Re: Velká spotřeba RAM
Napsal: 05 říj 2015 13:09
Fix result of Farbar Recovery Scan Tool (x64) Version:04-10-2015
Ran by Nini (2015-10-05 14:01:59) Run:2
Running from C:\Users\Nini\Desktop
Loaded Profiles: Nini (Available Profiles: Nini)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
File: C:\ProgramData\37217c48023741f60e7456700c74fc29ffb99f00
File: C:\Users\Nini\AppData\Roaming\hiiVlrznz68m\GkaaJQQSxJ.exe
File: C:\ProgramData\327776\327679\13534.ENC
2015-10-02 16:40 - 2015-10-05 08:38 - 00003490 _____ C:\Windows\System32\Tasks\AutoKMS
2015-10-02 16:40 - 2015-10-04 18:52 - 00000000 ____D C:\Windows\AutoKMS
Task: {0C865C06-95D0-45EA-BB4F-0888CDEF52AE} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2015-10-02] ()
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:^Users^Nini^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^IhIi9FwL.lnk
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Nini^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^IhIi9FwL.lnk
2015-10-02 14:35 - 2015-10-02 14:35 - 00000006 ____S C:\ProgramData\37217c48023741f60e7456700c74fc29ffb99f00
2015-10-02 14:35 - 2015-10-02 14:35 - 00000000 _RSHD C:\ProgramData\327776
2015-10-02 14:35 - 2015-10-02 14:35 - 00000000 _RSHD C:\ProgramData\327676
2015-10-02 14:35 - 2015-10-02 14:35 - 00000000 ____D C:\Users\Nini\AppData\Roaming\hiiVlrznz68m
C:\ProgramData\37217c48023741f60e7456700c74fc29ffb99f00
Hosts:
EmptyTemp:
End
*****************
Restore point was successfully created.
Processes closed successfully.
========================= File: C:\ProgramData\37217c48023741f60e7456700c74fc29ffb99f00 ========================
File not signed
MD5: EEA096D4DFA1726FA352FA3486D137FB
Creation and modification date: 2015-10-02 14:35 - 2015-10-02 14:35
Size: 0000006
Attributes: ----S
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
====== End of File: ======
========================= File: C:\Users\Nini\AppData\Roaming\hiiVlrznz68m\GkaaJQQSxJ.exe ========================
File not signed
MD5: 57B034F52D65280C20078CF10DBE1F2A
Creation and modification date: 2015-10-02 14:35 - 2015-10-02 14:35
Size: 0307200
Attributes: ----A
Company Name: hvmkt
Internal Name: Klrznz6.exe
Original Name: Klrznz6.exe
Product: mWuPD4Ne
Description: mWuPD4Ne
File Version: 6.8.42.3981
Product Version: 6.8.42.3981
Copyright: Copyright (C) 2009-2012 POa6JYni BCRZKNefyi
====== End of File: ======
========================= File: C:\ProgramData\327776\327679\13534.ENC ========================
File not signed
MD5: 0ACB3DDD2B3942466F4195262675E968
Creation and modification date: 2015-10-02 14:35 - 2015-10-02 14:35
Size: 0299008
Attributes: ----A
Company Name: Ikth8tnbTa
Internal Name: A68mkaa.exe
Original Name: A68mkaa.exe
Product: qWuPD4NeO4
Description: qWuPD4NeO4
File Version: 2.2.947.1208
Product Version: 2.2.947.1208
Copyright: Copyright (C) 2005-2012 UiCRZKN AefyicowIGON
====== End of File: ======
C:\Windows\System32\Tasks\AutoKMS => moved successfully
C:\Windows\AutoKMS => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{0C865C06-95D0-45EA-BB4F-0888CDEF52AE}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0C865C06-95D0-45EA-BB4F-0888CDEF52AE}" => key removed successfully
C:\Windows\System32\Tasks\AutoKMS => not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS" => key removed successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:^Users^Nini^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^IhIi9FwL.lnk => Error: No automatic fix found for this entry.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Nini^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^IhIi9FwL.lnk => key removed successfully
C:\ProgramData\37217c48023741f60e7456700c74fc29ffb99f00 => moved successfully
C:\ProgramData\327776 => moved successfully
C:\ProgramData\327676 => moved successfully
C:\Users\Nini\AppData\Roaming\hiiVlrznz68m => moved successfully
"C:\ProgramData\37217c48023741f60e7456700c74fc29ffb99f00" => File/Folder not found.
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
EmptyTemp: => 190.8 MB temporary data Removed.
