Potřeboval bych rozlišit jestli jsem ulovil nějakou havěť nebo jestli jde o HW závadu. Už delší dobu se mi stává, že PC bootuje na několikáty pokus, případně se dlouho načíal windows. Dnes PC sice nabootval hned, ale po načítací obrazovce windows jsem se dostal na černou obrazovku s myší. Až do téhle chvíle jsem si myslel, že to HDD zabalil ale potom PC na několikátý pokus naběhl. Jenže ztratilo se mi nastavení z některých programů, "rozházeli" se mi ikony na ploše a po stisknutí jakéhokoliv tlačítka na ploše začne "hrabat" disk a na chvilku problikne fialová obrazovka. Tohle mě trochu znejistilo a chtěl bych se zeptat jestli je možné, že tohle dělá vada HW nebo jestli jsem chytil nějakou potvoru. Předem díky za odpověď.
Windows 8.1 64bit
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Černá obrazovka s myší po startu windows a další problémy
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119677
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Černá obrazovka s myší po startu windows a další problém
Zdravím!
Dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .
Dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Černá obrazovka s myší po startu windows a další problém
Také zdravím
LOG dodám hned jak doběhne kontrola AVASTEM po restartu, doufám že to pak normálně naběhne, už je to skoro hotový (95%).
LOG dodám hned jak doběhne kontrola AVASTEM po restartu, doufám že to pak normálně naběhne, už je to skoro hotový (95%).
Re: Černá obrazovka s myší po startu windows a další problém
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by admin (administrator) on PC on 27-03-2015 23:28:16
Running from C:\Users\admin\Desktop
Loaded Profiles: admin (Available profiles: admin)
Platform: Windows 8.1 Pro (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) D:\Programy\AVAST!\AvastSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(AVAST Software) D:\Programy\AVAST!\avastui.exe
(Advanced Micro Devices Inc.) D:\drivers\AMD\ATI.ACE\Core-Static\MOM.exe
() C:\Program Files (x86)\uRage Reaper 3090 Gaming Mouse\Monitor.EXE
(ATI Technologies Inc.) D:\drivers\AMD\ATI.ACE\Core-Static\CCC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13671792 2014-03-14] (Realtek Semiconductor)
HKLM-x32\...\Run: [AvastUI.exe] => D:\Programy\AVAST!\AvastUI.exe [4085896 2014-08-29] (AVAST Software)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694040 2014-07-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55568 2015-01-30] (Raptr, Inc)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-09-16] (Intel Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\Run: [StartCCC] => D:\drivers\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [uRage Reaper 3090 Gaming Mouse] => C:\Program Files (x86)\uRage Reaper 3090 Gaming Mouse\Monitor.EXE [184320 2013-03-01] ()
HKU\S-1-5-21-563994795-3044226750-2151014467-1001\...\Run: [Steam] => E:\Programy E\Steam\steam.exe [2888896 2015-03-24] (Valve Corporation)
HKU\S-1-5-21-563994795-3044226750-2151014467-1001\...\MountPoints2: {9251c8bc-c736-11e4-82e0-74d43587390d} - "F:\Autorun.exe"
HKU\S-1-5-21-563994795-3044226750-2151014467-1001\...\MountPoints2: {9251c8d8-c736-11e4-82e0-74d43587390d} - "F:\Autorun.exe"
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => D:\Programy\AVAST!\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-563994795-3044226750-2151014467-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> D:\Programy\AVAST!\aswWebRepIE64.dll [2014-08-29] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> D:\Programy\Java\bin\ssv.dll [2014-12-28] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> D:\Programy\AVAST!\aswWebRepIE.dll [2014-08-29] (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> D:\Programy\Java\bin\jp2ssv.dll [2014-12-28] (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\849nkv7k.default
FF DefaultSearchUrl: hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}&
FF SearchEngineOrder.1: Seznam
FF SelectedSearchEngine: Seznam
FF Homepage: https://www.seznam.cz/?clid=22668
FF Keyword.URL: hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}&
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-04] ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2014-07-22] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-04] ()
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> D:\Programy\Java\bin\dtplugin\npDeployJava1.dll [2014-12-28] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> D:\Programy\Java\bin\plugin2\npjp2.dll [2014-12-28] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2014-07-22] (Adobe Systems)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)
FF SearchPlugin: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\849nkv7k.default\searchplugins\seznam-avast.xml [2014-12-15]
FF Extension: Adblock Plus - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\849nkv7k.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-11-22]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - D:\Programy\AVAST!\WebRep\FF
FF Extension: avast! Online Security - D:\Programy\AVAST!\WebRep\FF [2014-08-29]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR Profile: C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-08-29]
CHR Extension: (Google Docs) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-29]
CHR Extension: (Google Drive) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-29]
CHR Extension: (YouTube) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-29]
CHR Extension: (Google Search) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-29]
CHR Extension: (Google Sheets) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-08-29]
CHR Extension: (Avast Online Security) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-08-29]
CHR Extension: (Google Wallet) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-29]
CHR Extension: (Gmail) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-29]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - D:\Programy\AVAST!\WebRep\Chrome\aswWebRepChrome.crx [2014-08-29]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; D:\Programy\AVAST!\AvastSvc.exe [50344 2014-08-29] (AVAST Software)
S4 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [324568 2014-06-23] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
S3 Origin Client Service; D:\Programy\Origin\OriginClientService.exe [1910128 2015-02-01] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-02-04] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2013-10-31] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2013-10-31] (Microsoft Corporation)
S3 Futuremark SystemInfo Service; "C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe" [X]
S2 MbnExt; E:\Programy E\Web'n'walk Manager\MbnExt.dll [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-08-29] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-08-29] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-08-29] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-08-29] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-11-22] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-08-29] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-08-29] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-08-29] ()
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [223232 2014-06-21] (Advanced Micro Devices)
S3 DIRECTIO; D:\Programy\PerformanceTest\DirectIo64.sys [31160 2014-04-24] ()
R3 GM3090Fltr; C:\Windows\system32\drivers\GM3090Fltr.sys [10752 2013-03-01] (LXD Development, Inc.)
