VIRY.CZ

Addition.txt:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-07-2016
Ran by Administrator (2016-07-29 15:26:11)
Running from D:\Users\education\Desktop
Windows 7 Professional Service Pack 1 (X64) (2014-03-08 16:37:56)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-2757460864-126524720-2486629684-500 - Administrator - Enabled) => C:\Users\Administrator
education (S-1-5-21-2757460864-126524720-2486629684-1000 - Limited - Enabled) => C:\Users\education
Guest (S-1-5-21-2757460864-126524720-2486629684-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 16.02 (x64) (HKLM\...\7-Zip) (Version: 16.02 - Igor Pavlov)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.017.20050 - Adobe Systems Incorporated)
Aktualizace NVIDIA 2.11.3.5 (Version: 2.11.3.5 - NVIDIA Corporation) Hidden
Angry Birds Breakfast 1 (HKLM-x32\...\{A2A84F3C-2273-4F05-8A41-D0C5FA271651}) (Version: 1.0.16 - Rovio Entertainment Ltd.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 12.1.2272 - AVAST Software)
CrystalDiskInfo 7.0.0 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 7.0.0 - Crystal Dew World)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version: - EFD Software)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version: - Cheat Engine)
K-Lite Codec Pack 12.2.5 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 12.2.5 - KLCP)
Malwarebytes Anti-Malware verze 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4.6.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 47.0.1 (x86 cs) (HKLM-x32\...\Mozilla Firefox 47.0.1 (x86 cs)) (Version: 47.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.1.6018 - Mozilla)
NVIDIA GeForce Experience 2.11.3.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.3.5 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 365.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 365.19 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 364.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 364.44 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 365.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 365.19 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Ovládací panel NVIDIA 365.19 (Version: 365.19 - NVIDIA Corporation) Hidden
PhotoFiltre 7 (HKU\S-1-5-21-2757460864-126524720-2486629684-1000\...\PhotoFiltre 7) (Version: - )
Ruská - rozložení jako latinka (0.9.1) (HKLM\...\{6109059C-2784-4546-A353-7100A6882DF4}) (Version: 1.0.3.40 - Đonny)
SafeZone Stable 1.48.2066.114 (x32 Version: 1.48.2066.114 - Avast Software) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.3.5 - NVIDIA Corporation) Hidden
TightVNC (HKLM\...\{D2372F87-7DA2-47F7-A102-AF2181B8EAA2}) (Version: 2.7.10.0 - GlavSoft LLC.)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.50 - Ghisler Software GmbH)
TrackMania Nations ESWC 0.1.7.9 (HKLM-x32\...\TmNations_is1) (Version: 0.1.7.9 - Nadeo)
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {33623861-1B45-474C-86AB-396A74E0D55F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-06-25] (Adobe Systems Incorporated)
Task: {5EA22092-6E95-4567-908B-BFFFC8D88A83} - System32\Tasks\{90031624-ADAD-449C-B03F-45FEFF3CBC8E} => pcalua.exe -a "C:\Program Files (x86)\TrackMania Nations ESWC\unins000.exe"
Task: {65E3BDAA-7E79-4F59-9447-CD9B8CF3A51C} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-06-30] (AVAST Software)
Task: {A7C5E790-592B-458B-A593-FEF9C48B0E8E} - System32\Tasks\{4A6DDE25-C7DB-4D60-A677-97AAF0D5B150} => pcalua.exe -a "C:\Program Files (x86)\YTDownloader\YTDUninstall.exe"
Task: {BC77B44E-0524-429F-9B40-D1B8D7973B32} - System32\Tasks\{6FACC224-889D-4507-BEE4-787DED32FD7F} => pcalua.exe -a "D:\Users\education\Desktop\Původní data aplikace Firefox\5v9sby6d.default\Downloads\SkypeSetupFull.exe" -d "D:\Users\education\Desktop\Původní data aplikace Firefox\5v9sby6d.default\Downloads"
Task: {C03F70B4-5AB5-4DCB-AF31-E6AF6E64B862} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-06-02] (AVAST Software)
Task: {D490B5C4-755C-44E0-A520-D86EFC437C69} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2016-07-07] ()
Task: {DDEFA9BA-7A57-4879-A5BE-C50506EF8C71} - System32\Tasks\CCleanerSkipUAC => D:\Users\education\Desktop\ccsetup519 (1)\CCleaner.exe
Task: {E95A2C86-03A8-4BB0-B382-2F3FD14B935A} - System32\Tasks\SafeZone scheduled Autoupdate 1462554893 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-06-17] (Avast Software)
Task: {F2104EA9-C93F-4D12-8C5C-816BED00A79D} - System32\Tasks\RunSpeccy => D:\Users\education\Desktop\spsetup128\Speccy64.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2016-05-20 13:38 - 2016-05-02 07:54 - 00369208 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-05-20 13:39 - 2016-05-02 07:54 - 01148984 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2016-05-20 13:38 - 2016-05-02 07:55 - 03613240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2016-05-20 13:38 - 2016-05-02 07:55 - 00289848 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-05-20 13:39 - 2016-05-02 07:55 - 01990200 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2016-05-20 13:39 - 2016-05-02 07:55 - 02667576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2016-05-20 13:39 - 2016-05-02 07:55 - 01842232 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-05-20 13:38 - 2016-05-02 07:55 - 00208952 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2014-03-08 19:35 - 2016-05-10 01:40 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-05-20 13:38 - 2016-05-02 07:54 - 00035896 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2016-05-20 13:38 - 2016-05-02 07:54 - 00921656 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2016-06-30 19:05 - 2016-06-30 19:05 - 00146232 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-07-29 15:12 - 2016-07-29 15:12 - 03002880 _____ () C:\Program Files\AVAST Software\Avast\defs\16072900\algo.dll
2016-06-30 19:05 - 2016-06-30 19:05 - 00479288 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-05-20 13:38 - 2016-05-02 08:02 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-06-30 19:06 - 2016-06-30 19:06 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

