Dobrý den, prosila bych o pomoc s mým pc.
Neustále mi padá Firefox, už jsem ho zkoušela odinstalovat, znova nainstalovat bez jakýchkoli rozšíření a pořád to samé.
Asi 3x mi spadnul už i celý pc, modrá smrt.
Děkuji.
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Padání Firefoxu, někdy modrá smrt PC
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119675
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Padání Firefoxu, někdy modrá smrt PC
Zdravím!
Otevřte adresář windows\minidump, jeho obsah zabalte do raru a přiložte k vašemu příštímu postu.
Otevřte adresář windows\minidump, jeho obsah zabalte do raru a přiložte k vašemu příštímu postu.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Padání Firefoxu, někdy modrá smrt PC
Bohužel jsem tenhle adresář tam nenašla 
Nejspíš se mi neukládá.
Nejspíš se mi neukládá.-
Rudy
- Site Admin
- Příspěvky: 119675
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Padání Firefoxu, někdy modrá smrt PC
Škoda, hodně by napověděl ohledně padání do modré smrti. Dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Padání Firefoxu, někdy modrá smrt PC
Tak jsem nastavila ten stránkovací soubor a dnes zas BSOD a už se minidump uložil tak přikládám 
- Přílohy
-
- Minidump.rar
- (20.1 KiB) Staženo 45 x
Re: Padání Firefoxu, někdy modrá smrt PC
Vkládám i log FRST
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:31-08-2015
Ran by ROBASS (administrator) on VIONETA (01-09-2015 17:29:54)
Running from C:\Users\ROBASS\Desktop
Loaded Profiles: ROBASS (Available Profiles: ROBASS)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
() C:\Program Files (x86)\RocketDock\RocketDock.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(APN) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(forum.viry.cz) C:\Users\ROBASS\Desktop\FRSTLauncher.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [ApnTBMon] => C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1796496 2015-08-06] (APN)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKU\S-1-5-21-2009324788-340054426-501186564-1000\...\Run: [RocketDock] => C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKU\S-1-5-21-2009324788-340054426-501186564-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53661824 2015-07-28] (Skype Technologies S.A.)
HKU\S-1-5-21-2009324788-340054426-501186564-1000\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE [833240 2014-12-23] (ZONER software)
HKU\S-1-5-21-2009324788-340054426-501186564-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicyScripts-x32: Group Policy detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 188.75.128.188 10.0.150.150 192.168.0.1
Tcpip\..\Interfaces\{2454BC51-DE58-4BC7-844A-1BF98C8D497E}: [DhcpNameServer] 188.75.128.188 10.0.150.150 192.168.0.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=i ... ar=msnhome
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-2009324788-340054426-501186564-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2009324788-340054426-501186564-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2009324788-340054426-501186564-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
HKU\S-1-5-21-2009324788-340054426-501186564-1000\Software\Microsoft\Internet Explorer\Main,SearchURL = hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
HKU\S-1-5-21-2009324788-340054426-501186564-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\S-1-5-21-2009324788-340054426-501186564-1000 -> {57948012-FF93-4DB1-A551-5C8D17ECAB84} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-08-27] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-27] (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\ROBASS\AppData\Roaming\Mozilla\Firefox\Profiles\6pmsaupi.default-1440538516283
FF Homepage: hxxps://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-16] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-16] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-27] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-02-08] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-02-08] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-30] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-30] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin HKU\S-1-5-21-2009324788-340054426-501186564-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\ROBASS\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\ROBASS\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\ROBASS\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-23]
CHR Extension: (Google Docs) - C:\Users\ROBASS\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-16]
CHR Extension: (Google Drive) - C:\Users\ROBASS\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-16]
CHR Extension: (YouTube) - C:\Users\ROBASS\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-16]
CHR Extension: (Google Search) - C:\Users\ROBASS\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-16]
CHR Extension: (Google Sheets) - C:\Users\ROBASS\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-23]
CHR Extension: (AdBlock) - C:\Users\ROBASS\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-08-29]
CHR Extension: (Chrome Web Store Payments) - C:\Users\ROBASS\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-16]
CHR Extension: (Gmail) - C:\Users\ROBASS\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-16]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [173968 2015-08-05] (APN LLC.)
S3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16941856 2014-02-05] (NVIDIA Corporation)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738200 2014-04-25] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2081752 2014-04-25] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 Themes; C:\Windows\system32\themeservice.dll [44544 2014-01-17] (Microsoft Corporation) [File not signed]
S4 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-10-21] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-06-08] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 ElRawDisk; C:\Windows\system32\drivers\rsdrvx64.sys [26024 2009-02-12] (EldoS Corporation)
S3 ET5Drv; C:\Windows\ET5Drv.sys [36416 2007-10-16] (Windows (R) Codename Longhorn DDK provider)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2014-02-10] ()
S3 HTCAND64; C:\Windows\System32\Drivers\ANDROIDUSB.sys [33736 2009-11-02] (HTC, Corporation) [File not signed]
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
S3 usbohci; C:\Windows\system32\drivers\usbohci.sys [25600 2013-10-21] (Microsoft Corporation) [File not signed]
S3 ALSysIO; \??\D:\TEMP\ALSysIO64.sys [X]
S3 cpudrv64; \??\C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [X]
S3 MarkFun_NT; \??\C:\Program Files (x86)\GIGABYTE\ET5Pro\markfun.a64 [X]
S3 slicedisk.sys; \??\C:\Windows\system32\slicedisk.sys [X]
S3 SliceDisk5; \??\C:\Program Files\A-FF Find and Mount\slicedisk-x64.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 WinRing0_1_2_0; \??\C:\Users\ROBASS\Desktop\REAL TEMP\WinRing0x64.sys [X]
S1 {7929dd67-6f70-43ee-9cc7-c3b1ebca3d6c}Gw64; system32\drivers\{7929dd67-6f70-43ee-9cc7-c3b1ebca3d6c}Gw64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-09-01 17:29 - 2015-09-01 17:30 - 00013885 _____ C:\Users\ROBASS\Desktop\FRST.txt
2015-09-01 17:28 - 2015-09-01 17:29 - 00000000 ____D C:\FRST
2015-09-01 17:27 - 2015-09-01 17:27 - 00112640 _____ (forum.viry.cz) C:\Users\ROBASS\Desktop\FRSTLauncher.exe
2015-09-01 15:11 - 2015-09-01 15:11 - 02188800 _____ (Farbar) C:\Users\ROBASS\Desktop\FRST64.exe
2015-09-01 15:03 - 2015-09-01 15:03 - 00020578 _____ C:\Windows\Minidump.rar
2015-09-01 14:59 - 2015-09-01 14:59 - 474810555 _____ C:\Windows\MEMORY.DMP
2015-09-01 14:59 - 2015-09-01 14:59 - 00290336 _____ C:\Windows\Minidump\090115-19734-01.dmp
2015-09-01 14:59 - 2015-09-01 14:59 - 00000000 ____D C:\Windows\Minidump
2015-08-31 21:18 - 2015-08-31 21:21 - 00000000 ____D C:\Users\ROBASS\Desktop\31.8.2015 Kobylka
2015-08-30 17:43 - 2015-09-01 16:48 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-30 17:43 - 2015-09-01 16:26 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-30 17:43 - 2015-08-30 17:43 - 00003948 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-08-30 17:43 - 2015-08-30 17:43 - 00003696 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-08-29 22:02 - 2015-08-29 22:02 - 00000000 ____D C:\Users\ROBASS\Desktop\27.8. U našich, Anet papa video
2015-08-29 22:00 - 2015-08-29 22:01 - 00000000 ____D C:\Users\ROBASS\Desktop\26.8. Otevřená ulice(tatky)