The system needed a reboot..
==== End of Fixlog 14:03:17 ====
Ran by Nini (2015-10-05 14:01:59) Run:2
Running from C:\Users\Nini\Desktop
Loaded Profiles: Nini (Available Profiles: Nini)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
File: C:\ProgramData\37217c48023741f60e7456700c74fc29ffb99f00
File: C:\Users\Nini\AppData\Roaming\hiiVlrznz68m\GkaaJQQSxJ.exe
File: C:\ProgramData\327776\327679\13534.ENC
2015-10-02 16:40 - 2015-10-05 08:38 - 00003490 _____ C:\Windows\System32\Tasks\AutoKMS
2015-10-02 16:40 - 2015-10-04 18:52 - 00000000 ____D C:\Windows\AutoKMS
Task: {0C865C06-95D0-45EA-BB4F-0888CDEF52AE} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2015-10-02] ()
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:^Users^Nini^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^IhIi9FwL.lnk
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Nini^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^IhIi9FwL.lnk
2015-10-02 14:35 - 2015-10-02 14:35 - 00000006 ____S C:\ProgramData\37217c48023741f60e7456700c74fc29ffb99f00
2015-10-02 14:35 - 2015-10-02 14:35 - 00000000 _RSHD C:\ProgramData\327776
2015-10-02 14:35 - 2015-10-02 14:35 - 00000000 _RSHD C:\ProgramData\327676
2015-10-02 14:35 - 2015-10-02 14:35 - 00000000 ____D C:\Users\Nini\AppData\Roaming\hiiVlrznz68m
C:\ProgramData\37217c48023741f60e7456700c74fc29ffb99f00
Hosts:
EmptyTemp:
End
*****************
Restore point was successfully created.
Processes closed successfully.
========================= File: C:\ProgramData\37217c48023741f60e7456700c74fc29ffb99f00 ========================
File not signed
MD5: EEA096D4DFA1726FA352FA3486D137FB
Creation and modification date: 2015-10-02 14:35 - 2015-10-02 14:35
Size: 0000006
Attributes: ----S
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
====== End of File: ======
========================= File: C:\Users\Nini\AppData\Roaming\hiiVlrznz68m\GkaaJQQSxJ.exe ========================
File not signed
MD5: 57B034F52D65280C20078CF10DBE1F2A
Creation and modification date: 2015-10-02 14:35 - 2015-10-02 14:35
Size: 0307200
Attributes: ----A
Company Name: hvmkt
Internal Name: Klrznz6.exe
Original Name: Klrznz6.exe
Product: mWuPD4Ne
Description: mWuPD4Ne
File Version: 6.8.42.3981
Product Version: 6.8.42.3981
Copyright: Copyright (C) 2009-2012 POa6JYni BCRZKNefyi
====== End of File: ======
========================= File: C:\ProgramData\327776\327679\13534.ENC ========================
File not signed
MD5: 0ACB3DDD2B3942466F4195262675E968
Creation and modification date: 2015-10-02 14:35 - 2015-10-02 14:35
Size: 0299008
Attributes: ----A
Company Name: Ikth8tnbTa
Internal Name: A68mkaa.exe
Original Name: A68mkaa.exe
Product: qWuPD4NeO4
Description: qWuPD4NeO4
File Version: 2.2.947.1208
Product Version: 2.2.947.1208
Copyright: Copyright (C) 2005-2012 UiCRZKN AefyicowIGON
====== End of File: ======
C:\Windows\System32\Tasks\AutoKMS => moved successfully
C:\Windows\AutoKMS => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{0C865C06-95D0-45EA-BB4F-0888CDEF52AE}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0C865C06-95D0-45EA-BB4F-0888CDEF52AE}" => key removed successfully
C:\Windows\System32\Tasks\AutoKMS => not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS" => key removed successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:^Users^Nini^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^IhIi9FwL.lnk => Error: No automatic fix found for this entry.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Nini^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^IhIi9FwL.lnk => key removed successfully
C:\ProgramData\37217c48023741f60e7456700c74fc29ffb99f00 => moved successfully
C:\ProgramData\327776 => moved successfully
C:\ProgramData\327676 => moved successfully
C:\Users\Nini\AppData\Roaming\hiiVlrznz68m => moved successfully
"C:\ProgramData\37217c48023741f60e7456700c74fc29ffb99f00" => File/Folder not found.
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
EmptyTemp: => 190.8 MB temporary data Removed.
The system needed a reboot..
==== End of Fixlog 14:03:17 ====