==================== Alternate Data Streams (Whitelisted) =========

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2016-07-28 06:35 - 00000841 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost
::1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2757460864-126524720-2486629684-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\education\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-2757460864-126524720-2486629684-500\Control Panel\Desktop\\Wallpaper -> C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 172.22.1.1 - 172.22.1.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{ACF43051-212F-466F-BC7B-BA2D0A7E217C}] => (Allow) C:\Program Files\TightVNC\tvnserver.exe
FirewallRules: [{70B6B50B-3B47-40E9-8A74-B865C49E2733}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{94A4A84C-FF48-4A82-AFD6-629DD822669A}] => (Allow) LPort=2869
FirewallRules: [{56AC078A-58F7-4433-9CC1-FBCBAFDA44F0}] => (Allow) LPort=1900
FirewallRules: [{57A9C96D-8079-4D6A-AB28-DDC7ABEACFB2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{41C2F8EB-5547-4ED0-9835-E6561582D241}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{DCE976E4-86AA-42B9-A5ED-CCB18E5A9C06}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{904569FD-E414-4EC2-8992-C3031DC9F174}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{6AE1BC45-526C-4522-BFF6-C378193A87DD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{293CB6C6-8FCC-4E4E-AF8F-B3B1F1987ECE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{C1EFB5FF-73CF-4485-B8ED-C81AAFBFD927}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{79827EBC-D49D-4CB3-A365-7992413C3742}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{EC44D2EE-2CA5-4560-A545-060591F1FB65}C:\program files (x86)\trackmania nations eswc\tmnationseswc.exe] => (Block) C:\program files (x86)\trackmania nations eswc\tmnationseswc.exe
FirewallRules: [UDP Query User{621E14D4-4715-49DE-BF8B-29918A0A3444}C:\program files (x86)\trackmania nations eswc\tmnationseswc.exe] => (Block) C:\program files (x86)\trackmania nations eswc\tmnationseswc.exe
FirewallRules: [{12257E53-9A33-45B0-B12D-A19D8803C68E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8E302716-FC90-463E-946F-C8A47F58B2B4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A1B52E05-4B44-455D-9816-C9C48A57E9E0}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{90B003F4-FA16-48C5-B1DD-1FD0CB7917EC}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{70D0E729-A3C2-4686-B199-9E9924D66C05}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{9A60FDB7-0163-4BC5-82E3-52911D7CCAF8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{D16CB91C-49D9-4E5A-BB33-766E04721F9E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{732BF01B-1E26-433C-B89B-0FF5ADD403B2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{7C8D8AA3-8619-42F9-8048-3CFE003170FD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