2015-08-29 21:58 - 2015-08-29 21:59 - 00000000 ____D C:\Users\ROBASS\Desktop\29.8. Kostel večer
2015-08-29 21:57 - 2015-08-29 21:58 - 00000000 ____D C:\Users\ROBASS\Desktop\29.8. Pouť
2015-08-27 13:03 - 2015-08-27 13:03 - 00000000 ____D C:\Users\ROBASS\AppData\Roaming\Sun
2015-08-27 13:03 - 2015-08-27 13:03 - 00000000 ____D C:\Users\ROBASS\.oracle_jre_usage
2015-08-27 13:01 - 2015-08-27 13:08 - 00000000 ____D C:\Users\ROBASS\Desktop\26.8. Otevrena ulice, kostel, zahrada
2015-08-19 10:42 - 2015-09-01 16:26 - 00000000 ____D C:\Program Files (x86)\Panda Security
2015-08-16 14:07 - 2015-08-28 18:39 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-16 13:30 - 2015-08-16 13:30 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-08-13 19:34 - 2015-09-01 16:26 - 00141524 _____ C:\Windows\PFRO.log
2015-08-13 19:34 - 2015-09-01 16:26 - 00005002 _____ C:\Windows\setupact.log
2015-08-13 19:34 - 2015-08-13 19:34 - 00000000 _____ C:\Windows\setuperr.log
2015-08-11 19:35 - 2015-09-01 16:27 - 00041666 _____ C:\Windows\WindowsUpdate.log
2015-08-11 16:09 - 2015-08-29 10:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-11 16:09 - 2015-08-11 16:09 - 00001162 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-08-11 16:09 - 2015-08-11 16:09 - 00001150 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-08-11 14:19 - 2015-08-11 14:19 - 00242984 _____ C:\Users\ROBASS\Downloads\Firefox Setup Stub 39.0.3.exe
2015-08-11 13:46 - 2015-08-11 13:46 - 00000000 ____D C:\Program Files\Common Files\AV
2015-08-11 13:46 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe
2015-08-07 15:32 - 2015-08-29 20:27 - 00000000 ____D C:\Users\ROBASS\Desktop\Nová složka (4)
2015-08-04 17:37 - 2015-08-04 17:37 - 00563296 _____ (Oracle Corporation) C:\Users\ROBASS\Downloads\jre-8u51-windows-i586-iftw.exe
2015-08-04 14:27 - 2015-08-04 14:27 - 05309440 _____ (MaLee) C:\Users\ROBASS\Downloads\ANO.exe
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-09-01 17:27 - 2014-05-08 01:15 - 00000000 ____D C:\Users\ROBASS\AppData\Roaming\Skype
2015-09-01 17:15 - 2015-01-28 02:40 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-09-01 16:34 - 2009-07-14 06:45 - 00021248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-09-01 16:34 - 2009-07-14 06:45 - 00021248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-09-01 16:26 - 2014-02-24 17:04 - 00000000 ____D C:\ProgramData\NVIDIA
2015-09-01 16:26 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-09-01 16:26 - 2009-07-14 06:45 - 00468464 _____ C:\Windows\system32\FNTCACHE.DAT
2015-09-01 16:24 - 2014-02-07 01:00 - 00000000 ____D C:\Users\ROBASS\AppData\Roaming\Panda Security
2015-09-01 16:24 - 2014-02-07 01:00 - 00000000 ____D C:\ProgramData\Panda Security
2015-08-28 15:32 - 2014-10-30 22:31 - 00000000 ____D C:\Users\ROBASS\AppData\Roaming\vlc
2015-08-28 15:25 - 2014-03-05 20:21 - 00695664 _____ C:\Windows\system32\perfh019.dat
2015-08-28 15:25 - 2014-03-05 20:21 - 00141320 _____ C:\Windows\system32\perfc019.dat
2015-08-28 15:25 - 2011-04-12 10:34 - 00650908 _____ C:\Windows\system32\perfh005.dat
2015-08-28 15:25 - 2011-04-12 10:34 - 00134296 _____ C:\Windows\system32\perfc005.dat
2015-08-28 15:25 - 2009-07-14 07:13 - 02369470 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-27 21:13 - 2014-05-08 01:15 - 00000000 ____D C:\ProgramData\Skype
2015-08-27 13:04 - 2014-12-12 20:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-08-27 13:04 - 2014-01-17 21:38 - 00000000 ____D C:\ProgramData\Oracle
2015-08-27 13:04 - 2014-01-17 21:38 - 00000000 ____D C:\Program Files (x86)\Java
2015-08-27 13:03 - 2014-01-17 21:38 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-08-27 13:03 - 2014-01-17 13:04 - 00000000 ____D C:\Users\ROBASS
2015-08-25 23:35 - 2014-05-16 02:16 - 00000000 ____D C:\Users\ROBASS\Desktop\Původní data aplikace Firefox
2015-08-25 12:13 - 2012-07-31 20:04 - 00000000 ____D C:\Users\ROBASS\Desktop\Fotky
2015-08-25 12:01 - 2014-05-16 02:06 - 00002186 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-08-16 13:30 - 2014-01-17 19:57 - 00778440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-16 13:30 - 2014-01-17 19:57 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-11 16:29 - 2014-05-10 01:25 - 00000000 ____D C:\Users\ROBASS\AppData\Roaming\uTorrent
2015-08-11 14:33 - 2014-03-18 22:06 - 00000000 ____D C:\Program Files (x86)\HTC
2015-08-11 14:31 - 2015-05-25 20:25 - 00000000 ____D C:\Program Files\Fotolab
2015-08-11 13:46 - 2014-05-11 20:28 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-08-06 22:47 - 2015-07-12 21:21 - 00001226 _____ C:\Users\ROBASS\Desktop\presnidavky.txt
2015-08-04 17:40 - 2014-05-10 02:09 - 00000000 ____D C:\ProgramData\Adobe
2015-08-04 14:28 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\system32\FxsTmp
==================== Files in the root of some directories =======
2015-05-21 16:12 - 2015-05-21 16:12 - 0000000 _____ () C:\Users\ROBASS\AppData\Local\{43B31F9C-1B1C-4755-B451-D1320849670C}
2014-01-28 08:55 - 2014-01-28 08:55 - 0000000 _____ () C:\ProgramData\0x0304A000.sfl
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe
[2014-01-26 18:11] - [2013-10-21 07:36] - 4656640 ____A (Microsoft Corporation) CD23B721288CB741EBD3380D57F0600F
C:\Windows\SysWOW64\explorer.exe
[2013-10-21 07:36] - [2013-10-21 07:36] - 4298240 ____A (Microsoft Corporation) 0AC4BD54CDEC7679FA5ECC826BD96120
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-09-01 14:55
==================== End of FRST.txt ============================
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: (HDD) (Fixed) (Total:148.95 GB) (Free:61.67 GB) NTFS
Drive d: (ZALOHA) (Fixed) (Total:465.76 GB) (Free:265.72 GB) NTFS
Drive k: (Verbatim HDD) (Fixed) (Total:931.51 GB) (Free:690.73 GB) NTFS
Available physical RAM: 4166.82 MB
Total physical RAM: 6142.49 MB
Percentage of memory in use: 32%
==================== MBR and Partition Table ==================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149.1 GB) (Disk ID: 6A205247)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=149 GB) - (Type=07 NTFS)
Disk: 1 (Size: 465.8 GB) (Disk ID: 7D177D17)
Partition 1: (Active) - (Size=465.8 GB) - (Type=42)
Partition 2: (Not Active) - (Size=2008 KB) - (Type=42)
Disk: 6 (Size: 931.5 GB) (Disk ID: 1C0C37A8)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\ROBASS\Desktop" je 16845 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnTBMon
"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update
"C:\Users\ROBASS\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor
"C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\icq
C:\Users\ROBASS\AppData\Roaming\ICQM\icq.exe -CU [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RocketDock
"C:\Program Files (x86)\RocketDock\RocketDock.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SDTray
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\X-G500
C:\Program Files (x86)\Genius\X-G500\mousehid.exe [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate
"C:\PROGRAM FILES\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk
C:\PROGRA~2\MCAFEE~1\30E3C3~1.285\SSSCHE~1.EXE [x]
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDTray.exe"="C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access"
"C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDFSSvc.exe"="C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDUpdate.exe"="C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDUpdSvc.exe"="C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:31-08-2015
Ran by ROBASS (administrator) on VIONETA (01-09-2015 17:29:54)
Running from C:\Users\ROBASS\Desktop
Loaded Profiles: ROBASS (Available Profiles: ROBASS)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
() C:\Program Files (x86)\RocketDock\RocketDock.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(APN) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(forum.viry.cz) C:\Users\ROBASS\Desktop\FRSTLauncher.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [ApnTBMon] => C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1796496 2015-08-06] (APN)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKU\S-1-5-21-2009324788-340054426-501186564-1000\...\Run: [RocketDock] => C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKU\S-1-5-21-2009324788-340054426-501186564-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53661824 2015-07-28] (Skype Technologies S.A.)