S3 GPUZ; C:\Windows\TEMP\GPUZ.sys [27008 2014-12-23] ()
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [46136 2014-10-27] (LogMeIn Inc.)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [26528 2014-12-28] (REALiX(tm))
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
S3 RTCore64; D:\Programy\MSI AB\MSI Afterburner\RTCore64.sys [13368 2013-03-11] ()
R3 tapoas; C:\Windows\system32\DRIVERS\tapoas.sys [30720 2012-07-15] (The OpenVPN Project)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2013-10-31] (Microsoft Corporation)
S3 cpuz138; \??\C:\Windows\TEMP\cpuz138\cpuz138_x64.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 ew_hwusbdev; \SystemRoot\system32\DRIVERS\ew_hwusbdev.sys [X]
S3 ew_usbenumfilter; \SystemRoot\System32\drivers\ew_usbenumfilter.sys [X]
S3 huawei_cdcacm; \SystemRoot\system32\DRIVERS\ew_jucdcacm.sys [X]
S3 huawei_enumerator; \SystemRoot\System32\drivers\ew_jubusenum.sys [X]
S3 huawei_ext_ctrl; \SystemRoot\System32\drivers\ew_juextctrl.sys [X]
S3 huawei_wwanecm; \SystemRoot\system32\DRIVERS\ew_juwwanecm.sys [X]
S3 TRIXX; \??\C:\Users\admin\AppData\Local\Temp\TRIXX.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-27 23:28 - 2015-03-27 23:28 - 00016553 _____ () C:\Users\admin\Desktop\FRST.txt
2015-03-27 23:26 - 2015-03-27 23:28 - 00000000 ____D () C:\FRST
2015-03-27 23:25 - 2015-03-27 23:25 - 02095616 _____ (Farbar) C:\Users\admin\Desktop\FRST64.exe
2015-03-27 23:22 - 2015-03-27 23:23 - 00015327 _____ () C:\Users\admin\Desktop\LM.bat
2015-03-27 23:21 - 2015-03-27 23:23 - 00029696 _____ () C:\Users\admin\AppData\Local\MSGBOX.EXE
2015-03-27 23:21 - 2015-03-27 23:21 - 00112640 _____ (forum.viry.cz) C:\Users\admin\Desktop\FRSTLauncher.exe
2015-03-22 16:14 - 2015-03-22 16:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-15 15:47 - 2015-03-15 15:47 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ew_jucdcacm_01007.Wdf
2015-03-15 15:47 - 2015-03-15 15:47 - 00000000 ____D () C:\Program Files (x86)\Huawei
2015-03-15 15:47 - 2011-08-16 15:40 - 01490656 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01007.dll
2015-03-15 15:47 - 2011-08-16 15:40 - 01490656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfCoInstaller01007.dll
2015-03-15 13:41 - 2015-03-15 13:43 - 00000000 ____D () C:\Users\admin\Documents\InfiniteCrisis
2015-03-15 13:40 - 2015-03-15 13:41 - 00000000 ____D () C:\Users\admin\AppData\Local\InfiniteCrisis
2015-03-15 12:14 - 2015-03-15 12:14 - 00000000 ____D () C:\Users\admin\AppData\Local\Turbine
2015-03-15 12:11 - 2015-03-15 12:11 - 00000712 _____ () C:\Users\Public\Desktop\InfiniteCrisis.lnk
2015-03-15 12:11 - 2015-03-15 12:11 - 00000000 ____D () C:\ProgramData\Turbine
2015-03-15 12:11 - 2015-03-15 12:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Infinite Crisis
2015-03-14 23:14 - 2015-03-14 23:18 - 00000000 ____D () C:\Users\admin\Documents\FIFA 15
2015-03-14 22:40 - 2015-03-14 22:40 - 00000802 _____ () C:\Users\Public\Desktop\FIFA 15.lnk
2015-03-10 16:02 - 2015-03-10 16:02 - 00005482 _____ () C:\Windows\DPINST.LOG
2015-03-10 16:02 - 2015-03-10 16:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\uRage Reaper 3090 Gaming Mouse
2015-03-10 16:02 - 2015-03-10 16:02 - 00000000 ____D () C:\Program Files (x86)\uRage Reaper 3090 Gaming Mouse
2015-03-10 16:02 - 2013-03-01 09:34 - 00010752 _____ (LXD Development, Inc.) C:\Windows\system32\Drivers\GM3090Fltr.sys
2015-03-07 17:16 - 2015-03-07 17:16 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server
2015-03-07 17:12 - 2015-03-07 17:12 - 36210245 _____ () C:\Users\admin\Desktop\MSIAfterburnerSetup410.zip
2015-03-01 13:34 - 2015-03-01 13:34 - 00286104 _____ () C:\Windows\Minidump\030115-14218-01.dmp
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-27 23:22 - 2014-09-12 18:25 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-27 23:20 - 2014-08-29 17:54 - 00000966 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-27 23:11 - 2014-09-09 20:51 - 00003758 _____ () C:\Windows\System32\Tasks\AutoKMS
2015-03-27 23:09 - 2014-09-09 15:16 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Raptr
2015-03-27 23:06 - 2014-08-29 17:54 - 00000962 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-27 23:05 - 2013-08-22 15:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-27 22:00 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sru
2015-03-27 21:59 - 2014-09-09 15:40 - 00000000 ____D () C:\Users\admin\Desktop\HRY
2015-03-27 21:59 - 2014-08-29 18:20 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Skype
2015-03-27 20:40 - 2013-09-30 05:20 - 01745984 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-27 20:40 - 2013-09-30 04:57 - 00738682 _____ () C:\Windows\system32\perfh005.dat
2015-03-27 20:40 - 2013-09-30 04:57 - 00151404 _____ () C:\Windows\system32\perfc005.dat
2015-03-27 20:17 - 2013-09-30 04:36 - 00000000 ____D () C:\Users\admin
2015-03-27 17:24 - 2013-09-30 04:36 - 01586484 _____ () C:\Windows\WindowsUpdate.log
2015-03-23 06:49 - 2014-08-29 17:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-23 06:49 - 2013-09-29 20:09 - 00015724 _____ () C:\Windows\PFRO.log
2015-03-21 03:29 - 2013-09-30 04:42 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-563994795-3044226750-2151014467-1001
2015-03-21 01:22 - 2014-08-29 17:54 - 00002203 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-03-18 22:32 - 2014-11-01 13:28 - 00000957 _____ () C:\Users\admin\Desktop\a0bf4dbf-8bec-420c-aff0-7eb0b7980f78.dmp
2015-03-17 14:09 - 2014-09-09 15:29 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2015-03-16 06:35 - 2015-01-27 18:59 - 00004832 _____ () C:\Windows\setupact.log
2015-03-15 13:40 - 2014-10-19 09:17 - 00000000 ____D () C:\Users\admin\Documents\OpenTTD
2015-03-15 12:12 - 2014-09-09 15:30 - 00203105 _____ () C:\Windows\DirectX.log
2015-03-14 22:40 - 2014-09-13 17:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hry
2015-03-14 10:55 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-03-13 18:11 - 2014-08-29 18:11 - 00004144 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-03-10 16:02 - 2014-09-12 14:43 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-03-08 21:02 - 2014-09-11 16:38 - 01065984 _____ () C:\Users\admin\AppData\Local\file__0.localstorage
2015-03-08 20:06 - 2014-08-29 17:56 - 00000000 ___RD () C:\Users\admin\Desktop\Programy
2015-03-08 03:53 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-03-07 17:16 - 2014-09-09 15:29 - 00000000 ____D () C:\Windows\SysWOW64\directx
2015-03-01 13:34 - 2014-09-19 00:01 - 00000000 ____D () C:\Windows\Minidump
==================== Files in the root of some directories =======
2014-09-29 16:32 - 2014-09-29 18:46 - 0000034 _____ () C:\Users\admin\AppData\Roaming\AdobeWLCMCache.dat
2014-09-11 16:38 - 2015-03-08 21:02 - 1065984 _____ () C:\Users\admin\AppData\Local\file__0.localstorage
2015-03-27 23:21 - 2015-03-27 23:23 - 0029696 _____ () C:\Users\admin\AppData\Local\MSGBOX.EXE
2014-09-14 08:53 - 2014-10-19 09:49 - 0007597 _____ () C:\Users\admin\AppData\Local\Resmon.ResmonCfg
2014-11-30 18:07 - 2014-11-30 18:07 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Some content of TEMP:
====================
C:\Users\admin\AppData\Local\Temp\SkypeSetup.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-03-24 16:53
==================== End Of Log ============================
Ran by admin (administrator) on PC on 27-03-2015 23:28:16
Running from C:\Users\admin\Desktop
Loaded Profiles: admin (Available profiles: admin)
Platform: Windows 8.1 Pro (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) D:\Programy\AVAST!\AvastSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(AVAST Software) D:\Programy\AVAST!\avastui.exe
(Advanced Micro Devices Inc.) D:\drivers\AMD\ATI.ACE\Core-Static\MOM.exe
() C:\Program Files (x86)\uRage Reaper 3090 Gaming Mouse\Monitor.EXE
(ATI Technologies Inc.) D:\drivers\AMD\ATI.ACE\Core-Static\CCC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13671792 2014-03-14] (Realtek Semiconductor)
HKLM-x32\...\Run: [AvastUI.exe] => D:\Programy\AVAST!\AvastUI.exe [4085896 2014-08-29] (AVAST Software)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694040 2014-07-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55568 2015-01-30] (Raptr, Inc)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-09-16] (Intel Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\Run: [StartCCC] => D:\drivers\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [uRage Reaper 3090 Gaming Mouse] => C:\Program Files (x86)\uRage Reaper 3090 Gaming Mouse\Monitor.EXE [184320 2013-03-01] ()
