VIRY.CZ

Zdravim, dneska jsem zjistil že mam navíc pár procesů... winnet32b, winnet64b, innet32upd, conhost32 a conhost64. Ten conhost vytěžuje cpu na 100%. Zkusil jsem vypnout ten conhost v msconfig a ikdyž ho odškrtnu tak se zase zaškrtne sám. Zajímavý je, že když zapnu správce úloh, tak vytíženost cpu spadne na těch 15-20% ikdyž i to je dost na ploše. jak task manager vypnu okamžitě to skočí na 100%

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-05-2015 01
Ran by ecKo (administrator) on ECKO-PC on 23-05-2015 22:08:51
Running from C:\Users\ecKo\Desktop
Loaded Profiles: ecKo (Available Profiles: ecKo)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Locktime Software) D:\Programy\NetLimiter\nlsvc.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Locktime Software) D:\Programy\NetLimiter\NLClientApp.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
() C:\Users\ecKo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost32.exe
() C:\Users\ecKo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost64.exe
(Xfire Inc.) C:\Program Files (x86)\Xfire\Xfire.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
() C:\Program Files (x86)\Xfire\xfire64.exe
(A-Volute) C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(ATI Technologies Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPOP3.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
() C:\Program Files (x86)\Xfire\xfire64.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
() C:\Users\ecKo\AppData\Roaming\Microsoft\Networking\inet32upd.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Users\ecKo\AppData\Roaming\Microsoft\Networking\winnet32b.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\ecKo\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [12697368 2014-10-14] (Logitech Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [590144 2015-04-22] (Razer Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-03-31] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKU\S-1-5-21-1822048718-2469099859-4013832478-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2888384 2015-05-15] (Valve Corporation)
HKU\S-1-5-21-1822048718-2469099859-4013832478-1000\...\Run: [NetLimiter] => D:\Programy\NetLimiter\NLClientApp.exe [2915968 2013-10-10] (Locktime Software)
HKU\S-1-5-21-1822048718-2469099859-4013832478-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-1822048718-2469099859-4013832478-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [5583120 2015-02-27] (Disc Soft Ltd)
HKU\S-1-5-21-1822048718-2469099859-4013832478-1000\...\MountPoints2: {16006c34-fedc-11e4-aab4-6c626d41e49d} - E:\setup.exe
Startup: C:\Users\ecKo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost32.exe [2015-05-21] ()
Startup: C:\Users\ecKo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost64.exe [2015-05-21] ()
Startup: C:\Users\ecKo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk [2015-01-24]
ShortcutTarget: Xfire.lnk -> C:\Program Files (x86)\Xfire\Xfire.exe (Xfire Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1822048718-2469099859-4013832478-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://b2c.generali.cz/
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.20

FireFox:
========
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-29] (Adobe Systems)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-29] (Adobe Systems)