HKU\S-1-5-21-2009324788-340054426-501186564-1000\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE [833240 2014-12-23] (ZONER software)
HKU\S-1-5-21-2009324788-340054426-501186564-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicyScripts-x32: Group Policy detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 188.75.128.188 10.0.150.150 192.168.0.1
Tcpip\..\Interfaces\{2454BC51-DE58-4BC7-844A-1BF98C8D497E}: [DhcpNameServer] 188.75.128.188 10.0.150.150 192.168.0.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=i ... ar=msnhome
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-2009324788-340054426-501186564-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2009324788-340054426-501186564-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2009324788-340054426-501186564-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
HKU\S-1-5-21-2009324788-340054426-501186564-1000\Software\Microsoft\Internet Explorer\Main,SearchURL = hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
HKU\S-1-5-21-2009324788-340054426-501186564-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\S-1-5-21-2009324788-340054426-501186564-1000 -> {57948012-FF93-4DB1-A551-5C8D17ECAB84} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-08-27] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-27] (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\ROBASS\AppData\Roaming\Mozilla\Firefox\Profiles\6pmsaupi.default-1440538516283
FF Homepage: hxxps://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-16] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-16] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-27] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-02-08] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-02-08] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-30] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-30] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin HKU\S-1-5-21-2009324788-340054426-501186564-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\ROBASS\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\ROBASS\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\ROBASS\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-23]
CHR Extension: (Google Docs) - C:\Users\ROBASS\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-16]
CHR Extension: (Google Drive) - C:\Users\ROBASS\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-16]
CHR Extension: (YouTube) - C:\Users\ROBASS\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-16]
CHR Extension: (Google Search) - C:\Users\ROBASS\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-16]
CHR Extension: (Google Sheets) - C:\Users\ROBASS\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-23]
CHR Extension: (AdBlock) - C:\Users\ROBASS\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-08-29]
CHR Extension: (Chrome Web Store Payments) - C:\Users\ROBASS\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-16]
CHR Extension: (Gmail) - C:\Users\ROBASS\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-16]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [173968 2015-08-05] (APN LLC.)
S3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16941856 2014-02-05] (NVIDIA Corporation)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738200 2014-04-25] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2081752 2014-04-25] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 Themes; C:\Windows\system32\themeservice.dll [44544 2014-01-17] (Microsoft Corporation) [File not signed]
S4 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-10-21] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-06-08] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 ElRawDisk; C:\Windows\system32\drivers\rsdrvx64.sys [26024 2009-02-12] (EldoS Corporation)
S3 ET5Drv; C:\Windows\ET5Drv.sys [36416 2007-10-16] (Windows (R) Codename Longhorn DDK provider)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2014-02-10] ()
S3 HTCAND64; C:\Windows\System32\Drivers\ANDROIDUSB.sys [33736 2009-11-02] (HTC, Corporation) [File not signed]
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
S3 usbohci; C:\Windows\system32\drivers\usbohci.sys [25600 2013-10-21] (Microsoft Corporation) [File not signed]
S3 ALSysIO; \??\D:\TEMP\ALSysIO64.sys [X]
S3 cpudrv64; \??\C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [X]
S3 MarkFun_NT; \??\C:\Program Files (x86)\GIGABYTE\ET5Pro\markfun.a64 [X]
S3 slicedisk.sys; \??\C:\Windows\system32\slicedisk.sys [X]
S3 SliceDisk5; \??\C:\Program Files\A-FF Find and Mount\slicedisk-x64.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 WinRing0_1_2_0; \??\C:\Users\ROBASS\Desktop\REAL TEMP\WinRing0x64.sys [X]
S1 {7929dd67-6f70-43ee-9cc7-c3b1ebca3d6c}Gw64; system32\drivers\{7929dd67-6f70-43ee-9cc7-c3b1ebca3d6c}Gw64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-09-01 17:29 - 2015-09-01 17:30 - 00013885 _____ C:\Users\ROBASS\Desktop\FRST.txt
2015-09-01 17:28 - 2015-09-01 17:29 - 00000000 ____D C:\FRST
2015-09-01 17:27 - 2015-09-01 17:27 - 00112640 _____ (forum.viry.cz) C:\Users\ROBASS\Desktop\FRSTLauncher.exe
2015-09-01 15:11 - 2015-09-01 15:11 - 02188800 _____ (Farbar) C:\Users\ROBASS\Desktop\FRST64.exe
2015-09-01 15:03 - 2015-09-01 15:03 - 00020578 _____ C:\Windows\Minidump.rar
2015-09-01 14:59 - 2015-09-01 14:59 - 474810555 _____ C:\Windows\MEMORY.DMP
2015-09-01 14:59 - 2015-09-01 14:59 - 00290336 _____ C:\Windows\Minidump\090115-19734-01.dmp
2015-09-01 14:59 - 2015-09-01 14:59 - 00000000 ____D C:\Windows\Minidump
2015-08-31 21:18 - 2015-08-31 21:21 - 00000000 ____D C:\Users\ROBASS\Desktop\31.8.2015 Kobylka
2015-08-30 17:43 - 2015-09-01 16:48 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-30 17:43 - 2015-09-01 16:26 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-30 17:43 - 2015-08-30 17:43 - 00003948 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-08-30 17:43 - 2015-08-30 17:43 - 00003696 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-08-29 22:02 - 2015-08-29 22:02 - 00000000 ____D C:\Users\ROBASS\Desktop\27.8. U našich, Anet papa video
2015-08-29 22:00 - 2015-08-29 22:01 - 00000000 ____D C:\Users\ROBASS\Desktop\26.8. Otevřená ulice(tatky)
2015-08-29 21:58 - 2015-08-29 21:59 - 00000000 ____D C:\Users\ROBASS\Desktop\29.8. Kostel večer
2015-08-29 21:57 - 2015-08-29 21:58 - 00000000 ____D C:\Users\ROBASS\Desktop\29.8. Pouť
2015-08-27 13:03 - 2015-08-27 13:03 - 00000000 ____D C:\Users\ROBASS\AppData\Roaming\Sun
2015-08-27 13:03 - 2015-08-27 13:03 - 00000000 ____D C:\Users\ROBASS\.oracle_jre_usage
2015-08-27 13:01 - 2015-08-27 13:08 - 00000000 ____D C:\Users\ROBASS\Desktop\26.8. Otevrena ulice, kostel, zahrada
2015-08-19 10:42 - 2015-09-01 16:26 - 00000000 ____D C:\Program Files (x86)\Panda Security
2015-08-16 14:07 - 2015-08-28 18:39 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-16 13:30 - 2015-08-16 13:30 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-08-13 19:34 - 2015-09-01 16:26 - 00141524 _____ C:\Windows\PFRO.log
2015-08-13 19:34 - 2015-09-01 16:26 - 00005002 _____ C:\Windows\setupact.log
2015-08-13 19:34 - 2015-08-13 19:34 - 00000000 _____ C:\Windows\setuperr.log
2015-08-11 19:35 - 2015-09-01 16:27 - 00041666 _____ C:\Windows\WindowsUpdate.log
2015-08-11 16:09 - 2015-08-29 10:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-11 16:09 - 2015-08-11 16:09 - 00001162 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-08-11 16:09 - 2015-08-11 16:09 - 00001150 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-08-11 14:19 - 2015-08-11 14:19 - 00242984 _____ C:\Users\ROBASS\Downloads\Firefox Setup Stub 39.0.3.exe
2015-08-11 13:46 - 2015-08-11 13:46 - 00000000 ____D C:\Program Files\Common Files\AV
2015-08-11 13:46 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe
2015-08-07 15:32 - 2015-08-29 20:27 - 00000000 ____D C:\Users\ROBASS\Desktop\Nová složka (4)
2015-08-04 17:37 - 2015-08-04 17:37 - 00563296 _____ (Oracle Corporation) C:\Users\ROBASS\Downloads\jre-8u51-windows-i586-iftw.exe
2015-08-04 14:27 - 2015-08-04 14:27 - 05309440 _____ (MaLee) C:\Users\ROBASS\Downloads\ANO.exe
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-09-01 17:27 - 2014-05-08 01:15 - 00000000 ____D C:\Users\ROBASS\AppData\Roaming\Skype
2015-09-01 17:15 - 2015-01-28 02:40 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-09-01 16:34 - 2009-07-14 06:45 - 00021248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-09-01 16:34 - 2009-07-14 06:45 - 00021248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-09-01 16:26 - 2014-02-24 17:04 - 00000000 ____D C:\ProgramData\NVIDIA