HKU\S-1-5-21-563994795-3044226750-2151014467-1001\...\Run: [Steam] => E:\Programy E\Steam\steam.exe [2888896 2015-03-24] (Valve Corporation)
HKU\S-1-5-21-563994795-3044226750-2151014467-1001\...\MountPoints2: {9251c8bc-c736-11e4-82e0-74d43587390d} - "F:\Autorun.exe"
HKU\S-1-5-21-563994795-3044226750-2151014467-1001\...\MountPoints2: {9251c8d8-c736-11e4-82e0-74d43587390d} - "F:\Autorun.exe"
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => D:\Programy\AVAST!\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-563994795-3044226750-2151014467-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> D:\Programy\AVAST!\aswWebRepIE64.dll [2014-08-29] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> D:\Programy\Java\bin\ssv.dll [2014-12-28] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> D:\Programy\AVAST!\aswWebRepIE.dll [2014-08-29] (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> D:\Programy\Java\bin\jp2ssv.dll [2014-12-28] (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\849nkv7k.default
FF DefaultSearchUrl: hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}&
FF SearchEngineOrder.1: Seznam
FF SelectedSearchEngine: Seznam
FF Homepage: https://www.seznam.cz/?clid=22668
FF Keyword.URL: hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}&
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-04] ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2014-07-22] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-04] ()
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> D:\Programy\Java\bin\dtplugin\npDeployJava1.dll [2014-12-28] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> D:\Programy\Java\bin\plugin2\npjp2.dll [2014-12-28] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2014-07-22] (Adobe Systems)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)
FF SearchPlugin: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\849nkv7k.default\searchplugins\seznam-avast.xml [2014-12-15]
FF Extension: Adblock Plus - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\849nkv7k.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-11-22]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - D:\Programy\AVAST!\WebRep\FF
FF Extension: avast! Online Security - D:\Programy\AVAST!\WebRep\FF [2014-08-29]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR Profile: C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-08-29]
CHR Extension: (Google Docs) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-29]
CHR Extension: (Google Drive) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-29]
CHR Extension: (YouTube) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-29]
CHR Extension: (Google Search) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-29]
CHR Extension: (Google Sheets) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-08-29]
CHR Extension: (Avast Online Security) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-08-29]
CHR Extension: (Google Wallet) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-29]
CHR Extension: (Gmail) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-29]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - D:\Programy\AVAST!\WebRep\Chrome\aswWebRepChrome.crx [2014-08-29]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; D:\Programy\AVAST!\AvastSvc.exe [50344 2014-08-29] (AVAST Software)
S4 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [324568 2014-06-23] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
S3 Origin Client Service; D:\Programy\Origin\OriginClientService.exe [1910128 2015-02-01] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-02-04] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2013-10-31] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2013-10-31] (Microsoft Corporation)
S3 Futuremark SystemInfo Service; "C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe" [X]
S2 MbnExt; E:\Programy E\Web'n'walk Manager\MbnExt.dll [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-08-29] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-08-29] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-08-29] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-08-29] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-11-22] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-08-29] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-08-29] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-08-29] ()
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [223232 2014-06-21] (Advanced Micro Devices)
S3 DIRECTIO; D:\Programy\PerformanceTest\DirectIo64.sys [31160 2014-04-24] ()
R3 GM3090Fltr; C:\Windows\system32\drivers\GM3090Fltr.sys [10752 2013-03-01] (LXD Development, Inc.)
S3 GPUZ; C:\Windows\TEMP\GPUZ.sys [27008 2014-12-23] ()
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [46136 2014-10-27] (LogMeIn Inc.)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [26528 2014-12-28] (REALiX(tm))
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
S3 RTCore64; D:\Programy\MSI AB\MSI Afterburner\RTCore64.sys [13368 2013-03-11] ()
R3 tapoas; C:\Windows\system32\DRIVERS\tapoas.sys [30720 2012-07-15] (The OpenVPN Project)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2013-10-31] (Microsoft Corporation)
S3 cpuz138; \??\C:\Windows\TEMP\cpuz138\cpuz138_x64.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 ew_hwusbdev; \SystemRoot\system32\DRIVERS\ew_hwusbdev.sys [X]
S3 ew_usbenumfilter; \SystemRoot\System32\drivers\ew_usbenumfilter.sys [X]
S3 huawei_cdcacm; \SystemRoot\system32\DRIVERS\ew_jucdcacm.sys [X]
S3 huawei_enumerator; \SystemRoot\System32\drivers\ew_jubusenum.sys [X]
S3 huawei_ext_ctrl; \SystemRoot\System32\drivers\ew_juextctrl.sys [X]
S3 huawei_wwanecm; \SystemRoot\system32\DRIVERS\ew_juwwanecm.sys [X]
S3 TRIXX; \??\C:\Users\admin\AppData\Local\Temp\TRIXX.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-27 23:28 - 2015-03-27 23:28 - 00016553 _____ () C:\Users\admin\Desktop\FRST.txt
2015-03-27 23:26 - 2015-03-27 23:28 - 00000000 ____D () C:\FRST
2015-03-27 23:25 - 2015-03-27 23:25 - 02095616 _____ (Farbar) C:\Users\admin\Desktop\FRST64.exe
2015-03-27 23:22 - 2015-03-27 23:23 - 00015327 _____ () C:\Users\admin\Desktop\LM.bat
2015-03-27 23:21 - 2015-03-27 23:23 - 00029696 _____ () C:\Users\admin\AppData\Local\MSGBOX.EXE
2015-03-27 23:21 - 2015-03-27 23:21 - 00112640 _____ (forum.viry.cz) C:\Users\admin\Desktop\FRSTLauncher.exe
2015-03-22 16:14 - 2015-03-22 16:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-15 15:47 - 2015-03-15 15:47 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ew_jucdcacm_01007.Wdf
2015-03-15 15:47 - 2015-03-15 15:47 - 00000000 ____D () C:\Program Files (x86)\Huawei
2015-03-15 15:47 - 2011-08-16 15:40 - 01490656 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01007.dll
2015-03-15 15:47 - 2011-08-16 15:40 - 01490656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfCoInstaller01007.dll
2015-03-15 13:41 - 2015-03-15 13:43 - 00000000 ____D () C:\Users\admin\Documents\InfiniteCrisis
2015-03-15 13:40 - 2015-03-15 13:41 - 00000000 ____D () C:\Users\admin\AppData\Local\InfiniteCrisis
2015-03-15 12:14 - 2015-03-15 12:14 - 00000000 ____D () C:\Users\admin\AppData\Local\Turbine
2015-03-15 12:11 - 2015-03-15 12:11 - 00000712 _____ () C:\Users\Public\Desktop\InfiniteCrisis.lnk
2015-03-15 12:11 - 2015-03-15 12:11 - 00000000 ____D () C:\ProgramData\Turbine
2015-03-15 12:11 - 2015-03-15 12:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Infinite Crisis
2015-03-14 23:14 - 2015-03-14 23:18 - 00000000 ____D () C:\Users\admin\Documents\FIFA 15
2015-03-14 22:40 - 2015-03-14 22:40 - 00000802 _____ () C:\Users\Public\Desktop\FIFA 15.lnk
2015-03-10 16:02 - 2015-03-10 16:02 - 00005482 _____ () C:\Windows\DPINST.LOG
2015-03-10 16:02 - 2015-03-10 16:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\uRage Reaper 3090 Gaming Mouse
2015-03-10 16:02 - 2015-03-10 16:02 - 00000000 ____D () C:\Program Files (x86)\uRage Reaper 3090 Gaming Mouse
2015-03-10 16:02 - 2013-03-01 09:34 - 00010752 _____ (LXD Development, Inc.) C:\Windows\system32\Drivers\GM3090Fltr.sys
2015-03-07 17:16 - 2015-03-07 17:16 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server
2015-03-07 17:12 - 2015-03-07 17:12 - 36210245 _____ () C:\Users\admin\Desktop\MSIAfterburnerSetup410.zip
2015-03-01 13:34 - 2015-03-01 13:34 - 00286104 _____ () C:\Windows\Minidump\030115-14218-01.dmp