==================== Restore Points =========================

25-07-2016 11:43:46 Windows Update
27-07-2016 22:32:42 JRT Pre-Junkware Removal
27-07-2016 22:44:39 zoek.exe restore point
29-07-2016 11:24:36 Windows Update

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (07/27/2016 02:30:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Vžum.exe, verze: 1.0.6027.25238, časové razítko: 0x5777ad0f
Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.23418, časové razítko: 0x5708a89c
Kód výjimky: 0xe0434352
Posun chyby: 0x000000000001a06d
ID chybujícího procesu: 0xea4
Čas spuštění chybující aplikace: 0xVžum.exe0
Cesta k chybující aplikaci: Vžum.exe1
Cesta k chybujícímu modulu: Vžum.exe2
ID zprávy: Vžum.exe3

Error: (07/27/2016 02:30:47 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: Vžum.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: Newtonsoft.Json.JsonReaderException
na Newtonsoft.Json.JsonTextReader.ParseValue()
na Newtonsoft.Json.JsonTextReader.Read()
na Newtonsoft.Json.Linq.JObject.Load(Newtonsoft.Json.JsonReader)
na Newtonsoft.Json.Linq.JObject.Parse(System.String)
na Vžum_Reloaded.FileDownloader.ZískejURL(System.String ByRef, System.String ByRef)
na Vžum_Reloaded.FileDownloader.Vlákno()
na System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
na System.Threading.ThreadHelper.ThreadStart()

Error: (07/27/2016 02:30:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Vžum.exe, verze: 1.0.6027.25238, časové razítko: 0x5777ad0f
Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.23418, časové razítko: 0x5708a89c
Kód výjimky: 0xe0434352
Posun chyby: 0x000000000001a06d
ID chybujícího procesu: 0xdac
Čas spuštění chybující aplikace: 0xVžum.exe0
Cesta k chybující aplikaci: Vžum.exe1
Cesta k chybujícímu modulu: Vžum.exe2
ID zprávy: Vžum.exe3

Error: (07/27/2016 02:30:15 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: Vžum.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: Newtonsoft.Json.JsonReaderException
na Newtonsoft.Json.JsonTextReader.ParseValue()
na Newtonsoft.Json.JsonTextReader.Read()
na Newtonsoft.Json.Linq.JObject.Load(Newtonsoft.Json.JsonReader)
na Newtonsoft.Json.Linq.JObject.Parse(System.String)
na Vžum_Reloaded.FileDownloader.ZískejURL(System.String ByRef, System.String ByRef)
na Vžum_Reloaded.FileDownloader.Vlákno()
na System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
na System.Threading.ThreadHelper.ThreadStart()

Error: (07/27/2016 02:29:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Vžum.exe, verze: 1.0.6027.25238, časové razítko: 0x5777ad0f
Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.23418, časové razítko: 0x5708a89c
Kód výjimky: 0xe0434352
Posun chyby: 0x000000000001a06d
ID chybujícího procesu: 0x1308
Čas spuštění chybující aplikace: 0xVžum.exe0
Cesta k chybující aplikaci: Vžum.exe1
Cesta k chybujícímu modulu: Vžum.exe2
ID zprávy: Vžum.exe3

Error: (07/27/2016 02:29:30 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: Vžum.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: Newtonsoft.Json.JsonReaderException
na Newtonsoft.Json.JsonTextReader.ParseValue()
na Newtonsoft.Json.JsonTextReader.Read()
na Newtonsoft.Json.Linq.JObject.Load(Newtonsoft.Json.JsonReader)
na Newtonsoft.Json.Linq.JObject.Parse(System.String)
na Vžum_Reloaded.FileDownloader.ZískejURL(System.String ByRef, System.String ByRef)
na Vžum_Reloaded.FileDownloader.Vlákno()
na System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
na System.Threading.ThreadHelper.ThreadStart()