2015-09-01 16:26 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-09-01 16:26 - 2009-07-14 06:45 - 00468464 _____ C:\Windows\system32\FNTCACHE.DAT
2015-09-01 16:24 - 2014-02-07 01:00 - 00000000 ____D C:\Users\ROBASS\AppData\Roaming\Panda Security
2015-09-01 16:24 - 2014-02-07 01:00 - 00000000 ____D C:\ProgramData\Panda Security
2015-08-28 15:32 - 2014-10-30 22:31 - 00000000 ____D C:\Users\ROBASS\AppData\Roaming\vlc
2015-08-28 15:25 - 2014-03-05 20:21 - 00695664 _____ C:\Windows\system32\perfh019.dat
2015-08-28 15:25 - 2014-03-05 20:21 - 00141320 _____ C:\Windows\system32\perfc019.dat
2015-08-28 15:25 - 2011-04-12 10:34 - 00650908 _____ C:\Windows\system32\perfh005.dat
2015-08-28 15:25 - 2011-04-12 10:34 - 00134296 _____ C:\Windows\system32\perfc005.dat
2015-08-28 15:25 - 2009-07-14 07:13 - 02369470 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-27 21:13 - 2014-05-08 01:15 - 00000000 ____D C:\ProgramData\Skype
2015-08-27 13:04 - 2014-12-12 20:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-08-27 13:04 - 2014-01-17 21:38 - 00000000 ____D C:\ProgramData\Oracle
2015-08-27 13:04 - 2014-01-17 21:38 - 00000000 ____D C:\Program Files (x86)\Java
2015-08-27 13:03 - 2014-01-17 21:38 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-08-27 13:03 - 2014-01-17 13:04 - 00000000 ____D C:\Users\ROBASS
2015-08-25 23:35 - 2014-05-16 02:16 - 00000000 ____D C:\Users\ROBASS\Desktop\Původní data aplikace Firefox
2015-08-25 12:13 - 2012-07-31 20:04 - 00000000 ____D C:\Users\ROBASS\Desktop\Fotky
2015-08-25 12:01 - 2014-05-16 02:06 - 00002186 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-08-16 13:30 - 2014-01-17 19:57 - 00778440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-16 13:30 - 2014-01-17 19:57 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-11 16:29 - 2014-05-10 01:25 - 00000000 ____D C:\Users\ROBASS\AppData\Roaming\uTorrent
2015-08-11 14:33 - 2014-03-18 22:06 - 00000000 ____D C:\Program Files (x86)\HTC
2015-08-11 14:31 - 2015-05-25 20:25 - 00000000 ____D C:\Program Files\Fotolab
2015-08-11 13:46 - 2014-05-11 20:28 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-08-06 22:47 - 2015-07-12 21:21 - 00001226 _____ C:\Users\ROBASS\Desktop\presnidavky.txt
2015-08-04 17:40 - 2014-05-10 02:09 - 00000000 ____D C:\ProgramData\Adobe
2015-08-04 14:28 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\system32\FxsTmp
==================== Files in the root of some directories =======
2015-05-21 16:12 - 2015-05-21 16:12 - 0000000 _____ () C:\Users\ROBASS\AppData\Local\{43B31F9C-1B1C-4755-B451-D1320849670C}
2014-01-28 08:55 - 2014-01-28 08:55 - 0000000 _____ () C:\ProgramData\0x0304A000.sfl
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe
[2014-01-26 18:11] - [2013-10-21 07:36] - 4656640 ____A (Microsoft Corporation) CD23B721288CB741EBD3380D57F0600F
C:\Windows\SysWOW64\explorer.exe
[2013-10-21 07:36] - [2013-10-21 07:36] - 4298240 ____A (Microsoft Corporation) 0AC4BD54CDEC7679FA5ECC826BD96120
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-09-01 14:55
==================== End of FRST.txt ============================
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: (HDD) (Fixed) (Total:148.95 GB) (Free:61.67 GB) NTFS
Drive d: (ZALOHA) (Fixed) (Total:465.76 GB) (Free:265.72 GB) NTFS
Drive k: (Verbatim HDD) (Fixed) (Total:931.51 GB) (Free:690.73 GB) NTFS
Available physical RAM: 4166.82 MB
Total physical RAM: 6142.49 MB
Percentage of memory in use: 32%
==================== MBR and Partition Table ==================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149.1 GB) (Disk ID: 6A205247)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=149 GB) - (Type=07 NTFS)
Disk: 1 (Size: 465.8 GB) (Disk ID: 7D177D17)
Partition 1: (Active) - (Size=465.8 GB) - (Type=42)
Partition 2: (Not Active) - (Size=2008 KB) - (Type=42)
Disk: 6 (Size: 931.5 GB) (Disk ID: 1C0C37A8)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\ROBASS\Desktop" je 16845 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnTBMon
"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update
"C:\Users\ROBASS\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor
"C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\icq
C:\Users\ROBASS\AppData\Roaming\ICQM\icq.exe -CU [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RocketDock
"C:\Program Files (x86)\RocketDock\RocketDock.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SDTray
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\X-G500
C:\Program Files (x86)\Genius\X-G500\mousehid.exe [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate
"C:\PROGRAM FILES\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk
C:\PROGRA~2\MCAFEE~1\30E3C3~1.285\SSSCHE~1.EXE [x]
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDTray.exe"="C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access"
"C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDFSSvc.exe"="C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDUpdate.exe"="C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDUpdSvc.exe"="C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
-
Rudy
- Site Admin
- Příspěvky: 119675
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Padání Firefoxu, někdy modrá smrt PC
1. Minidump naznačuje problém s RAM. Nemáte v PC něcio přetaktováno?
2. Spusťte tuto utilitu:
2. Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Padání Firefoxu, někdy modrá smrt PC
To přetaktování netuším, je to možné, mám pc po někom
Log z Adwcleaneru:
# AdwCleaner v5.005 - Logfile created 01/09/2015 at 18:31:34
# Updated 31/08/2015 by Xplode
# Database : 2015-08-31.2 [Server]
# Operating system : Windows 7 Ultimate Service Pack 1 (x64)
# Username : ROBASS - VIONETA
# Running from : C:\Users\ROBASS\Desktop\adwcleaner_5.005.exe
# Option : Cleaning
# Support : http://toolslib.net/forum
***** [ Services ] *****
[-] Service Deleted : APNMCP
***** [ Folders ] *****
[-] Folder Deleted : C:\Program Files (x86)\AskPartnerNetwork
[-] Folder Deleted : C:\Program Files (x86)\DriverToolkit
[-] Folder Deleted : C:\Program Files (x86)\Common Files\tencent
[-] Folder Deleted : C:\ProgramData\apn
[-] Folder Deleted : C:\ProgramData\AskPartnerNetwork
[-] Folder Deleted : C:\ProgramData\tencent
[-] Folder Deleted : C:\Users\ROBASS\AppData\Local\AskPartnerNetwork
[-] Folder Deleted : C:\Users\ROBASS\AppData\Local\DriverToolkit
[-] Folder Deleted : C:\Users\ROBASS\AppData\Roaming\OpenCandy
[-] Folder Deleted : C:\Users\ROBASS\AppData\Roaming\tencent
[-] Folder Deleted : D:\TEMP\apn
***** [ Files ] *****
[-] File Deleted : C:\Users\ROBASS\AppData\Roaming\Mozilla\Firefox\Profiles\48dvk46w.default\user.js
[-] File Deleted : C:\Windows\Sysnative\roboot64.exe
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon]
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\DownloadProxy.EXE
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\METNSD
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{51BEE30D-EEC8-4BA3-930B-298B8E759EB1}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{70DE12EA-79F4-46BC-9812-86DB50A2FD64}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6B3732AA-F6D4-4F16-9E22-49EDC52C9514}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f80768c0-dd2b-432f-b2df-84da8c11ed2b}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f80768c0-dd2b-432f-b2df-84da8c11ed2b}
[-] Key Deleted : HKU\.DEFAULT\Software\AskPartnerNetwork
[-] Key Deleted : HKCU\Software\AskPartnerNetwork
[-] Key Deleted : HKCU\Software\InstalledBrowserExtensions
[-] Key Deleted : HKCU\Software\smarttweak
[-] Key Deleted : HKCU\Software\Softonic
[-] Key Deleted : HKCU\Software\DriverToolkit
[-] Key Deleted : HKLM\SOFTWARE\AskPartnerNetwork
[-] Key Deleted : HKLM\SOFTWARE\SiteSee
[!] Key Not Deleted : [x64] HKCU\Software\AskPartnerNetwork
[!] Key Not Deleted : [x64] HKCU\Software\InstalledBrowserExtensions
[!] Key Not Deleted : [x64] HKCU\Software\smarttweak
[!] Key Not Deleted : [x64] HKCU\Software\Softonic
[!] Key Not Deleted : [x64] HKCU\Software\DriverToolkit
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
***** [ Web browsers ] *****
*************************
:: Winsock settings cleared
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [3210 bytes] ##########
Log z Adwcleaneru:
# AdwCleaner v5.005 - Logfile created 01/09/2015 at 18:31:34
# Updated 31/08/2015 by Xplode
# Database : 2015-08-31.2 [Server]
# Operating system : Windows 7 Ultimate Service Pack 1 (x64)
# Username : ROBASS - VIONETA
# Running from : C:\Users\ROBASS\Desktop\adwcleaner_5.005.exe
# Option : Cleaning
# Support : http://toolslib.net/forum
***** [ Services ] *****
[-] Service Deleted : APNMCP
***** [ Folders ] *****
[-] Folder Deleted : C:\Program Files (x86)\AskPartnerNetwork
[-] Folder Deleted : C:\Program Files (x86)\DriverToolkit
[-] Folder Deleted : C:\Program Files (x86)\Common Files\tencent
[-] Folder Deleted : C:\ProgramData\apn
[-] Folder Deleted : C:\ProgramData\AskPartnerNetwork
[-] Folder Deleted : C:\ProgramData\tencent
[-] Folder Deleted : C:\Users\ROBASS\AppData\Local\AskPartnerNetwork
[-] Folder Deleted : C:\Users\ROBASS\AppData\Local\DriverToolkit
[-] Folder Deleted : C:\Users\ROBASS\AppData\Roaming\OpenCandy
[-] Folder Deleted : C:\Users\ROBASS\AppData\Roaming\tencent
[-] Folder Deleted : D:\TEMP\apn
***** [ Files ] *****
[-] File Deleted : C:\Users\ROBASS\AppData\Roaming\Mozilla\Firefox\Profiles\48dvk46w.default\user.js
[-] File Deleted : C:\Windows\Sysnative\roboot64.exe
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon]
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\DownloadProxy.EXE
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\METNSD
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{51BEE30D-EEC8-4BA3-930B-298B8E759EB1}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{70DE12EA-79F4-46BC-9812-86DB50A2FD64}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6B3732AA-F6D4-4F16-9E22-49EDC52C9514}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f80768c0-dd2b-432f-b2df-84da8c11ed2b}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f80768c0-dd2b-432f-b2df-84da8c11ed2b}
[-] Key Deleted : HKU\.DEFAULT\Software\AskPartnerNetwork
[-] Key Deleted : HKCU\Software\AskPartnerNetwork
[-] Key Deleted : HKCU\Software\InstalledBrowserExtensions
[-] Key Deleted : HKCU\Software\smarttweak
[-] Key Deleted : HKCU\Software\Softonic
[-] Key Deleted : HKCU\Software\DriverToolkit
[-] Key Deleted : HKLM\SOFTWARE\AskPartnerNetwork
[-] Key Deleted : HKLM\SOFTWARE\SiteSee
[!] Key Not Deleted : [x64] HKCU\Software\AskPartnerNetwork
[!] Key Not Deleted : [x64] HKCU\Software\InstalledBrowserExtensions
[!] Key Not Deleted : [x64] HKCU\Software\smarttweak
[!] Key Not Deleted : [x64] HKCU\Software\Softonic
[!] Key Not Deleted : [x64] HKCU\Software\DriverToolkit
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
***** [ Web browsers ] *****
*************************
:: Winsock settings cleared
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [3210 bytes] ##########
-
Rudy
- Site Admin
- Příspěvky: 119675
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Padání Firefoxu, někdy modrá smrt PC
Vstupte do biosu a zadejte "Load default settings". Uložte a restartujte. Pak dejte nový log FRST.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Padání Firefoxu, někdy modrá smrt PC
Nevím zda jsem to udělala dobře, v Biosu bylo pouze Load default optimized, tak jsem dala to, je to ono? Ještě tam byla druhá možnost Load fail-safe default. Tak nevím zda jsem něco neudělala špatně.
Log FRST:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:31-08-2015
Ran by ROBASS (administrator) on VIONETA (01-09-2015 20:51:04)
Running from C:\Users\ROBASS\Desktop
Loaded Profiles: ROBASS (Available Profiles: ROBASS)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Program Files (x86)\RocketDock\RocketDock.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(forum.viry.cz) C:\Users\ROBASS\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\PING.EXE
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKU\S-1-5-21-2009324788-340054426-501186564-1000\...\Run: [RocketDock] => C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKU\S-1-5-21-2009324788-340054426-501186564-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53661824 2015-07-28] (Skype Technologies S.A.)
HKU\S-1-5-21-2009324788-340054426-501186564-1000\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE [833240 2014-12-23] (ZONER software)
HKU\S-1-5-21-2009324788-340054426-501186564-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicyScripts-x32: Group Policy detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 188.75.128.188 10.0.150.150 192.168.0.1
Tcpip\..\Interfaces\{2454BC51-DE58-4BC7-844A-1BF98C8D497E}: [DhcpNameServer] 188.75.128.188 10.0.150.150 192.168.0.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=i ... ar=msnhome
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-2009324788-340054426-501186564-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2009324788-340054426-501186564-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2009324788-340054426-501186564-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
HKU\S-1-5-21-2009324788-340054426-501186564-1000\Software\Microsoft\Internet Explorer\Main,SearchURL = hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
HKU\S-1-5-21-2009324788-340054426-501186564-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\S-1-5-21-2009324788-340054426-501186564-1000 -> {57948012-FF93-4DB1-A551-5C8D17ECAB84} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-08-27] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-27] (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\ROBASS\AppData\Roaming\Mozilla\Firefox\Profiles\6pmsaupi.default-1440538516283
FF Homepage: hxxps://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-16] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-16] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-27] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-02-08] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-02-08] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-30] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-30] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin HKU\S-1-5-21-2009324788-340054426-501186564-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\ROBASS\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\ROBASS\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\ROBASS\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-23]
CHR Extension: (Google Docs) - C:\Users\ROBASS\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-16]
CHR Extension: (Google Drive) - C:\Users\ROBASS\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-16]
CHR Extension: (YouTube) - C:\Users\ROBASS\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-16]
CHR Extension: (Google Search) - C:\Users\ROBASS\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-16]
CHR Extension: (Google Sheets) - C:\Users\ROBASS\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-23]
CHR Extension: (AdBlock) - C:\Users\ROBASS\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-08-29]
CHR Extension: (Chrome Web Store Payments) - C:\Users\ROBASS\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-16]
CHR Extension: (Gmail) - C:\Users\ROBASS\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-16]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16941856 2014-02-05] (NVIDIA Corporation)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738200 2014-04-25] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2081752 2014-04-25] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 Themes; C:\Windows\system32\themeservice.dll [44544 2014-01-17] (Microsoft Corporation) [File not signed]
S4 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-10-21] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-06-08] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 ElRawDisk; C:\Windows\system32\drivers\rsdrvx64.sys [26024 2009-02-12] (EldoS Corporation)
S3 ET5Drv; C:\Windows\ET5Drv.sys [36416 2007-10-16] (Windows (R) Codename Longhorn DDK provider)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2014-02-10] ()
S3 HTCAND64; C:\Windows\System32\Drivers\ANDROIDUSB.sys [33736 2009-11-02] (HTC, Corporation) [File not signed]
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
S3 usbohci; C:\Windows\system32\drivers\usbohci.sys [25600 2013-10-21] (Microsoft Corporation) [File not signed]
S3 ALSysIO; \??\D:\TEMP\ALSysIO64.sys [X]
S3 cpudrv64; \??\C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [X]
S3 MarkFun_NT; \??\C:\Program Files (x86)\GIGABYTE\ET5Pro\markfun.a64 [X]
S3 slicedisk.sys; \??\C:\Windows\system32\slicedisk.sys [X]
S3 SliceDisk5; \??\C:\Program Files\A-FF Find and Mount\slicedisk-x64.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 WinRing0_1_2_0; \??\C:\Users\ROBASS\Desktop\REAL TEMP\WinRing0x64.sys [X]