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-27 23:22 - 2014-09-12 18:25 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-27 23:20 - 2014-08-29 17:54 - 00000966 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-27 23:11 - 2014-09-09 20:51 - 00003758 _____ () C:\Windows\System32\Tasks\AutoKMS
2015-03-27 23:09 - 2014-09-09 15:16 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Raptr
2015-03-27 23:06 - 2014-08-29 17:54 - 00000962 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-27 23:05 - 2013-08-22 15:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-27 22:00 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sru
2015-03-27 21:59 - 2014-09-09 15:40 - 00000000 ____D () C:\Users\admin\Desktop\HRY
2015-03-27 21:59 - 2014-08-29 18:20 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Skype
2015-03-27 20:40 - 2013-09-30 05:20 - 01745984 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-27 20:40 - 2013-09-30 04:57 - 00738682 _____ () C:\Windows\system32\perfh005.dat
2015-03-27 20:40 - 2013-09-30 04:57 - 00151404 _____ () C:\Windows\system32\perfc005.dat
2015-03-27 20:17 - 2013-09-30 04:36 - 00000000 ____D () C:\Users\admin
2015-03-27 17:24 - 2013-09-30 04:36 - 01586484 _____ () C:\Windows\WindowsUpdate.log
2015-03-23 06:49 - 2014-08-29 17:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-23 06:49 - 2013-09-29 20:09 - 00015724 _____ () C:\Windows\PFRO.log
2015-03-21 03:29 - 2013-09-30 04:42 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-563994795-3044226750-2151014467-1001
2015-03-21 01:22 - 2014-08-29 17:54 - 00002203 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-03-18 22:32 - 2014-11-01 13:28 - 00000957 _____ () C:\Users\admin\Desktop\a0bf4dbf-8bec-420c-aff0-7eb0b7980f78.dmp
2015-03-17 14:09 - 2014-09-09 15:29 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2015-03-16 06:35 - 2015-01-27 18:59 - 00004832 _____ () C:\Windows\setupact.log
2015-03-15 13:40 - 2014-10-19 09:17 - 00000000 ____D () C:\Users\admin\Documents\OpenTTD
2015-03-15 12:12 - 2014-09-09 15:30 - 00203105 _____ () C:\Windows\DirectX.log
2015-03-14 22:40 - 2014-09-13 17:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hry
2015-03-14 10:55 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-03-13 18:11 - 2014-08-29 18:11 - 00004144 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-03-10 16:02 - 2014-09-12 14:43 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-03-08 21:02 - 2014-09-11 16:38 - 01065984 _____ () C:\Users\admin\AppData\Local\file__0.localstorage
2015-03-08 20:06 - 2014-08-29 17:56 - 00000000 ___RD () C:\Users\admin\Desktop\Programy
2015-03-08 03:53 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-03-07 17:16 - 2014-09-09 15:29 - 00000000 ____D () C:\Windows\SysWOW64\directx
2015-03-01 13:34 - 2014-09-19 00:01 - 00000000 ____D () C:\Windows\Minidump
==================== Files in the root of some directories =======
2014-09-29 16:32 - 2014-09-29 18:46 - 0000034 _____ () C:\Users\admin\AppData\Roaming\AdobeWLCMCache.dat
2014-09-11 16:38 - 2015-03-08 21:02 - 1065984 _____ () C:\Users\admin\AppData\Local\file__0.localstorage
2015-03-27 23:21 - 2015-03-27 23:23 - 0029696 _____ () C:\Users\admin\AppData\Local\MSGBOX.EXE
2014-09-14 08:53 - 2014-10-19 09:49 - 0007597 _____ () C:\Users\admin\AppData\Local\Resmon.ResmonCfg
2014-11-30 18:07 - 2014-11-30 18:07 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Some content of TEMP:
====================
C:\Users\admin\AppData\Local\Temp\SkypeSetup.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-03-24 16:53
==================== End Of Log ============================
-
Rudy
- Site Admin
- Příspěvky: 119677
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Černá obrazovka s myší po startu windows a další problém
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://www.stahuj.centrum.cz/utility_a_ ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve >Scan< a potom na >Clean< (smazat)
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Černá obrazovka s myší po startu windows a další problém
# AdwCleaner v4.112 - Logfile created 28/03/2015 at 11:45:01
# Updated 09/03/2015 by Xplode
# Database : 2015-03-27.1 [Server]
# Operating system : Windows 8.1 Pro (x64)
# Username : admin - PC
# Running from : C:\Users\admin\Desktop\adwcleaner_4.112.exe
# Option : Cleaning
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\Users\admin\AppData\Roaming\WebExtend
***** [ Scheduled tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\464AA55239C100F32AF2D438EDDC0F47
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5652BA3D5FB98AE31B337BF0AF939856
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EB95E1AFCBABE3DB9ECCC669B99494
***** [ Web browsers ] *****
-\\ Internet Explorer v11.0.9600.17037
-\\ Mozilla Firefox v36.0.4 (x86 cs)
-\\ Google Chrome v41.0.2272.101
*************************
AdwCleaner[R0].txt - [1427 bytes] - [28/03/2015 11:37:17]
AdwCleaner[S0].txt - [1273 bytes] - [28/03/2015 11:45:01]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1332 bytes] ##########
# Updated 09/03/2015 by Xplode
# Database : 2015-03-27.1 [Server]
# Operating system : Windows 8.1 Pro (x64)
# Username : admin - PC
# Running from : C:\Users\admin\Desktop\adwcleaner_4.112.exe
# Option : Cleaning
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\Users\admin\AppData\Roaming\WebExtend
***** [ Scheduled tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\464AA55239C100F32AF2D438EDDC0F47
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5652BA3D5FB98AE31B337BF0AF939856
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EB95E1AFCBABE3DB9ECCC669B99494
***** [ Web browsers ] *****
-\\ Internet Explorer v11.0.9600.17037
-\\ Mozilla Firefox v36.0.4 (x86 cs)
-\\ Google Chrome v41.0.2272.101
*************************
AdwCleaner[R0].txt - [1427 bytes] - [28/03/2015 11:37:17]
AdwCleaner[S0].txt - [1273 bytes] - [28/03/2015 11:45:01]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1332 bytes] ##########
-
Rudy
- Site Admin
- Příspěvky: 119677
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Černá obrazovka s myší po startu windows a další problém
Dejte nový log FRST.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Černá obrazovka s myší po startu windows a další problém
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by admin (administrator) on PC on 28-03-2015 13:17:13
Running from C:\Users\admin\Desktop
Loaded Profiles: admin (Available profiles: admin)
Platform: Windows 8.1 Pro (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) D:\Programy\AVAST!\AvastSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(AVAST Software) D:\Programy\AVAST!\avastui.exe
(Advanced Micro Devices Inc.) D:\drivers\AMD\ATI.ACE\Core-Static\MOM.exe
() C:\Program Files (x86)\uRage Reaper 3090 Gaming Mouse\Monitor.EXE
(ATI Technologies Inc.) D:\drivers\AMD\ATI.ACE\Core-Static\CCC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13671792 2014-03-14] (Realtek Semiconductor)
HKLM-x32\...\Run: [AvastUI.exe] => D:\Programy\AVAST!\AvastUI.exe [4085896 2014-08-29] (AVAST Software)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55568 2015-03-25] (Raptr, Inc)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-09-16] (Intel Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\Run: [StartCCC] => D:\drivers\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [uRage Reaper 3090 Gaming Mouse] => C:\Program Files (x86)\uRage Reaper 3090 Gaming Mouse\Monitor.EXE [184320 2013-03-01] ()
HKU\S-1-5-21-563994795-3044226750-2151014467-1001\...\Run: [Steam] => E:\Programy E\Steam\steam.exe [2888896 2015-03-24] (Valve Corporation)
HKU\S-1-5-21-563994795-3044226750-2151014467-1001\...\MountPoints2: {9251c8bc-c736-11e4-82e0-74d43587390d} - "F:\Autorun.exe"
HKU\S-1-5-21-563994795-3044226750-2151014467-1001\...\MountPoints2: {9251c8d8-c736-11e4-82e0-74d43587390d} - "F:\Autorun.exe"
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => D:\Programy\AVAST!\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-563994795-3044226750-2151014467-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> D:\Programy\AVAST!\aswWebRepIE64.dll [2014-08-29] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> D:\Programy\Java\bin\ssv.dll [2014-12-28] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> D:\Programy\AVAST!\aswWebRepIE.dll [2014-08-29] (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> D:\Programy\Java\bin\jp2ssv.dll [2014-12-28] (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\849nkv7k.default