Chrome:
=======
CHR Profile: C:\Users\ecKo\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\ecKo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-24]
CHR Extension: (Google Docs) - C:\Users\ecKo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-24]
CHR Extension: (Google Drive) - C:\Users\ecKo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-24]
CHR Extension: (YouTube) - C:\Users\ecKo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-24]
CHR Extension: (Google Search) - C:\Users\ecKo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-24]
CHR Extension: (Google Sheets) - C:\Users\ecKo\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-24]
CHR Extension: (LoungeDestroyer) - C:\Users\ecKo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghahcnmfjfckcedfajbhekgknjdplfcl [2015-01-24]
CHR Extension: (AdBlock) - C:\Users\ecKo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-01-24]
CHR Extension: (Bookmark Manager) - C:\Users\ecKo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-16]
CHR Extension: (Google Wallet) - C:\Users\ecKo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-24]
CHR Extension: (Facebook Message Seen Notification Remover) - C:\Users\ecKo\AppData\Local\Google\Chrome\User Data\Default\Extensions\piohdenkodpbcigpkmicjapilbfjioil [2015-01-24]
CHR Extension: (Gmail) - C:\Users\ecKo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-24]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1272592 2015-02-27] (Disc Soft Ltd)
R2 nlsvc; D:\Programy\NetLimiter\nlsvc.exe [1851008 2013-10-10] (Locktime Software)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187072 2015-02-05] ()
R2 RzSurroundVADStreamingService; C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe [4250624 2015-02-03] (A-Volute) []
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5448976 2015-04-17] (TeamViewer GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [62152 2014-10-28] (Advanced Micro Devices, Inc.)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30352 2015-05-20] (Disc Soft Ltd)
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R3 LGSUsbFilt; C:\Windows\System32\DRIVERS\LGSUsbFilt.Sys [41752 2013-05-30] (Logitech Inc.)
R1 nltdi; D:\Programy\NetLimiter\nltdi.sys [87472 2013-06-12] (Locktime Software)
S3 RZMAELSTROMVADService; C:\Windows\System32\drivers\RzMaelstromVAD.sys [32768 2014-06-09] (Windows (R) Win 7 DDK provider)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-02-05] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [129600 2014-12-10] (Razer, Inc.)
R3 RZSURROUNDVADService; C:\Windows\System32\drivers\RzSurroundVAD.sys [40640 2015-02-09] (Windows (R) Win 7 DDK provider)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-23 22:08 - 2015-05-23 22:09 - 00011773 _____ () C:\Users\ecKo\Desktop\FRST.txt
2015-05-23 22:07 - 2015-05-23 22:06 - 00112640 _____ (forum.viry.cz) C:\Users\ecKo\Desktop\FRSTLauncher.exe
2015-05-23 22:07 - 2015-05-23 22:05 - 02108416 _____ (Farbar) C:\Users\ecKo\Desktop\FRST64.exe
2015-05-23 22:06 - 2015-05-23 22:08 - 00000000 ____D () C:\FRST
2015-05-23 16:43 - 2015-05-23 16:43 - 11629359 _____ () C:\Users\ecKo\Desktop\1.mp4
2015-05-23 16:42 - 2015-05-23 16:42 - 00863331 _____ () C:\Users\ecKo\Desktop\1_preview.mp4
2015-05-23 16:39 - 2015-05-23 16:36 - 149080676 ____N () C:\Users\ecKo\Desktop\WP_20150523_010.mp4
2015-05-23 16:13 - 2015-05-23 16:13 - 00000000 ____D () C:\Program Files (x86)\ESET
2015-05-21 20:13 - 2015-05-21 20:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2015-05-21 20:08 - 2015-05-21 21:37 - 00000000 ____D () C:\Program Files (x86)\MSI Afterburner
2015-05-21 20:04 - 2015-05-21 20:05 - 00000000 ____D () C:\Users\ecKo\MSI Afterburner
2015-05-21 20:04 - 2015-05-21 20:04 - 00000000 ____D () C:\Users\ecKo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2015-05-21 19:52 - 2015-05-21 19:52 - 00000000 ____D () C:\Users\ecKo\AppData\Local\Micro-Star_Int'l_Co.,_Ltd
2015-05-21 18:40 - 2015-05-21 18:51 - 00000000 ____D () C:\Users\ecKo\Documents\The Witcher 3
2015-05-21 15:00 - 2015-05-21 18:40 - 00000000 ____D () C:\Windows\SysWOW64\directx
2015-05-21 15:00 - 2015-05-21 15:00 - 00000944 _____ () C:\Users\ecKo\Desktop\The Witcher 3 Wild Hunt.lnk
2015-05-20 20:28 - 2015-05-20 20:28 - 00000000 ____D () C:\ProgramData\Socialclub
2015-05-20 19:53 - 2015-05-20 19:53 - 00000517 _____ () C:\Users\Public\Desktop\Grand Theft Auto V.lnk
2015-05-20 19:53 - 2015-05-20 19:53 - 00000517 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Grand Theft Auto V.lnk
2015-05-20 19:53 - 2015-05-20 19:53 - 00000000 ____D () C:\Program Files (x86)\Disc Soft
2015-05-20 19:52 - 2015-05-20 19:53 - 00000000 ____D () C:\Users\ecKo\AppData\Roaming\DAEMON Tools Lite
2015-05-20 19:52 - 2015-05-20 19:53 - 00000000 ____D () C:\Program Files\DAEMON Tools Lite
2015-05-20 19:52 - 2015-05-20 19:52 - 00030352 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtlitescsibus.sys
2015-05-20 19:52 - 2015-05-20 19:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2015-05-20 19:51 - 2015-05-20 19:52 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2015-05-09 10:33 - 2015-05-23 16:43 - 00000000 ____D () C:\Users\ecKo\AppData\Roaming\HandBrake
2015-05-09 10:33 - 2015-05-09 10:33 - 00000000 ____D () C:\Users\ecKo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Handbrake
2015-05-09 10:33 - 2015-05-09 10:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Handbrake
2015-05-08 18:07 - 2015-05-08 18:19 - 00000000 ____D () C:\Users\ecKo\Documents\Project CARS
2015-05-08 18:07 - 2015-05-08 18:07 - 00000000 ____D () C:\Users\ecKo\Documents\wmd_symbol_cache
2015-05-08 17:59 - 2015-05-08 17:59 - 00000465 _____ () C:\Users\Public\Desktop\Project CARS.lnk
2015-05-03 10:06 - 2015-05-03 10:06 - 00000000 ____D () C:\Users\ecKo\AppData\Roaming\Publish Providers
2015-05-03 10:03 - 2015-05-03 10:03 - 00000000 ____D () C:\ProgramData\Sony
2015-05-03 10:03 - 2015-05-03 10:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2015-05-03 10:03 - 2015-05-03 10:03 - 00000000 ____D () C:\Program Files (x86)\Sony
2015-05-03 10:02 - 2015-05-03 10:02 - 00000000 ____D () C:\Windows\system32\appmgmt
2015-05-03 09:45 - 2015-05-03 09:45 - 00000000 ____D () C:\Users\ecKo\AppData\Local\Sony
2015-05-03 09:43 - 2015-05-03 10:06 - 00000000 ____D () C:\Users\ecKo\AppData\Roaming\Sony