Error: (07/24/2016 08:08:39 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program cheatengine-x86_64.exe verze 6.4.0.4107 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 1110

Čas spuštění: 01d1e57195404629

Čas ukončení: 50

Cesta k aplikaci: D:\!!! Ondra\Cheat Engine 6.4\cheatengine-x86_64.exe

ID hlášení: 09d2dfac-5165-11e6-897d-0016e63d6ef5

Error: (07/23/2016 12:36:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: rundll32.exe, verze: 6.1.7600.16385, časové razítko: 0x4a5bc637
Název chybujícího modulu: SysMenu.dll, verze: 1.0.0.5, časové razítko: 0x52b449c7
Kód výjimky: 0xc0000005
Posun chyby: 0x0006ce5c
ID chybujícího procesu: 0x6c4
Čas spuštění chybující aplikace: 0xrundll32.exe0
Cesta k chybující aplikaci: rundll32.exe1
Cesta k chybujícímu modulu: rundll32.exe2
ID zprávy: rundll32.exe3

Error: (07/23/2016 07:59:56 AM) (Source: Adobe Reader) (EventID: 16) (User: )
Description:

Error: (07/22/2016 08:12:13 PM) (Source: MsiInstaller) (EventID: 11719) (User: )
Description: Product: Skype™ 7.25 -- Error 1719. The Windows Installer Service could not be accessed. This can occur if you are running Windows in safe mode, or if the Windows Installer is not correctly installed. Contact your support personnel for assistance.

System errors:
=============
Error: (07/28/2016 06:35:44 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.

Error: (07/27/2016 10:33:18 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba TightVNC Server byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.

Error: (07/27/2016 10:33:17 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba NVIDIA Display Driver Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (07/26/2016 09:22:42 PM) (Source: cdrom) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\CdRom0.

Error: (07/26/2016 09:22:39 PM) (Source: cdrom) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\CdRom0.

Error: (07/26/2016 09:22:36 PM) (Source: cdrom) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\CdRom0.

Error: (07/26/2016 09:22:33 PM) (Source: cdrom) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\CdRom0.

Error: (07/26/2016 09:22:30 PM) (Source: cdrom) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\CdRom0.

Error: (07/26/2016 09:22:27 PM) (Source: cdrom) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\CdRom0.

Error: (07/25/2016 11:44:41 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Ochrana softwaru neuspěla při spuštění v důsledku následující chyby:
%%1069 = Služba nebyla zahájena, protože se nepodařilo přihlásit.

CodeIntegrity:
===================================
Date: 2016-07-29 15:11:10.239
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-07-29 15:11:09.818
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-07-29 11:16:13.067
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-07-29 11:16:12.974
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-07-28 14:11:50.005
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-07-28 14:11:49.662
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-07-28 09:34:20.042
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-07-28 09:31:02.660
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-07-28 09:31:02.301
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-07-28 06:24:57.067
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel(R) Pentium(R) D CPU 2.80GHz
Percentage of memory in use: 37%
Total physical RAM: 3071.55 MB
Available physical RAM: 1922.03 MB
Total Virtual: 6141.29 MB
Available Virtual: 4898.95 MB

==================== Drives ================================

Drive c: (SYSTEM) (Fixed) (Total:73.14 GB) (Free:18.08 GB) NTFS
Drive d: (DATA) (Fixed) (Total:144.01 GB) (Free:109.57 GB) NTFS
Drive e: (PAGEFILE) (Fixed) (Total:15.62 GB) (Free:9.5 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 2BD2C32A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=73.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=15.6 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=144 GB) - (Type=OF Extended)

==================== End of Addition.txt ============================

Napiste mi velikost adresaru plochy (C:\Users\education\Plocha) a (C:\Users\Administrator\Plocha)

Vypnete trvale Windows Defender.

Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKU\S-1-5-21-2757460864-126524720-2486629684-1000 Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <====== ATTENTION
HKU\S-1-5-21-2757460864-126524720-2486629684-1000 Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <====== ATTENTION
GroupPolicyUsers\S-1-5-21-2757460864-126524720-2486629684-1000\User: Restriction <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
CHR HKU\S-1-5-21-2757460864-126524720-2486629684-1000\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

Hosts:
EmptyTemp:
Reboot:
End

Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.

D:\Users\education\Plocha – 38 MB
C:\Users\Administrator\Plocha – 2,5 MB

Windows Defender vypnut

Fix result of Farbar Recovery Scan Tool (x64) Version: 27-07-2016
Ran by Administrator (2016-07-30 09:50:25) Run:1
Running from D:\Users\education\Desktop
Loaded Profiles: education & Administrator (Available Profiles: education & Administrator)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKU\S-1-5-21-2757460864-126524720-2486629684-1000 Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <====== ATTENTION
HKU\S-1-5-21-2757460864-126524720-2486629684-1000 Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <====== ATTENTION
GroupPolicyUsers\S-1-5-21-2757460864-126524720-2486629684-1000\User: Restriction <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
CHR HKU\S-1-5-21-2757460864-126524720-2486629684-1000\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\BCSSync => value removed successfully
HKU\S-1-5-21-2757460864-126524720-2486629684-1000 Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <====== ATTENTION => restored successfully
HKU\S-1-5-21-2757460864-126524720-2486629684-1000 Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <====== ATTENTION => restored successfully
C:\Windows\system32\GroupPolicyUsers\S-1-5-21-2757460864-126524720-2486629684-1000\User => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\Windows\SysWOW64\GroupPolicy\GPT.ini => moved successfully
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
"HKU\S-1-5-21-2757460864-126524720-2486629684-1000\SOFTWARE\Policies\Google" => key removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 4485382 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 13846270 B
Edge => 0 B
Chrome => 163840 B
Firefox => 2246439 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 43298498 B
systemprofile32 => 72931 B
LocalService => 0 B
NetworkService => 78858 B
education => 237121631 B
UpdatusUser => 0 B
Administrator => 10528179 B

RecycleBin => -129 B
EmptyTemp: => 305.4 MB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 09:51:19 ====

Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

vyosek píše: DelFix https://toolslib.net/downloads/finish/2/
Stahnete a spustte

Ponechte zatrzitkou pouze u volby Remove disinfection tools

Kliknete na Run

Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)

Defragmentujte disk(y) (SSD Disky ne!)
Stahnete program Defraggler https://www.piriform.com/defraggler/download/standard
Pri instalaci opet pozor na toolbar a dalsi nesmysly.
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.

Pak napiste, jak to s pc vypada.

# DelFix v1.013 - Logfile created 30/07/2016 at 13:01:44
# Updated 17/04/2016 by Xplode
# Username : Administrator - TOMAS
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)

~ Removing disinfection tools ...

Deleted : \AdwCleaner
Deleted : C:\Users\Administrator\Desktop\JRT.txt
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis

########## - EOF - ##########

PC je o hodně rychlejší
děkuju

jste fakt borec

Nemate zac!

Diky za pochvalu

Jede to tedy uz jak ma a muzem tema uzavrit, nebo je to sice rychlejsi, ale do normalu to ma jeste daleko a kouknem hloubeji?

Už je to v normálu. Téma můžeme uzavřít.

Ještě jednou díky

Super, nemate zac!

Mejte se a treba zase nekdy

VIRY.CZ

41 virů, zpomalený PC

Re: 41 virů, zpomalený PC

Re: 41 virů, zpomalený PC

Re: 41 virů, zpomalený PC

Re: 41 virů, zpomalený PC

Re: 41 virů, zpomalený PC

Re: 41 virů, zpomalený PC

Re: 41 virů, zpomalený PC

Re: 41 virů, zpomalený PC

Re: 41 virů, zpomalený PC

Re: 41 virů, zpomalený PC