FF DefaultSearchUrl: hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}&
FF SearchEngineOrder.1: Seznam
FF SelectedSearchEngine: Seznam
FF Homepage: https://www.seznam.cz/?clid=22668
FF Keyword.URL: hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}&
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-04] ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-04] ()
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> D:\Programy\Java\bin\dtplugin\npDeployJava1.dll [2014-12-28] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> D:\Programy\Java\bin\plugin2\npjp2.dll [2014-12-28] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)
FF SearchPlugin: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\849nkv7k.default\searchplugins\seznam-avast.xml [2014-12-15]
FF Extension: Adblock Plus - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\849nkv7k.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-11-22]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - D:\Programy\AVAST!\WebRep\FF
FF Extension: avast! Online Security - D:\Programy\AVAST!\WebRep\FF [2014-08-29]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR Profile: C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-08-29]
CHR Extension: (Google Docs) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-29]
CHR Extension: (Google Drive) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-29]
CHR Extension: (YouTube) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-29]
CHR Extension: (Google Search) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-29]
CHR Extension: (Google Sheets) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-08-29]
CHR Extension: (Avast Online Security) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-08-29]
CHR Extension: (Google Wallet) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-29]
CHR Extension: (Gmail) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-29]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - D:\Programy\AVAST!\WebRep\Chrome\aswWebRepChrome.crx [2014-08-29]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; D:\Programy\AVAST!\AvastSvc.exe [50344 2014-08-29] (AVAST Software)
S4 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [324568 2014-06-23] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
S3 Origin Client Service; D:\Programy\Origin\OriginClientService.exe [1910128 2015-02-01] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-02-04] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2013-10-31] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2013-10-31] (Microsoft Corporation)
S3 Futuremark SystemInfo Service; "C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe" [X]
S2 MbnExt; E:\Programy E\Web'n'walk Manager\MbnExt.dll [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-08-29] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-08-29] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-08-29] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-08-29] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-11-22] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-08-29] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-08-29] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-08-29] ()
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [223232 2014-06-21] (Advanced Micro Devices)
S3 DIRECTIO; D:\Programy\PerformanceTest\DirectIo64.sys [31160 2014-04-24] ()
R3 GM3090Fltr; C:\Windows\system32\drivers\GM3090Fltr.sys [10752 2013-03-01] (LXD Development, Inc.)
S3 GPUZ; C:\Windows\TEMP\GPUZ.sys [27008 2014-12-23] ()
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [46136 2014-10-27] (LogMeIn Inc.)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [26528 2014-12-28] (REALiX(tm))
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
S3 RTCore64; D:\Programy\MSI AB\MSI Afterburner\RTCore64.sys [13368 2013-03-11] ()
R3 tapoas; C:\Windows\system32\DRIVERS\tapoas.sys [30720 2012-07-15] (The OpenVPN Project)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2013-10-31] (Microsoft Corporation)
S3 cpuz138; \??\C:\Windows\TEMP\cpuz138\cpuz138_x64.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 ew_hwusbdev; \SystemRoot\system32\DRIVERS\ew_hwusbdev.sys [X]
S3 ew_usbenumfilter; \SystemRoot\System32\drivers\ew_usbenumfilter.sys [X]
S3 huawei_cdcacm; \SystemRoot\system32\DRIVERS\ew_jucdcacm.sys [X]
S3 huawei_enumerator; \SystemRoot\System32\drivers\ew_jubusenum.sys [X]
S3 huawei_ext_ctrl; \SystemRoot\System32\drivers\ew_juextctrl.sys [X]
S3 huawei_wwanecm; \SystemRoot\system32\DRIVERS\ew_juwwanecm.sys [X]
S3 TRIXX; \??\C:\Users\admin\AppData\Local\Temp\TRIXX.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-28 13:17 - 2015-03-28 13:17 - 00016157 _____ () C:\Users\admin\Desktop\FRST.txt
2015-03-28 11:37 - 2015-03-28 11:45 - 00000000 ____D () C:\AdwCleaner
2015-03-28 11:36 - 2015-03-28 11:36 - 02171392 _____ () C:\Users\admin\Desktop\adwcleaner_4.112.exe
2015-03-27 23:26 - 2015-03-28 13:17 - 00000000 ____D () C:\FRST
2015-03-27 23:25 - 2015-03-27 23:25 - 02095616 _____ (Farbar) C:\Users\admin\Desktop\FRST64.exe
2015-03-27 23:21 - 2015-03-27 23:23 - 00029696 _____ () C:\Users\admin\AppData\Local\MSGBOX.EXE
2015-03-22 16:14 - 2015-03-22 16:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-15 15:47 - 2015-03-15 15:47 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ew_jucdcacm_01007.Wdf
2015-03-15 15:47 - 2015-03-15 15:47 - 00000000 ____D () C:\Program Files (x86)\Huawei
2015-03-15 15:47 - 2011-08-16 15:40 - 01490656 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01007.dll
2015-03-15 15:47 - 2011-08-16 15:40 - 01490656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfCoInstaller01007.dll
2015-03-15 13:41 - 2015-03-15 13:43 - 00000000 ____D () C:\Users\admin\Documents\InfiniteCrisis
2015-03-15 13:40 - 2015-03-15 13:41 - 00000000 ____D () C:\Users\admin\AppData\Local\InfiniteCrisis
2015-03-15 12:14 - 2015-03-15 12:14 - 00000000 ____D () C:\Users\admin\AppData\Local\Turbine
2015-03-15 12:11 - 2015-03-15 12:11 - 00000712 _____ () C:\Users\Public\Desktop\InfiniteCrisis.lnk
2015-03-15 12:11 - 2015-03-15 12:11 - 00000000 ____D () C:\ProgramData\Turbine
2015-03-15 12:11 - 2015-03-15 12:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Infinite Crisis
2015-03-14 23:14 - 2015-03-14 23:18 - 00000000 ____D () C:\Users\admin\Documents\FIFA 15
2015-03-14 22:40 - 2015-03-14 22:40 - 00000802 _____ () C:\Users\Public\Desktop\FIFA 15.lnk
2015-03-10 16:02 - 2015-03-10 16:02 - 00005482 _____ () C:\Windows\DPINST.LOG
2015-03-10 16:02 - 2015-03-10 16:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\uRage Reaper 3090 Gaming Mouse
2015-03-10 16:02 - 2015-03-10 16:02 - 00000000 ____D () C:\Program Files (x86)\uRage Reaper 3090 Gaming Mouse
2015-03-10 16:02 - 2013-03-01 09:34 - 00010752 _____ (LXD Development, Inc.) C:\Windows\system32\Drivers\GM3090Fltr.sys
2015-03-08 17:21 - 2015-03-18 22:31 - 00000008 _____ () C:\Users\admin\Desktop\RIP.txt
2015-03-07 17:16 - 2015-03-07 17:16 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server
2015-03-01 13:34 - 2015-03-01 13:34 - 00286104 _____ () C:\Windows\Minidump\030115-14218-01.dmp
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-28 12:59 - 2014-09-09 15:40 - 00000000 ____D () C:\Users\admin\Desktop\HRY
2015-03-28 12:22 - 2014-09-12 18:25 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-28 12:20 - 2014-08-29 17:54 - 00000966 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-28 12:05 - 2013-09-30 04:36 - 01610229 _____ () C:\Windows\WindowsUpdate.log
2015-03-28 12:03 - 2013-09-30 04:42 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-563994795-3044226750-2151014467-1001
2015-03-28 12:00 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sru
2015-03-28 11:54 - 2014-09-09 20:51 - 00003758 _____ () C:\Windows\System32\Tasks\AutoKMS
2015-03-28 11:51 - 2014-09-09 15:16 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Raptr
2015-03-28 11:51 - 2014-09-09 15:16 - 00000000 ____D () C:\Program Files (x86)\Raptr
2015-03-28 11:46 - 2014-08-29 17:54 - 00000962 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-28 11:46 - 2013-08-22 15:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-27 23:44 - 2014-09-29 16:30 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-03-27 23:44 - 2013-09-30 04:36 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Adobe