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-23 21:57 - 2009-07-14 06:45 - 00021072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-23 21:57 - 2009-07-14 06:45 - 00021072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-23 21:55 - 2010-11-21 11:27 - 00667188 _____ () C:\Windows\system32\perfh005.dat
2015-05-23 21:55 - 2010-11-21 11:27 - 00140366 _____ () C:\Windows\system32\perfc005.dat
2015-05-23 21:55 - 2009-07-14 07:13 - 01579166 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-23 21:52 - 2015-01-24 13:23 - 00423316 _____ () C:\Windows\WindowsUpdate.log
2015-05-23 21:50 - 2015-01-24 13:34 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-05-23 21:49 - 2015-01-27 17:47 - 00009603 _____ () C:\Windows\setupact.log
2015-05-23 21:49 - 2015-01-24 13:29 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-23 21:49 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-23 16:56 - 2015-01-24 13:40 - 00000000 ____D () C:\Users\ecKo\AppData\Roaming\TS3Client
2015-05-23 16:56 - 2015-01-24 13:30 - 00000000 ____D () C:\Users\ecKo\AppData\Roaming\Xfire
2015-05-23 16:45 - 2015-01-24 13:29 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-23 14:25 - 2015-01-28 21:59 - 00000000 ____D () C:\Users\ecKo\AppData\Local\Adobe
2015-05-22 18:07 - 2015-02-23 19:22 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2015-05-21 20:04 - 2015-01-24 13:21 - 00000000 ____D () C:\Users\ecKo
2015-05-21 14:19 - 2015-01-27 17:46 - 00003664 _____ () C:\Windows\PFRO.log
2015-05-20 20:28 - 2015-01-29 19:58 - 00071820 _____ () C:\Windows\DirectX.log
2015-05-20 20:27 - 2015-04-19 00:09 - 00000000 ____D () C:\Program Files\Rockstar Games
2015-05-20 20:27 - 2015-04-19 00:09 - 00000000 ____D () C:\Program Files (x86)\Rockstar Games
2015-05-17 21:40 - 2015-01-24 13:29 - 00003948 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-17 21:40 - 2015-01-24 13:29 - 00003696 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-14 13:14 - 2015-01-28 22:01 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-05-11 10:32 - 2009-07-14 06:45 - 00297160 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-10 11:10 - 2015-01-24 13:29 - 00059048 _____ () C:\Users\ecKo\AppData\Local\GDIPFONTCACHEV1.DAT
2015-04-27 00:38 - 2015-01-24 13:59 - 00000000 ____D () C:\Users\ecKo\AppData\Local\Battle.net
2015-04-26 11:50 - 2015-04-10 17:11 - 00000000 ____D () C:\Users\ecKo\Documents\Rockstar Games
2015-04-26 11:03 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF

==================== Files in the root of some directories =======

2015-01-25 20:11 - 2015-01-25 20:11 - 0007592 _____ () C:\Users\ecKo\AppData\Local\Resmon.ResmonCfg

Some files in TEMP:
====================
C:\Users\ecKo\AppData\Local\Temp\AdobeApplicationManager.exe
C:\Users\ecKo\AppData\Local\Temp\GTA_V_Launcher_1_0_323_1.exe
C:\Users\ecKo\AppData\Local\Temp\GTA_V_Launcher_1_0_331_1.exe
C:\Users\ecKo\AppData\Local\Temp\raptrpatch.exe
C:\Users\ecKo\AppData\Local\Temp\raptr_stub.exe
C:\Users\ecKo\AppData\Local\Temp\Skin.dll
C:\Users\ecKo\AppData\Local\Temp\Social%20Club%20v1.1.5.5%20Setup.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-05-14 00:10

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:111.69 GB) (Free:49.03 GB) NTFS
Drive d: (Místni disk) (Fixed) (Total:931.41 GB) (Free:203.55 GB) NTFS

Available physical RAM: 5542.6 MB
Total physical RAM: 8159.93 MB
Percentage of memory in use: 32%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 2D9B3FAA)
Partition 1: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 748FE904)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\ecKo\Desktop" je 156 MB.

***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0
"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnarqSrv
C:\Windows\inf\msnarq.vbe [x]

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

# AdwCleaner v4.205 - Log vytvořen 24/05/2015 v 09:05:32
# Aktualizováno 21/05/2015 by Xplode
# Databáze : 2015-05-21.2 [Server]
# Operační system : Windows 7 Ultimate Service Pack 1 (x64)
# Uživatelské jméno : ecKo - ECKO-PC
# Spuštěno z : D:\Stažené soubory\adwcleaner_4.205.exe
# Nastavení : Čištění

***** [ Služby ] *****

***** [ Soubory / Složky ] *****

***** [ Naplánované úlohy ] *****

***** [ Zástupci ] *****

***** [ Registry ] *****

Klíč Smazáno : HKCU\Software\OCS
Data Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local

***** [ Prohlížeče ] *****

-\\ Internet Explorer v8.0.7601.17514

-\\ Google Chrome v43.0.2357.65

*************************

AdwCleaner[R0].txt - [932 bytů] - [24/05/2015 09:04:13]
AdwCleaner[S0].txt - [815 bytů] - [24/05/2015 09:05:32]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [872 bytů] ##########

Dejte nový log FRST.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-05-2015 01
Ran by ecKo (administrator) on ECKO-PC on 24-05-2015 16:10:22
Running from C:\Users\ecKo\Desktop
Loaded Profiles: ecKo (Available Profiles: ecKo)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Locktime Software) D:\Programy\NetLimiter\nlsvc.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Locktime Software) D:\Programy\NetLimiter\NLClientApp.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
() C:\Users\ecKo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost32.exe
() C:\Users\ecKo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost64.exe
(Xfire Inc.) C:\Program Files (x86)\Xfire\Xfire.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
() C:\Program Files (x86)\Xfire\xfire64.exe
() C:\Users\ecKo\AppData\Roaming\Microsoft\Networking\inet32upd.exe
() C:\Users\ecKo\AppData\Roaming\Microsoft\Networking\winnet32b.exe
(A-Volute) C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(ATI Technologies Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPOP3.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
() C:\Program Files (x86)\Xfire\xfire64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\ecKo\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\PING.EXE

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [12697368 2014-10-14] (Logitech Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [590144 2015-04-22] (Razer Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-03-31] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKU\S-1-5-21-1822048718-2469099859-4013832478-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2888384 2015-05-15] (Valve Corporation)
HKU\S-1-5-21-1822048718-2469099859-4013832478-1000\...\Run: [NetLimiter] => D:\Programy\NetLimiter\NLClientApp.exe [2915968 2013-10-10] (Locktime Software)
HKU\S-1-5-21-1822048718-2469099859-4013832478-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-1822048718-2469099859-4013832478-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [5583120 2015-02-27] (Disc Soft Ltd)
HKU\S-1-5-21-1822048718-2469099859-4013832478-1000\...\MountPoints2: {16006c34-fedc-11e4-aab4-6c626d41e49d} - E:\setup.exe
Startup: C:\Users\ecKo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost32.exe [2015-05-21] ()
Startup: C:\Users\ecKo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost64.exe [2015-05-21] ()
Startup: C:\Users\ecKo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk [2015-01-24]
ShortcutTarget: Xfire.lnk -> C:\Program Files (x86)\Xfire\Xfire.exe (Xfire Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1822048718-2469099859-4013832478-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://b2c.generali.cz/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.20