S1 {7929dd67-6f70-43ee-9cc7-c3b1ebca3d6c}Gw64; system32\drivers\{7929dd67-6f70-43ee-9cc7-c3b1ebca3d6c}Gw64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-09-01 20:50 - 2015-09-01 20:50 - 00015327 _____ C:\Users\ROBASS\Desktop\LM.bat
2015-09-01 18:30 - 2015-09-01 18:31 - 00000000 ____D C:\AdwCleaner
2015-09-01 18:28 - 2015-09-01 18:28 - 01654272 _____ C:\Users\ROBASS\Desktop\adwcleaner_5.005.exe
2015-09-01 17:29 - 2015-09-01 20:51 - 00013121 _____ C:\Users\ROBASS\Desktop\FRST.txt
2015-09-01 17:28 - 2015-09-01 20:51 - 00000000 ____D C:\FRST
2015-09-01 17:27 - 2015-09-01 17:27 - 00112640 _____ (forum.viry.cz) C:\Users\ROBASS\Desktop\FRSTLauncher.exe
2015-09-01 15:11 - 2015-09-01 15:11 - 02188800 _____ (Farbar) C:\Users\ROBASS\Desktop\FRST64.exe
2015-09-01 15:03 - 2015-09-01 15:03 - 00020578 _____ C:\Windows\Minidump.rar
2015-09-01 14:59 - 2015-09-01 14:59 - 474810555 _____ C:\Windows\MEMORY.DMP
2015-09-01 14:59 - 2015-09-01 14:59 - 00290336 _____ C:\Windows\Minidump\090115-19734-01.dmp
2015-09-01 14:59 - 2015-09-01 14:59 - 00000000 ____D C:\Windows\Minidump
2015-08-31 21:18 - 2015-08-31 21:21 - 00000000 ____D C:\Users\ROBASS\Desktop\31.8.2015 Kobylka
2015-08-30 17:43 - 2015-09-01 20:49 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-30 17:43 - 2015-09-01 19:48 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-30 17:43 - 2015-08-30 17:43 - 00003948 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-08-30 17:43 - 2015-08-30 17:43 - 00003696 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-08-29 22:02 - 2015-08-29 22:02 - 00000000 ____D C:\Users\ROBASS\Desktop\27.8. U našich, Anet papa video
2015-08-29 22:00 - 2015-08-29 22:01 - 00000000 ____D C:\Users\ROBASS\Desktop\26.8. Otevřená ulice(tatky)
2015-08-29 21:58 - 2015-08-29 21:59 - 00000000 ____D C:\Users\ROBASS\Desktop\29.8. Kostel večer
2015-08-29 21:57 - 2015-09-01 18:48 - 00000000 ____D C:\Users\ROBASS\Desktop\29.8. Pouť
2015-08-27 13:03 - 2015-08-27 13:03 - 00000000 ____D C:\Users\ROBASS\AppData\Roaming\Sun
2015-08-27 13:03 - 2015-08-27 13:03 - 00000000 ____D C:\Users\ROBASS\.oracle_jre_usage
2015-08-27 13:01 - 2015-08-27 13:08 - 00000000 ____D C:\Users\ROBASS\Desktop\26.8. Otevrena ulice, kostel, zahrada
2015-08-19 10:42 - 2015-09-01 16:26 - 00000000 ____D C:\Program Files (x86)\Panda Security
2015-08-16 14:07 - 2015-08-28 18:39 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-16 13:30 - 2015-08-16 13:30 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-08-13 19:34 - 2015-09-01 20:49 - 00005338 _____ C:\Windows\setupact.log
2015-08-13 19:34 - 2015-09-01 16:26 - 00141524 _____ C:\Windows\PFRO.log
2015-08-13 19:34 - 2015-08-13 19:34 - 00000000 _____ C:\Windows\setuperr.log
2015-08-11 19:35 - 2015-09-01 20:50 - 00045280 _____ C:\Windows\WindowsUpdate.log
2015-08-11 16:09 - 2015-08-29 10:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-11 16:09 - 2015-08-11 16:09 - 00001162 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-08-11 16:09 - 2015-08-11 16:09 - 00001150 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-08-11 14:19 - 2015-08-11 14:19 - 00242984 _____ C:\Users\ROBASS\Downloads\Firefox Setup Stub 39.0.3.exe
2015-08-11 13:46 - 2015-08-11 13:46 - 00000000 ____D C:\Program Files\Common Files\AV
2015-08-11 13:46 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe
2015-08-07 15:32 - 2015-08-29 20:27 - 00000000 ____D C:\Users\ROBASS\Desktop\Nová složka (4)
2015-08-04 17:37 - 2015-08-04 17:37 - 00563296 _____ (Oracle Corporation) C:\Users\ROBASS\Downloads\jre-8u51-windows-i586-iftw.exe
2015-08-04 14:27 - 2015-08-04 14:27 - 05309440 _____ (MaLee) C:\Users\ROBASS\Downloads\ANO.exe
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-09-01 20:51 - 2014-05-08 01:15 - 00000000 ____D C:\Users\ROBASS\AppData\Roaming\Skype
2015-09-01 20:49 - 2014-02-24 17:04 - 00000000 ____D C:\ProgramData\NVIDIA
2015-09-01 20:49 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-09-01 20:15 - 2015-01-28 02:40 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-09-01 19:04 - 2014-10-30 22:31 - 00000000 ____D C:\Users\ROBASS\AppData\Roaming\vlc
2015-09-01 18:40 - 2009-07-14 06:45 - 00021248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-09-01 18:40 - 2009-07-14 06:45 - 00021248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-09-01 16:26 - 2009-07-14 06:45 - 00468464 _____ C:\Windows\system32\FNTCACHE.DAT
2015-09-01 16:24 - 2014-02-07 01:00 - 00000000 ____D C:\Users\ROBASS\AppData\Roaming\Panda Security
2015-09-01 16:24 - 2014-02-07 01:00 - 00000000 ____D C:\ProgramData\Panda Security
2015-08-28 15:25 - 2014-03-05 20:21 - 00695664 _____ C:\Windows\system32\perfh019.dat
2015-08-28 15:25 - 2014-03-05 20:21 - 00141320 _____ C:\Windows\system32\perfc019.dat
2015-08-28 15:25 - 2011-04-12 10:34 - 00650908 _____ C:\Windows\system32\perfh005.dat
2015-08-28 15:25 - 2011-04-12 10:34 - 00134296 _____ C:\Windows\system32\perfc005.dat
2015-08-28 15:25 - 2009-07-14 07:13 - 02369470 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-27 21:13 - 2014-05-08 01:15 - 00000000 ____D C:\ProgramData\Skype
2015-08-27 13:04 - 2014-12-12 20:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-08-27 13:04 - 2014-01-17 21:38 - 00000000 ____D C:\ProgramData\Oracle
2015-08-27 13:04 - 2014-01-17 21:38 - 00000000 ____D C:\Program Files (x86)\Java
2015-08-27 13:03 - 2014-01-17 21:38 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-08-27 13:03 - 2014-01-17 13:04 - 00000000 ____D C:\Users\ROBASS
2015-08-25 23:35 - 2014-05-16 02:16 - 00000000 ____D C:\Users\ROBASS\Desktop\Původní data aplikace Firefox
2015-08-25 12:13 - 2012-07-31 20:04 - 00000000 ____D C:\Users\ROBASS\Desktop\Fotky
2015-08-25 12:01 - 2014-05-16 02:06 - 00002186 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-08-16 13:30 - 2014-01-17 19:57 - 00778440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-16 13:30 - 2014-01-17 19:57 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-11 16:29 - 2014-05-10 01:25 - 00000000 ____D C:\Users\ROBASS\AppData\Roaming\uTorrent
2015-08-11 14:33 - 2014-03-18 22:06 - 00000000 ____D C:\Program Files (x86)\HTC
2015-08-11 14:31 - 2015-05-25 20:25 - 00000000 ____D C:\Program Files\Fotolab
2015-08-11 13:46 - 2014-05-11 20:28 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-08-06 22:47 - 2015-07-12 21:21 - 00001226 _____ C:\Users\ROBASS\Desktop\presnidavky.txt
2015-08-04 17:40 - 2014-05-10 02:09 - 00000000 ____D C:\ProgramData\Adobe
2015-08-04 14:28 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\system32\FxsTmp
==================== Files in the root of some directories =======
2015-09-01 20:50 - 2015-09-01 20:50 - 0029696 _____ () C:\Users\ROBASS\AppData\Local\MSGBOX.EXE
2015-05-21 16:12 - 2015-05-21 16:12 - 0000000 _____ () C:\Users\ROBASS\AppData\Local\{43B31F9C-1B1C-4755-B451-D1320849670C}
2014-01-28 08:55 - 2014-01-28 08:55 - 0000000 _____ () C:\ProgramData\0x0304A000.sfl
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe
[2014-01-26 18:11] - [2013-10-21 07:36] - 4656640 ____A (Microsoft Corporation) CD23B721288CB741EBD3380D57F0600F
C:\Windows\SysWOW64\explorer.exe
[2013-10-21 07:36] - [2013-10-21 07:36] - 4298240 ____A (Microsoft Corporation) 0AC4BD54CDEC7679FA5ECC826BD96120
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-09-01 14:55
==================== End of FRST.txt ============================
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: (HDD) (Fixed) (Total:148.95 GB) (Free:61.66 GB) NTFS
Drive d: (ZALOHA) (Fixed) (Total:465.76 GB) (Free:265.72 GB) NTFS
Drive k: (Verbatim HDD) (Fixed) (Total:931.51 GB) (Free:690.73 GB) NTFS
Available physical RAM: 4742.82 MB
Total physical RAM: 6142.49 MB
Percentage of memory in use: 22%
Log FRST:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:31-08-2015
Ran by ROBASS (administrator) on VIONETA (01-09-2015 20:51:04)
Running from C:\Users\ROBASS\Desktop
Loaded Profiles: ROBASS (Available Profiles: ROBASS)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Program Files (x86)\RocketDock\RocketDock.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(forum.viry.cz) C:\Users\ROBASS\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\PING.EXE
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKU\S-1-5-21-2009324788-340054426-501186564-1000\...\Run: [RocketDock] => C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKU\S-1-5-21-2009324788-340054426-501186564-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53661824 2015-07-28] (Skype Technologies S.A.)