2015-03-27 21:59 - 2014-08-29 18:20 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Skype
2015-03-27 20:40 - 2013-09-30 05:20 - 01745984 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-27 20:40 - 2013-09-30 04:57 - 00738682 _____ () C:\Windows\system32\perfh005.dat
2015-03-27 20:40 - 2013-09-30 04:57 - 00151404 _____ () C:\Windows\system32\perfc005.dat
2015-03-27 20:17 - 2013-09-30 04:36 - 00000000 ____D () C:\Users\admin
2015-03-23 06:49 - 2014-08-29 17:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-23 06:49 - 2013-09-29 20:09 - 00015724 _____ () C:\Windows\PFRO.log
2015-03-21 01:22 - 2014-08-29 17:54 - 00002203 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-03-18 22:32 - 2014-11-01 13:28 - 00000957 _____ () C:\Users\admin\Desktop\a0bf4dbf-8bec-420c-aff0-7eb0b7980f78.dmp
2015-03-17 14:09 - 2014-09-09 15:29 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2015-03-16 06:35 - 2015-01-27 18:59 - 00004832 _____ () C:\Windows\setupact.log
2015-03-15 13:40 - 2014-10-19 09:17 - 00000000 ____D () C:\Users\admin\Documents\OpenTTD
2015-03-15 12:12 - 2014-09-09 15:30 - 00203105 _____ () C:\Windows\DirectX.log
2015-03-14 22:40 - 2014-09-13 17:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hry
2015-03-14 10:55 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-03-13 18:11 - 2014-08-29 18:11 - 00004144 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-03-10 16:02 - 2014-09-12 14:43 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-03-08 21:02 - 2014-09-11 16:38 - 01065984 _____ () C:\Users\admin\AppData\Local\file__0.localstorage
2015-03-08 20:06 - 2014-08-29 17:56 - 00000000 ___RD () C:\Users\admin\Desktop\Programy
2015-03-08 03:53 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-03-07 17:16 - 2014-09-09 15:29 - 00000000 ____D () C:\Windows\SysWOW64\directx
2015-03-01 13:34 - 2014-09-19 00:01 - 00000000 ____D () C:\Windows\Minidump
==================== Files in the root of some directories =======
2014-09-29 16:32 - 2014-09-29 18:46 - 0000034 _____ () C:\Users\admin\AppData\Roaming\AdobeWLCMCache.dat
2014-09-11 16:38 - 2015-03-08 21:02 - 1065984 _____ () C:\Users\admin\AppData\Local\file__0.localstorage
2015-03-27 23:21 - 2015-03-27 23:23 - 0029696 _____ () C:\Users\admin\AppData\Local\MSGBOX.EXE
2014-09-14 08:53 - 2014-10-19 09:49 - 0007597 _____ () C:\Users\admin\AppData\Local\Resmon.ResmonCfg
2014-11-30 18:07 - 2014-11-30 18:07 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Some content of TEMP:
====================
C:\Users\admin\AppData\Local\Temp\Quarantine.exe
C:\Users\admin\AppData\Local\Temp\SkypeSetup.exe
C:\Users\admin\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-03-24 16:53
==================== End Of Log ============================
Ran by admin (administrator) on PC on 28-03-2015 13:17:13
Running from C:\Users\admin\Desktop
Loaded Profiles: admin (Available profiles: admin)
Platform: Windows 8.1 Pro (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) D:\Programy\AVAST!\AvastSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(AVAST Software) D:\Programy\AVAST!\avastui.exe
(Advanced Micro Devices Inc.) D:\drivers\AMD\ATI.ACE\Core-Static\MOM.exe
() C:\Program Files (x86)\uRage Reaper 3090 Gaming Mouse\Monitor.EXE
(ATI Technologies Inc.) D:\drivers\AMD\ATI.ACE\Core-Static\CCC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13671792 2014-03-14] (Realtek Semiconductor)
HKLM-x32\...\Run: [AvastUI.exe] => D:\Programy\AVAST!\AvastUI.exe [4085896 2014-08-29] (AVAST Software)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55568 2015-03-25] (Raptr, Inc)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-09-16] (Intel Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\Run: [StartCCC] => D:\drivers\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [uRage Reaper 3090 Gaming Mouse] => C:\Program Files (x86)\uRage Reaper 3090 Gaming Mouse\Monitor.EXE [184320 2013-03-01] ()
HKU\S-1-5-21-563994795-3044226750-2151014467-1001\...\Run: [Steam] => E:\Programy E\Steam\steam.exe [2888896 2015-03-24] (Valve Corporation)
HKU\S-1-5-21-563994795-3044226750-2151014467-1001\...\MountPoints2: {9251c8bc-c736-11e4-82e0-74d43587390d} - "F:\Autorun.exe"
HKU\S-1-5-21-563994795-3044226750-2151014467-1001\...\MountPoints2: {9251c8d8-c736-11e4-82e0-74d43587390d} - "F:\Autorun.exe"
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => D:\Programy\AVAST!\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-563994795-3044226750-2151014467-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> D:\Programy\AVAST!\aswWebRepIE64.dll [2014-08-29] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> D:\Programy\Java\bin\ssv.dll [2014-12-28] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> D:\Programy\AVAST!\aswWebRepIE.dll [2014-08-29] (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> D:\Programy\Java\bin\jp2ssv.dll [2014-12-28] (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\849nkv7k.default
FF DefaultSearchUrl: hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}&
FF SearchEngineOrder.1: Seznam
FF SelectedSearchEngine: Seznam
FF Homepage: https://www.seznam.cz/?clid=22668
FF Keyword.URL: hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}&
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-04] ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-04] ()
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> D:\Programy\Java\bin\dtplugin\npDeployJava1.dll [2014-12-28] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> D:\Programy\Java\bin\plugin2\npjp2.dll [2014-12-28] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)
FF SearchPlugin: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\849nkv7k.default\searchplugins\seznam-avast.xml [2014-12-15]
FF Extension: Adblock Plus - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\849nkv7k.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-11-22]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - D:\Programy\AVAST!\WebRep\FF
FF Extension: avast! Online Security - D:\Programy\AVAST!\WebRep\FF [2014-08-29]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR Profile: C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-08-29]
CHR Extension: (Google Docs) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-29]
CHR Extension: (Google Drive) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-29]
CHR Extension: (YouTube) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-29]
CHR Extension: (Google Search) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-29]
CHR Extension: (Google Sheets) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-08-29]
CHR Extension: (Avast Online Security) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-08-29]
CHR Extension: (Google Wallet) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-29]
CHR Extension: (Gmail) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-29]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - D:\Programy\AVAST!\WebRep\Chrome\aswWebRepChrome.crx [2014-08-29]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; D:\Programy\AVAST!\AvastSvc.exe [50344 2014-08-29] (AVAST Software)
S4 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [324568 2014-06-23] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
S3 Origin Client Service; D:\Programy\Origin\OriginClientService.exe [1910128 2015-02-01] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-02-04] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2013-10-31] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2013-10-31] (Microsoft Corporation)
S3 Futuremark SystemInfo Service; "C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe" [X]
S2 MbnExt; E:\Programy E\Web'n'walk Manager\MbnExt.dll [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-08-29] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-08-29] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-08-29] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-08-29] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-11-22] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-08-29] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-08-29] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-08-29] ()
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [223232 2014-06-21] (Advanced Micro Devices)
S3 DIRECTIO; D:\Programy\PerformanceTest\DirectIo64.sys [31160 2014-04-24] ()
R3 GM3090Fltr; C:\Windows\system32\drivers\GM3090Fltr.sys [10752 2013-03-01] (LXD Development, Inc.)