FireFox:
========
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-29] (Adobe Systems)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-29] (Adobe Systems)

Chrome:
=======
CHR Profile: C:\Users\ecKo\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\ecKo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-24]
CHR Extension: (Google Docs) - C:\Users\ecKo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-24]
CHR Extension: (Google Drive) - C:\Users\ecKo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-24]
CHR Extension: (YouTube) - C:\Users\ecKo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-24]
CHR Extension: (Google Search) - C:\Users\ecKo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-24]
CHR Extension: (Google Sheets) - C:\Users\ecKo\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-24]
CHR Extension: (LoungeDestroyer) - C:\Users\ecKo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghahcnmfjfckcedfajbhekgknjdplfcl [2015-01-24]
CHR Extension: (AdBlock) - C:\Users\ecKo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-01-24]
CHR Extension: (Bookmark Manager) - C:\Users\ecKo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-16]
CHR Extension: (Google Wallet) - C:\Users\ecKo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-24]
CHR Extension: (Facebook Message Seen Notification Remover) - C:\Users\ecKo\AppData\Local\Google\Chrome\User Data\Default\Extensions\piohdenkodpbcigpkmicjapilbfjioil [2015-01-24]
CHR Extension: (Gmail) - C:\Users\ecKo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-24]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1272592 2015-02-27] (Disc Soft Ltd)
R2 nlsvc; D:\Programy\NetLimiter\nlsvc.exe [1851008 2013-10-10] (Locktime Software)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187072 2015-02-05] ()
R2 RzSurroundVADStreamingService; C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe [4250624 2015-02-03] (A-Volute) []
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5448976 2015-04-17] (TeamViewer GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [62152 2014-10-28] (Advanced Micro Devices, Inc.)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30352 2015-05-20] (Disc Soft Ltd)
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R3 LGSUsbFilt; C:\Windows\System32\DRIVERS\LGSUsbFilt.Sys [41752 2013-05-30] (Logitech Inc.)
R1 nltdi; D:\Programy\NetLimiter\nltdi.sys [87472 2013-06-12] (Locktime Software)
S3 RZMAELSTROMVADService; C:\Windows\System32\drivers\RzMaelstromVAD.sys [32768 2014-06-09] (Windows (R) Win 7 DDK provider)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-02-05] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [129600 2014-12-10] (Razer, Inc.)
R3 RZSURROUNDVADService; C:\Windows\System32\drivers\RzSurroundVAD.sys [40640 2015-02-09] (Windows (R) Win 7 DDK provider)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-24 16:10 - 2015-05-24 16:10 - 00029696 _____ () C:\Users\ecKo\AppData\Local\MSGBOX.EXE
2015-05-24 16:10 - 2015-05-24 16:10 - 00015327 _____ () C:\Users\ecKo\Desktop\LM.bat
2015-05-24 09:07 - 2015-05-24 09:07 - 00000643 _____ () C:\Users\ecKo\Desktop\AdwCleaner[R0].rar
2015-05-24 09:05 - 2015-05-24 09:06 - 00000950 _____ () C:\Users\ecKo\Desktop\AdwCleaner[R0].txt
2015-05-24 09:04 - 2015-05-24 15:34 - 00010018 _____ () C:\Windows\WindowsUpdate.log
2015-05-24 09:03 - 2015-05-24 09:05 - 00000000 ____D () C:\AdwCleaner
2015-05-24 09:02 - 2015-05-24 15:31 - 00000224 _____ () C:\Windows\setupact.log
2015-05-24 09:02 - 2015-05-24 09:02 - 00000000 _____ () C:\Windows\setuperr.log
