759110-CCB0-4A87-8F86-7B340DDDA1C4}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CB0A5215-F7A9-41BB-8F4A-B7D4EDC87EE0}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CB0A5215-F7A9-41BB-8F4A-B7D4EDC87EE0}" => Key deleted successfully.
C:\Windows\System32\Tasks\{38BEECB4-08FD-4A0B-A2DC-7AD5D8BA5E4F} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{38BEECB4-08FD-4A0B-A2DC-7AD5D8BA5E4F}" => Key deleted successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\ProgramData\TEMP => ":AD022376" ADS removed successfully.
C:\Windows\inf\msrdbu => Moved successfully.
"HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\clonewarsadventures.com" => Key deleted successfully.
"HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\freerealms.com" => Key deleted successfully.
"HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\soe.com" => Key deleted successfully.
"HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\sony.com" => Key deleted successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 334.6 MB temporary data.

The system needed a reboot.

==== End of Fixlog 00:16:18 ====

Vyborne, BitCoiny jste prave prestal tezit. Zkontrolujeme jeste prehrivani.

MiliNess píše:Spusť HeavyLoad a Hardware Monitor (nebo Open Hardware Monitor). V HeavyLoad spusť zátěžový test
a zhruba po 10 minutách udělej screenshot Hardware Monitoru. Ten pak vlož do příspěvku.

No snad nebude vadit, když to pošlu až spíš ráno, protože když ma můj "super" PC větší zátěž, tak začne tak divně pískat, nevím jestli to píska CPU nebo harddisk, ještě sem to nějak neřešil

No a nechcu vzbudit při tem testu půlku domu

Zatím fakt moc díky za pomoc

ráno pošlu screen s tím výsledkem testu. Přeji pěkný zbytek večera

Rozumim. Havet byla uspesne smazana (pocitaci by se melo znacne ulevit), takze nejvetsi praci mame za sebou. Zitra to dokoncime.

Nemate zac, dobrou noc

Zdravím, tak jsem ten test udělal a screen jsem dal do přilohy v raru, protože kdybych ho hodil sem, tak by nešlo nic přečíst

Dobre jste udelal

Teploty nijak extra neprekracuji povolene hodnoty, takze je to v poradku.

Jak casto Vam programy padaly? Pretrvava tento ci jiny problem?

No ještě jsem to dneskaj nechal projet Avastem a ten my našel nějaký vir win3 v adblockeru, tak se dal do karantény a vypadá to, že už ani ten prohlížeč neblbne

Tak zatím to vypadá, že se tomu opravdu ulevilo, ale mam PC zapnutý chvilku tak bych sem večer ještě napsal, jestli je to v pořádku nebo to pořád blbne

Jinak padal hlavně prohlížeč, a to že pár sekund jel a pak zas chvilku neodpovídal a furt dokola, a když jsem ho mě spuštěný, tak začli neodpovídat i jiné programy.

Jasne, poradne ozkousejte a dejte vedet. Vecer uz pripadne jen uklidime pouzite nastroje.

Jasné, zatím díky moc za pomoc

Tak to vypadá, že už to šlape v pohodě, žádné padání programů nebo neodpovídání. Prohlížeč i PC jedou rychleji

No aby ne, kdyz jste ty BitCoiny prestal tezit

Takze jeste uklidime.

Stahnete a spustte DelFix - https://toolslib.net/downloads/viewdownload/2-delfix/
Oznacte jen moznost "Remove disinfection tools"
kliknete na Run

A pokud nejsou dotazy ci jine problemy, je to ode mne vse.

Jo super to bude vše !

Díky fakt moc za pomoc a přeji pěkný zbytek dne, nashle

Nemate zac, rad jsem pomohl

Mejte se krasne a treba zase nekdy

VIRY.CZ

Pomalé PC, padání programů

Re: Pomalé PC, padání programů

Re: Pomalé PC, padání programů

Re: Pomalé PC, padání programů

Re: Pomalé PC, padání programů

Re: Pomalé PC, padání programů

Re: Pomalé PC, padání programů

Re: Pomalé PC, padání programů

Re: Pomalé PC, padání programů

Re: Pomalé PC, padání programů

Re: Pomalé PC, padání programů

Re: Pomalé PC, padání programů

Re: Pomalé PC, padání programů

Re: Pomalé PC, padání programů

Re: Pomalé PC, padání programů