HKU\S-1-5-21-2009324788-340054426-501186564-1000\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE [833240 2014-12-23] (ZONER software)
HKU\S-1-5-21-2009324788-340054426-501186564-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicyScripts-x32: Group Policy detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 188.75.128.188 10.0.150.150 192.168.0.1
Tcpip\..\Interfaces\{2454BC51-DE58-4BC7-844A-1BF98C8D497E}: [DhcpNameServer] 188.75.128.188 10.0.150.150 192.168.0.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=i ... ar=msnhome
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-2009324788-340054426-501186564-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2009324788-340054426-501186564-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2009324788-340054426-501186564-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
HKU\S-1-5-21-2009324788-340054426-501186564-1000\Software\Microsoft\Internet Explorer\Main,SearchURL = hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
HKU\S-1-5-21-2009324788-340054426-501186564-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\S-1-5-21-2009324788-340054426-501186564-1000 -> {57948012-FF93-4DB1-A551-5C8D17ECAB84} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-08-27] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-27] (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\ROBASS\AppData\Roaming\Mozilla\Firefox\Profiles\6pmsaupi.default-1440538516283
FF Homepage: hxxps://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-16] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-16] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-27] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-02-08] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-02-08] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-30] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-30] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin HKU\S-1-5-21-2009324788-340054426-501186564-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\ROBASS\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\ROBASS\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\ROBASS\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-23]
CHR Extension: (Google Docs) - C:\Users\ROBASS\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-16]
CHR Extension: (Google Drive) - C:\Users\ROBASS\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-16]
CHR Extension: (YouTube) - C:\Users\ROBASS\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-16]
CHR Extension: (Google Search) - C:\Users\ROBASS\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-16]
CHR Extension: (Google Sheets) - C:\Users\ROBASS\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-23]
CHR Extension: (AdBlock) - C:\Users\ROBASS\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-08-29]
CHR Extension: (Chrome Web Store Payments) - C:\Users\ROBASS\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-16]
CHR Extension: (Gmail) - C:\Users\ROBASS\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-16]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16941856 2014-02-05] (NVIDIA Corporation)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738200 2014-04-25] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2081752 2014-04-25] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 Themes; C:\Windows\system32\themeservice.dll [44544 2014-01-17] (Microsoft Corporation) [File not signed]
S4 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-10-21] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-06-08] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 ElRawDisk; C:\Windows\system32\drivers\rsdrvx64.sys [26024 2009-02-12] (EldoS Corporation)
S3 ET5Drv; C:\Windows\ET5Drv.sys [36416 2007-10-16] (Windows (R) Codename Longhorn DDK provider)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2014-02-10] ()
S3 HTCAND64; C:\Windows\System32\Drivers\ANDROIDUSB.sys [33736 2009-11-02] (HTC, Corporation) [File not signed]
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
S3 usbohci; C:\Windows\system32\drivers\usbohci.sys [25600 2013-10-21] (Microsoft Corporation) [File not signed]
S3 ALSysIO; \??\D:\TEMP\ALSysIO64.sys [X]
S3 cpudrv64; \??\C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [X]
S3 MarkFun_NT; \??\C:\Program Files (x86)\GIGABYTE\ET5Pro\markfun.a64 [X]
S3 slicedisk.sys; \??\C:\Windows\system32\slicedisk.sys [X]
S3 SliceDisk5; \??\C:\Program Files\A-FF Find and Mount\slicedisk-x64.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 WinRing0_1_2_0; \??\C:\Users\ROBASS\Desktop\REAL TEMP\WinRing0x64.sys [X]
S1 {7929dd67-6f70-43ee-9cc7-c3b1ebca3d6c}Gw64; system32\drivers\{7929dd67-6f70-43ee-9cc7-c3b1ebca3d6c}Gw64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-09-01 20:50 - 2015-09-01 20:50 - 00015327 _____ C:\Users\ROBASS\Desktop\LM.bat
2015-09-01 18:30 - 2015-09-01 18:31 - 00000000 ____D C:\AdwCleaner
2015-09-01 18:28 - 2015-09-01 18:28 - 01654272 _____ C:\Users\ROBASS\Desktop\adwcleaner_5.005.exe
2015-09-01 17:29 - 2015-09-01 20:51 - 00013121 _____ C:\Users\ROBASS\Desktop\FRST.txt
2015-09-01 17:28 - 2015-09-01 20:51 - 00000000 ____D C:\FRST
2015-09-01 17:27 - 2015-09-01 17:27 - 00112640 _____ (forum.viry.cz) C:\Users\ROBASS\Desktop\FRSTLauncher.exe
2015-09-01 15:11 - 2015-09-01 15:11 - 02188800 _____ (Farbar) C:\Users\ROBASS\Desktop\FRST64.exe
2015-09-01 15:03 - 2015-09-01 15:03 - 00020578 _____ C:\Windows\Minidump.rar
2015-09-01 14:59 - 2015-09-01 14:59 - 474810555 _____ C:\Windows\MEMORY.DMP
2015-09-01 14:59 - 2015-09-01 14:59 - 00290336 _____ C:\Windows\Minidump\090115-19734-01.dmp
2015-09-01 14:59 - 2015-09-01 14:59 - 00000000 ____D C:\Windows\Minidump
2015-08-31 21:18 - 2015-08-31 21:21 - 00000000 ____D C:\Users\ROBASS\Desktop\31.8.2015 Kobylka
2015-08-30 17:43 - 2015-09-01 20:49 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-30 17:43 - 2015-09-01 19:48 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-30 17:43 - 2015-08-30 17:43 - 00003948 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-08-30 17:43 - 2015-08-30 17:43 - 00003696 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-08-29 22:02 - 2015-08-29 22:02 - 00000000 ____D C:\Users\ROBASS\Desktop\27.8. U našich, Anet papa video
2015-08-29 22:00 - 2015-08-29 22:01 - 00000000 ____D C:\Users\ROBASS\Desktop\26.8. Otevřená ulice(tatky)
2015-08-29 21:58 - 2015-08-29 21:59 - 00000000 ____D C:\Users\ROBASS\Desktop\29.8. Kostel večer
2015-08-29 21:57 - 2015-09-01 18:48 - 00000000 ____D C:\Users\ROBASS\Desktop\29.8. Pouť
2015-08-27 13:03 - 2015-08-27 13:03 - 00000000 ____D C:\Users\ROBASS\AppData\Roaming\Sun
2015-08-27 13:03 - 2015-08-27 13:03 - 00000000 ____D C:\Users\ROBASS\.oracle_jre_usage
2015-08-27 13:01 - 2015-08-27 13:08 - 00000000 ____D C:\Users\ROBASS\Desktop\26.8. Otevrena ulice, kostel, zahrada
2015-08-19 10:42 - 2015-09-01 16:26 - 00000000 ____D C:\Program Files (x86)\Panda Security
2015-08-16 14:07 - 2015-08-28 18:39 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-16 13:30 - 2015-08-16 13:30 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-08-13 19:34 - 2015-09-01 20:49 - 00005338 _____ C:\Windows\setupact.log
2015-08-13 19:34 - 2015-09-01 16:26 - 00141524 _____ C:\Windows\PFRO.log
2015-08-13 19:34 - 2015-08-13 19:34 - 00000000 _____ C:\Windows\setuperr.log
2015-08-11 19:35 - 2015-09-01 20:50 - 00045280 _____ C:\Windows\WindowsUpdate.log
2015-08-11 16:09 - 2015-08-29 10:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-11 16:09 - 2015-08-11 16:09 - 00001162 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-08-11 16:09 - 2015-08-11 16:09 - 00001150 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-08-11 14:19 - 2015-08-11 14:19 - 00242984 _____ C:\Users\ROBASS\Downloads\Firefox Setup Stub 39.0.3.exe
2015-08-11 13:46 - 2015-08-11 13:46 - 00000000 ____D C:\Program Files\Common Files\AV
2015-08-11 13:46 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe
2015-08-07 15:32 - 2015-08-29 20:27 - 00000000 ____D C:\Users\ROBASS\Desktop\Nová složka (4)
2015-08-04 17:37 - 2015-08-04 17:37 - 00563296 _____ (Oracle Corporation) C:\Users\ROBASS\Downloads\jre-8u51-windows-i586-iftw.exe
2015-08-04 14:27 - 2015-08-04 14:27 - 05309440 _____ (MaLee) C:\Users\ROBASS\Downloads\ANO.exe
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-09-01 20:51 - 2014-05-08 01:15 - 00000000 ____D C:\Users\ROBASS\AppData\Roaming\Skype