2015-05-23 22:29 - 2015-05-23 22:29 - 00000000 ____D () C:\Windows\Minidump
2015-05-23 22:23 - 2015-05-23 22:23 - 00007865 _____ () C:\Users\ecKo\Desktop\Addition.rar
2015-05-23 22:21 - 2015-05-23 22:22 - 00000000 ____D () C:\Windows\pss
2015-05-23 22:08 - 2015-05-24 16:10 - 00011501 _____ () C:\Users\ecKo\Desktop\FRST.txt
2015-05-23 22:07 - 2015-05-23 22:06 - 00112640 _____ (forum.viry.cz) C:\Users\ecKo\Desktop\FRSTLauncher.exe
2015-05-23 22:07 - 2015-05-23 22:05 - 02108416 _____ (Farbar) C:\Users\ecKo\Desktop\FRST64.exe
2015-05-23 22:06 - 2015-05-24 16:10 - 00000000 ____D () C:\FRST
2015-05-23 16:13 - 2015-05-23 16:13 - 00000000 ____D () C:\Program Files (x86)\ESET
2015-05-21 20:13 - 2015-05-21 20:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2015-05-21 20:08 - 2015-05-21 21:37 - 00000000 ____D () C:\Program Files (x86)\MSI Afterburner
2015-05-21 20:04 - 2015-05-21 20:05 - 00000000 ____D () C:\Users\ecKo\MSI Afterburner
2015-05-21 20:04 - 2015-05-21 20:04 - 00000000 ____D () C:\Users\ecKo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2015-05-21 19:52 - 2015-05-21 19:52 - 00000000 ____D () C:\Users\ecKo\AppData\Local\Micro-Star_Int'l_Co.,_Ltd
2015-05-21 18:40 - 2015-05-21 18:51 - 00000000 ____D () C:\Users\ecKo\Documents\The Witcher 3
2015-05-21 15:00 - 2015-05-21 18:40 - 00000000 ____D () C:\Windows\SysWOW64\directx
2015-05-21 15:00 - 2015-05-21 15:00 - 00000944 _____ () C:\Users\ecKo\Desktop\The Witcher 3 Wild Hunt.lnk
2015-05-20 20:28 - 2015-05-20 20:28 - 00000000 ____D () C:\ProgramData\Socialclub
2015-05-20 19:53 - 2015-05-20 19:53 - 00000517 _____ () C:\Users\Public\Desktop\Grand Theft Auto V.lnk
2015-05-20 19:53 - 2015-05-20 19:53 - 00000517 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Grand Theft Auto V.lnk
2015-05-20 19:53 - 2015-05-20 19:53 - 00000000 ____D () C:\Program Files (x86)\Disc Soft
2015-05-20 19:52 - 2015-05-23 22:36 - 00000000 ____D () C:\Users\ecKo\AppData\Roaming\DAEMON Tools Lite
2015-05-20 19:52 - 2015-05-20 19:53 - 00000000 ____D () C:\Program Files\DAEMON Tools Lite
2015-05-20 19:52 - 2015-05-20 19:52 - 00030352 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtlitescsibus.sys
2015-05-20 19:52 - 2015-05-20 19:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2015-05-20 19:51 - 2015-05-20 19:52 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2015-05-09 10:33 - 2015-05-23 16:43 - 00000000 ____D () C:\Users\ecKo\AppData\Roaming\HandBrake
2015-05-09 10:33 - 2015-05-09 10:33 - 00000000 ____D () C:\Users\ecKo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Handbrake
2015-05-09 10:33 - 2015-05-09 10:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Handbrake
2015-05-08 18:07 - 2015-05-08 18:19 - 00000000 ____D () C:\Users\ecKo\Documents\Project CARS
2015-05-08 18:07 - 2015-05-08 18:07 - 00000000 ____D () C:\Users\ecKo\Documents\wmd_symbol_cache
2015-05-08 17:59 - 2015-05-08 17:59 - 00000465 _____ () C:\Users\Public\Desktop\Project CARS.lnk
2015-05-03 10:06 - 2015-05-03 10:06 - 00000000 ____D () C:\Users\ecKo\AppData\Roaming\Publish Providers
2015-05-03 10:03 - 2015-05-03 10:03 - 00000000 ____D () C:\ProgramData\Sony
2015-05-03 10:03 - 2015-05-03 10:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2015-05-03 10:03 - 2015-05-03 10:03 - 00000000 ____D () C:\Program Files (x86)\Sony
2015-05-03 10:02 - 2015-05-03 10:02 - 00000000 ____D () C:\Windows\system32\appmgmt
2015-05-03 09:45 - 2015-05-03 09:45 - 00000000 ____D () C:\Users\ecKo\AppData\Local\Sony
2015-05-03 09:43 - 2015-05-03 10:06 - 00000000 ____D () C:\Users\ecKo\AppData\Roaming\Sony