S3 GPUZ; C:\Windows\TEMP\GPUZ.sys [27008 2014-12-23] ()
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [46136 2014-10-27] (LogMeIn Inc.)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [26528 2014-12-28] (REALiX(tm))
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
S3 RTCore64; D:\Programy\MSI AB\MSI Afterburner\RTCore64.sys [13368 2013-03-11] ()
R3 tapoas; C:\Windows\system32\DRIVERS\tapoas.sys [30720 2012-07-15] (The OpenVPN Project)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2013-10-31] (Microsoft Corporation)
S3 cpuz138; \??\C:\Windows\TEMP\cpuz138\cpuz138_x64.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 ew_hwusbdev; \SystemRoot\system32\DRIVERS\ew_hwusbdev.sys [X]
S3 ew_usbenumfilter; \SystemRoot\System32\drivers\ew_usbenumfilter.sys [X]
S3 huawei_cdcacm; \SystemRoot\system32\DRIVERS\ew_jucdcacm.sys [X]
S3 huawei_enumerator; \SystemRoot\System32\drivers\ew_jubusenum.sys [X]
S3 huawei_ext_ctrl; \SystemRoot\System32\drivers\ew_juextctrl.sys [X]
S3 huawei_wwanecm; \SystemRoot\system32\DRIVERS\ew_juwwanecm.sys [X]
S3 TRIXX; \??\C:\Users\admin\AppData\Local\Temp\TRIXX.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-28 13:17 - 2015-03-28 13:17 - 00016157 _____ () C:\Users\admin\Desktop\FRST.txt
2015-03-28 11:37 - 2015-03-28 11:45 - 00000000 ____D () C:\AdwCleaner
2015-03-28 11:36 - 2015-03-28 11:36 - 02171392 _____ () C:\Users\admin\Desktop\adwcleaner_4.112.exe
2015-03-27 23:26 - 2015-03-28 13:17 - 00000000 ____D () C:\FRST
2015-03-27 23:25 - 2015-03-27 23:25 - 02095616 _____ (Farbar) C:\Users\admin\Desktop\FRST64.exe
2015-03-27 23:21 - 2015-03-27 23:23 - 00029696 _____ () C:\Users\admin\AppData\Local\MSGBOX.EXE
2015-03-22 16:14 - 2015-03-22 16:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-15 15:47 - 2015-03-15 15:47 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ew_jucdcacm_01007.Wdf
2015-03-15 15:47 - 2015-03-15 15:47 - 00000000 ____D () C:\Program Files (x86)\Huawei
2015-03-15 15:47 - 2011-08-16 15:40 - 01490656 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01007.dll
2015-03-15 15:47 - 2011-08-16 15:40 - 01490656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfCoInstaller01007.dll
2015-03-15 13:41 - 2015-03-15 13:43 - 00000000 ____D () C:\Users\admin\Documents\InfiniteCrisis
2015-03-15 13:40 - 2015-03-15 13:41 - 00000000 ____D () C:\Users\admin\AppData\Local\InfiniteCrisis
2015-03-15 12:14 - 2015-03-15 12:14 - 00000000 ____D () C:\Users\admin\AppData\Local\Turbine
2015-03-15 12:11 - 2015-03-15 12:11 - 00000712 _____ () C:\Users\Public\Desktop\InfiniteCrisis.lnk
2015-03-15 12:11 - 2015-03-15 12:11 - 00000000 ____D () C:\ProgramData\Turbine
2015-03-15 12:11 - 2015-03-15 12:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Infinite Crisis
2015-03-14 23:14 - 2015-03-14 23:18 - 00000000 ____D () C:\Users\admin\Documents\FIFA 15
2015-03-14 22:40 - 2015-03-14 22:40 - 00000802 _____ () C:\Users\Public\Desktop\FIFA 15.lnk
2015-03-10 16:02 - 2015-03-10 16:02 - 00005482 _____ () C:\Windows\DPINST.LOG
2015-03-10 16:02 - 2015-03-10 16:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\uRage Reaper 3090 Gaming Mouse
2015-03-10 16:02 - 2015-03-10 16:02 - 00000000 ____D () C:\Program Files (x86)\uRage Reaper 3090 Gaming Mouse
2015-03-10 16:02 - 2013-03-01 09:34 - 00010752 _____ (LXD Development, Inc.) C:\Windows\system32\Drivers\GM3090Fltr.sys
2015-03-08 17:21 - 2015-03-18 22:31 - 00000008 _____ () C:\Users\admin\Desktop\RIP.txt
2015-03-07 17:16 - 2015-03-07 17:16 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server
2015-03-01 13:34 - 2015-03-01 13:34 - 00286104 _____ () C:\Windows\Minidump\030115-14218-01.dmp
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-28 12:59 - 2014-09-09 15:40 - 00000000 ____D () C:\Users\admin\Desktop\HRY
2015-03-28 12:22 - 2014-09-12 18:25 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-28 12:20 - 2014-08-29 17:54 - 00000966 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-28 12:05 - 2013-09-30 04:36 - 01610229 _____ () C:\Windows\WindowsUpdate.log
2015-03-28 12:03 - 2013-09-30 04:42 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-563994795-3044226750-2151014467-1001
2015-03-28 12:00 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sru
2015-03-28 11:54 - 2014-09-09 20:51 - 00003758 _____ () C:\Windows\System32\Tasks\AutoKMS
2015-03-28 11:51 - 2014-09-09 15:16 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Raptr
2015-03-28 11:51 - 2014-09-09 15:16 - 00000000 ____D () C:\Program Files (x86)\Raptr
2015-03-28 11:46 - 2014-08-29 17:54 - 00000962 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-28 11:46 - 2013-08-22 15:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-27 23:44 - 2014-09-29 16:30 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-03-27 23:44 - 2013-09-30 04:36 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Adobe
2015-03-27 21:59 - 2014-08-29 18:20 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Skype
2015-03-27 20:40 - 2013-09-30 05:20 - 01745984 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-27 20:40 - 2013-09-30 04:57 - 00738682 _____ () C:\Windows\system32\perfh005.dat
2015-03-27 20:40 - 2013-09-30 04:57 - 00151404 _____ () C:\Windows\system32\perfc005.dat
2015-03-27 20:17 - 2013-09-30 04:36 - 00000000 ____D () C:\Users\admin
2015-03-23 06:49 - 2014-08-29 17:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-23 06:49 - 2013-09-29 20:09 - 00015724 _____ () C:\Windows\PFRO.log
2015-03-21 01:22 - 2014-08-29 17:54 - 00002203 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-03-18 22:32 - 2014-11-01 13:28 - 00000957 _____ () C:\Users\admin\Desktop\a0bf4dbf-8bec-420c-aff0-7eb0b7980f78.dmp
2015-03-17 14:09 - 2014-09-09 15:29 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2015-03-16 06:35 - 2015-01-27 18:59 - 00004832 _____ () C:\Windows\setupact.log
2015-03-15 13:40 - 2014-10-19 09:17 - 00000000 ____D () C:\Users\admin\Documents\OpenTTD
2015-03-15 12:12 - 2014-09-09 15:30 - 00203105 _____ () C:\Windows\DirectX.log
2015-03-14 22:40 - 2014-09-13 17:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hry
2015-03-14 10:55 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-03-13 18:11 - 2014-08-29 18:11 - 00004144 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-03-10 16:02 - 2014-09-12 14:43 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-03-08 21:02 - 2014-09-11 16:38 - 01065984 _____ () C:\Users\admin\AppData\Local\file__0.localstorage
2015-03-08 20:06 - 2014-08-29 17:56 - 00000000 ___RD () C:\Users\admin\Desktop\Programy