2015-09-01 20:49 - 2014-02-24 17:04 - 00000000 ____D C:\ProgramData\NVIDIA
2015-09-01 20:49 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-09-01 20:15 - 2015-01-28 02:40 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-09-01 19:04 - 2014-10-30 22:31 - 00000000 ____D C:\Users\ROBASS\AppData\Roaming\vlc
2015-09-01 18:40 - 2009-07-14 06:45 - 00021248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-09-01 18:40 - 2009-07-14 06:45 - 00021248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-09-01 16:26 - 2009-07-14 06:45 - 00468464 _____ C:\Windows\system32\FNTCACHE.DAT
2015-09-01 16:24 - 2014-02-07 01:00 - 00000000 ____D C:\Users\ROBASS\AppData\Roaming\Panda Security
2015-09-01 16:24 - 2014-02-07 01:00 - 00000000 ____D C:\ProgramData\Panda Security
2015-08-28 15:25 - 2014-03-05 20:21 - 00695664 _____ C:\Windows\system32\perfh019.dat
2015-08-28 15:25 - 2014-03-05 20:21 - 00141320 _____ C:\Windows\system32\perfc019.dat
2015-08-28 15:25 - 2011-04-12 10:34 - 00650908 _____ C:\Windows\system32\perfh005.dat
2015-08-28 15:25 - 2011-04-12 10:34 - 00134296 _____ C:\Windows\system32\perfc005.dat
2015-08-28 15:25 - 2009-07-14 07:13 - 02369470 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-27 21:13 - 2014-05-08 01:15 - 00000000 ____D C:\ProgramData\Skype
2015-08-27 13:04 - 2014-12-12 20:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-08-27 13:04 - 2014-01-17 21:38 - 00000000 ____D C:\ProgramData\Oracle
2015-08-27 13:04 - 2014-01-17 21:38 - 00000000 ____D C:\Program Files (x86)\Java
2015-08-27 13:03 - 2014-01-17 21:38 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-08-27 13:03 - 2014-01-17 13:04 - 00000000 ____D C:\Users\ROBASS
2015-08-25 23:35 - 2014-05-16 02:16 - 00000000 ____D C:\Users\ROBASS\Desktop\Původní data aplikace Firefox
2015-08-25 12:13 - 2012-07-31 20:04 - 00000000 ____D C:\Users\ROBASS\Desktop\Fotky
2015-08-25 12:01 - 2014-05-16 02:06 - 00002186 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-08-16 13:30 - 2014-01-17 19:57 - 00778440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-16 13:30 - 2014-01-17 19:57 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-11 16:29 - 2014-05-10 01:25 - 00000000 ____D C:\Users\ROBASS\AppData\Roaming\uTorrent
2015-08-11 14:33 - 2014-03-18 22:06 - 00000000 ____D C:\Program Files (x86)\HTC
2015-08-11 14:31 - 2015-05-25 20:25 - 00000000 ____D C:\Program Files\Fotolab
2015-08-11 13:46 - 2014-05-11 20:28 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-08-06 22:47 - 2015-07-12 21:21 - 00001226 _____ C:\Users\ROBASS\Desktop\presnidavky.txt
2015-08-04 17:40 - 2014-05-10 02:09 - 00000000 ____D C:\ProgramData\Adobe
2015-08-04 14:28 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\system32\FxsTmp
==================== Files in the root of some directories =======
2015-09-01 20:50 - 2015-09-01 20:50 - 0029696 _____ () C:\Users\ROBASS\AppData\Local\MSGBOX.EXE
2015-05-21 16:12 - 2015-05-21 16:12 - 0000000 _____ () C:\Users\ROBASS\AppData\Local\{43B31F9C-1B1C-4755-B451-D1320849670C}
2014-01-28 08:55 - 2014-01-28 08:55 - 0000000 _____ () C:\ProgramData\0x0304A000.sfl
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe
[2014-01-26 18:11] - [2013-10-21 07:36] - 4656640 ____A (Microsoft Corporation) CD23B721288CB741EBD3380D57F0600F
C:\Windows\SysWOW64\explorer.exe
[2013-10-21 07:36] - [2013-10-21 07:36] - 4298240 ____A (Microsoft Corporation) 0AC4BD54CDEC7679FA5ECC826BD96120
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-09-01 14:55
==================== End of FRST.txt ============================
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: (HDD) (Fixed) (Total:148.95 GB) (Free:61.66 GB) NTFS
Drive d: (ZALOHA) (Fixed) (Total:465.76 GB) (Free:265.72 GB) NTFS
Drive k: (Verbatim HDD) (Fixed) (Total:931.51 GB) (Free:690.73 GB) NTFS
Available physical RAM: 4742.82 MB
Total physical RAM: 6142.49 MB
Percentage of memory in use: 22%
-
Rudy
- Site Admin
- Příspěvky: 119675
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Padání Firefoxu, někdy modrá smrt PC
Mělo by to být OK. Pokud by se to opakovalo, zkuste tu druhou možnost.
Otevřte poznámkový blok a zkopírujte do něj:
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
GroupPolicyScripts-x32: Group Policy detected <======= ATTENTION
HKU\S-1-5-21-2009324788-340054426-501186564-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
HKU\S-1-5-21-2009324788-340054426-501186564-1000\Software\Microsoft\Internet Explorer\Main,SearchURL = hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
FF Plugin HKU\S-1-5-21-2009324788-340054426-501186564-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\ROBASS\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
C:\ProgramData\0x0304A000.sfl
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Padání Firefoxu, někdy modrá smrt PC
Fix result of Farbar Recovery Scan Tool (x64) Version:31-08-2015
Ran by ROBASS (2015-09-01 23:24:11) Run:1
Running from C:\Users\ROBASS\Desktop
Loaded Profiles: ROBASS (Available Profiles: ROBASS)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
GroupPolicyScripts-x32: Group Policy detected <======= ATTENTION
HKU\S-1-5-21-2009324788-340054426-501186564-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
HKU\S-1-5-21-2009324788-340054426-501186564-1000\Software\Microsoft\Internet Explorer\Main,SearchURL = hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
FF Plugin HKU\S-1-5-21-2009324788-340054426-501186564-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\ROBASS\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
C:\ProgramData\0x0304A000.sfl
End
*****************
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
C:\Windows\SysWOW64\GroupPolicy\Machine => moved successfully
HKU\S-1-5-21-2009324788-340054426-501186564-1000\Software\Microsoft\Internet Explorer\Main\\Search Bar => value removed successfully
HKU\S-1-5-21-2009324788-340054426-501186564-1000\Software\Microsoft\Internet Explorer\Main\\SearchURL => value removed successfully
"HKU\S-1-5-21-2009324788-340054426-501186564-1000\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin" => key removed successfully
C:\Users\ROBASS\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll => not found.
C:\ProgramData\0x0304A000.sfl => moved successfully
The system needed a reboot..
==== End of Fixlog 23:24:11 ====
Ran by ROBASS (2015-09-01 23:24:11) Run:1
Running from C:\Users\ROBASS\Desktop
Loaded Profiles: ROBASS (Available Profiles: ROBASS)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
GroupPolicyScripts-x32: Group Policy detected <======= ATTENTION
HKU\S-1-5-21-2009324788-340054426-501186564-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
HKU\S-1-5-21-2009324788-340054426-501186564-1000\Software\Microsoft\Internet Explorer\Main,SearchURL = hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
FF Plugin HKU\S-1-5-21-2009324788-340054426-501186564-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\ROBASS\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
C:\ProgramData\0x0304A000.sfl
End
*****************
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
C:\Windows\SysWOW64\GroupPolicy\Machine => moved successfully
HKU\S-1-5-21-2009324788-340054426-501186564-1000\Software\Microsoft\Internet Explorer\Main\\Search Bar => value removed successfully
HKU\S-1-5-21-2009324788-340054426-501186564-1000\Software\Microsoft\Internet Explorer\Main\\SearchURL => value removed successfully
"HKU\S-1-5-21-2009324788-340054426-501186564-1000\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin" => key removed successfully
C:\Users\ROBASS\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll => not found.
C:\ProgramData\0x0304A000.sfl => moved successfully
The system needed a reboot..
==== End of Fixlog 23:24:11 ====
-
Rudy
- Site Admin
- Příspěvky: 119675
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Padání Firefoxu, někdy modrá smrt PC
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Padání Firefoxu, někdy modrá smrt PC
Tak zatím modrá smrt nebyla, uvidím za dýl 
, ale Firefox padá neustále nechápu proč.
, ale Firefox padá neustále nechápu proč.-
Rudy
- Site Admin
- Příspěvky: 119675
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Padání Firefoxu, někdy modrá smrt PC
Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?