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-24 15:45 - 2015-01-24 13:29 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-24 15:38 - 2009-07-14 06:45 - 00021072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-24 15:38 - 2009-07-14 06:45 - 00021072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-24 15:37 - 2010-11-21 11:27 - 00667188 _____ () C:\Windows\system32\perfh005.dat
2015-05-24 15:37 - 2010-11-21 11:27 - 00140366 _____ () C:\Windows\system32\perfc005.dat
2015-05-24 15:37 - 2009-07-14 07:13 - 01579166 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-24 15:31 - 2015-01-24 13:34 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-05-24 15:31 - 2015-01-24 13:29 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-24 15:31 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-24 09:16 - 2015-01-28 21:59 - 00000000 ____D () C:\Users\ecKo\AppData\Local\Adobe
2015-05-23 22:36 - 2015-02-23 19:40 - 00000000 ____D () C:\Users\ecKo\AppData\Roaming\TeamViewer
2015-05-23 22:36 - 2015-01-24 13:40 - 00000000 ____D () C:\Users\ecKo\AppData\Roaming\TS3Client
2015-05-23 22:33 - 2015-01-25 20:11 - 00007590 _____ () C:\Users\ecKo\AppData\Local\Resmon.ResmonCfg
2015-05-23 16:56 - 2015-01-24 13:30 - 00000000 ____D () C:\Users\ecKo\AppData\Roaming\Xfire
2015-05-22 18:07 - 2015-02-23 19:22 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2015-05-21 20:04 - 2015-01-24 13:21 - 00000000 ____D () C:\Users\ecKo
2015-05-20 20:27 - 2015-04-19 00:09 - 00000000 ____D () C:\Program Files\Rockstar Games
2015-05-20 20:27 - 2015-04-19 00:09 - 00000000 ____D () C:\Program Files (x86)\Rockstar Games
2015-05-17 21:40 - 2015-01-24 13:29 - 00003948 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-17 21:40 - 2015-01-24 13:29 - 00003696 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-14 13:14 - 2015-01-28 22:01 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-05-11 10:32 - 2009-07-14 06:45 - 00297160 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-10 11:10 - 2015-01-24 13:29 - 00059048 _____ () C:\Users\ecKo\AppData\Local\GDIPFONTCACHEV1.DAT
2015-04-27 00:38 - 2015-01-24 13:59 - 00000000 ____D () C:\Users\ecKo\AppData\Local\Battle.net
2015-04-26 11:50 - 2015-04-10 17:11 - 00000000 ____D () C:\Users\ecKo\Documents\Rockstar Games
2015-04-26 11:03 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF

==================== Files in the root of some directories =======

2015-05-24 16:10 - 2015-05-24 16:10 - 0029696 _____ () C:\Users\ecKo\AppData\Local\MSGBOX.EXE
2015-01-25 20:11 - 2015-05-23 22:33 - 0007590 _____ () C:\Users\ecKo\AppData\Local\Resmon.ResmonCfg

Some files in TEMP:
====================
C:\Users\ecKo\AppData\Local\Temp\Quarantine.exe
C:\Users\ecKo\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-05-24 15:55

==================== End of log ============================

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-1822048718-2469099859-4013832478-1000\...\MountPoints2: {16006c34-fedc-11e4-aab4-6c626d41e49d} - E:\setup.exe
Startup: C:\Users\ecKo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost32.exe [2015-05-21] ()
Startup: C:\Users\ecKo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost64.exe [2015-05-21] ()
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
CHR Extension: (Facebook Message Seen Notification Remover) - C:\Users\ecKo\AppData\Local\Google\Chrome\User Data\Default\Extensions\piohdenkodpbcigpkmicjapilbfjioil [2015-01-24]
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\ecKo\AppData\Local\Temp
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

super!

Děkuji moc! Mužu se zeptat co to bylo za havěť?

PC lovil bitcoiny. Byl spuštěn conhost. Už je to v pořádku. Nemáte zač!

VIRY.CZ

vytížení cpu 100%

vytížení cpu 100%

Re: vytížení cpu 100%

Re: vytížení cpu 100%

Re: vytížení cpu 100%

Re: vytížení cpu 100%

Re: vytížení cpu 100%

Re: vytížení cpu 100%

Re: vytížení cpu 100%