2015-03-08 03:53 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-03-07 17:16 - 2014-09-09 15:29 - 00000000 ____D () C:\Windows\SysWOW64\directx
2015-03-01 13:34 - 2014-09-19 00:01 - 00000000 ____D () C:\Windows\Minidump
==================== Files in the root of some directories =======
2014-09-29 16:32 - 2014-09-29 18:46 - 0000034 _____ () C:\Users\admin\AppData\Roaming\AdobeWLCMCache.dat
2014-09-11 16:38 - 2015-03-08 21:02 - 1065984 _____ () C:\Users\admin\AppData\Local\file__0.localstorage
2015-03-27 23:21 - 2015-03-27 23:23 - 0029696 _____ () C:\Users\admin\AppData\Local\MSGBOX.EXE
2014-09-14 08:53 - 2014-10-19 09:49 - 0007597 _____ () C:\Users\admin\AppData\Local\Resmon.ResmonCfg
2014-11-30 18:07 - 2014-11-30 18:07 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Some content of TEMP:
====================
C:\Users\admin\AppData\Local\Temp\Quarantine.exe
C:\Users\admin\AppData\Local\Temp\SkypeSetup.exe
C:\Users\admin\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-03-24 16:53
==================== End Of Log ============================
-
Rudy
- Site Admin
- Příspěvky: 119677
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Černá obrazovka s myší po startu windows a další problém
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKU\S-1-5-21-563994795-3044226750-2151014467-1001\...\MountPoints2: {9251c8bc-c736-11e4-82e0-74d43587390d} - "F:\Autorun.exe"
HKU\S-1-5-21-563994795-3044226750-2151014467-1001\...\MountPoints2: {9251c8d8-c736-11e4-82e0-74d43587390d} - "F:\Autorun.exe"
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
S3 TRIXX; \??\C:\Users\admin\AppData\Local\Temp\TRIXX.sys [X]
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\System32\Tasks\AutoKMS
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\ProgramData\DP45977C.lfl
C:\Users\admin\AppData\Local\Temp
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Černá obrazovka s myší po startu windows a další problém
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-03-2015
Ran by admin at 2015-03-28 19:55:11 Run:1
Running from C:\Users\admin\Desktop
Loaded Profiles: admin (Available profiles: admin)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKU\S-1-5-21-563994795-3044226750-2151014467-1001\...\MountPoints2: {9251c8bc-c736-11e4-82e0-74d43587390d} - "F:\Autorun.exe"
HKU\S-1-5-21-563994795-3044226750-2151014467-1001\...\MountPoints2: {9251c8d8-c736-11e4-82e0-74d43587390d} - "F:\Autorun.exe"
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
S3 TRIXX; \??\C:\Users\admin\AppData\Local\Temp\TRIXX.sys [X]
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\System32\Tasks\AutoKMS
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\ProgramData\DP45977C.lfl
C:\Users\admin\AppData\Local\Temp
End
*****************
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value deleted successfully.
"HKU\S-1-5-21-563994795-3044226750-2151014467-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9251c8bc-c736-11e4-82e0-74d43587390d}" => Key deleted successfully.
HKCR\CLSID\{9251c8bc-c736-11e4-82e0-74d43587390d} => Key not found.
"HKU\S-1-5-21-563994795-3044226750-2151014467-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9251c8d8-c736-11e4-82e0-74d43587390d}" => Key deleted successfully.
HKCR\CLSID\{9251c8d8-c736-11e4-82e0-74d43587390d} => Key not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin" => Key deleted successfully.
TRIXX => Service deleted successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\System32\Tasks\AutoKMS => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\ProgramData\DP45977C.lfl => Moved successfully.
C:\Users\admin\AppData\Local\Temp => Moved successfully.
==== End of Fixlog 19:55:12 ====
Ran by admin at 2015-03-28 19:55:11 Run:1
Running from C:\Users\admin\Desktop
Loaded Profiles: admin (Available profiles: admin)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKU\S-1-5-21-563994795-3044226750-2151014467-1001\...\MountPoints2: {9251c8bc-c736-11e4-82e0-74d43587390d} - "F:\Autorun.exe"
HKU\S-1-5-21-563994795-3044226750-2151014467-1001\...\MountPoints2: {9251c8d8-c736-11e4-82e0-74d43587390d} - "F:\Autorun.exe"
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
S3 TRIXX; \??\C:\Users\admin\AppData\Local\Temp\TRIXX.sys [X]
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\System32\Tasks\AutoKMS
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\ProgramData\DP45977C.lfl
C:\Users\admin\AppData\Local\Temp
End
*****************
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value deleted successfully.
"HKU\S-1-5-21-563994795-3044226750-2151014467-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9251c8bc-c736-11e4-82e0-74d43587390d}" => Key deleted successfully.
HKCR\CLSID\{9251c8bc-c736-11e4-82e0-74d43587390d} => Key not found.
"HKU\S-1-5-21-563994795-3044226750-2151014467-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9251c8d8-c736-11e4-82e0-74d43587390d}" => Key deleted successfully.
HKCR\CLSID\{9251c8d8-c736-11e4-82e0-74d43587390d} => Key not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin" => Key deleted successfully.
TRIXX => Service deleted successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\System32\Tasks\AutoKMS => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\ProgramData\DP45977C.lfl => Moved successfully.
C:\Users\admin\AppData\Local\Temp => Moved successfully.
==== End of Fixlog 19:55:12 ====
-
Rudy
- Site Admin
- Příspěvky: 119677
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Černá obrazovka s myší po startu windows a další problém
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Černá obrazovka s myší po startu windows a další problém
PRoblikávání obrazu po stisknutí klávesy na ploše přestalo, u opakovaného bootovaní uvidím, ale přišlo mi, že při pokusném restartu po naběhnutí systému se dalo mnohem dřív něco dělat, HDD po startu chroustal kratší dobu než obykle. Děkuju za ochotu, zkusím teď ještě jeden restart.
-
Rudy
- Site Admin
- Příspěvky: 119677
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Černá obrazovka s myší po startu windows a další problém
OK. Zatím není zač! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Černá obrazovka s myší po startu windows a další problém
Tak zatím dobrý, naběhlo to na poprvé a načernou obrazovku s myší jsem se taky nedostal. Takže ještě jednou děkuju za pomoc, pokud se to znovu objeví napíšu.
Takže ještě jednou děkuju za pomoc, pokud se to znovu objeví napíšu. -
Rudy
- Site Admin
- Příspěvky: 119677
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Černá obrazovka s myší po startu windows a další problém
Rádo se stalo!
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?