Kontrola logu + vyčištění

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

Uživatelský avatar
extrem
Level 4
Level 4
Příspěvky: 1256
Registrován: leden 15
Pohlaví: Muž
Stav:
Offline

Re: Kontrola logu + vyčištění

Příspěvekod extrem » 11 lis 2015 16:51

Ještě k tomu MemTestu , mám 3 GB RAM , což je 3072 MB ? Když to tam zadám , tak mě to nepustí.
Ryzen 5 5600, RX 6600XT. 16GB 3200 Mhz

Reklama
Uživatelský avatar
Orcus
člen Security týmu
Elite Level 10.5
Elite Level 10.5
Příspěvky: 10645
Registrován: duben 10
Bydliště: Okolo rostou 3 růže =o)
Pohlaví: Muž
Stav:
Offline

Re: Kontrola logu + vyčištění

Příspěvekod Orcus » 11 lis 2015 18:15

Disk ok, teploty OK. U memtestu - píše Ti to nějakou maximální hodnotu, kterou to povolí, takže spusíš memtest současně tolikrát, aby jsi zaplnil kompletně RAM. Pokud nabízí 1536 MB, tak spustíš dvakrát, pokud 1024 tak 3x, atd.
Láska hřeje, ale uhlí je uhlí. :fire:



Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.

Pár rad k bezpečnosti PC.

Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix

Pokud budete spokojeni , můžete podpořit naše fórum.

Uživatelský avatar
extrem
Level 4
Level 4
Příspěvky: 1256
Registrován: leden 15
Pohlaví: Muž
Stav:
Offline

Re: Kontrola logu + vyčištění

Příspěvekod extrem » 11 lis 2015 18:17

Dobře , jdu na to. :)
Ryzen 5 5600, RX 6600XT. 16GB 3200 Mhz

Uživatelský avatar
extrem
Level 4
Level 4
Příspěvky: 1256
Registrován: leden 15
Pohlaví: Muž
Stav:
Offline

Re: Kontrola logu + vyčištění

Příspěvekod extrem » 12 lis 2015 10:55

Memtest bez chyb. Ještě doplním , že jsem si všiml jedné věci. Když se mi ten ntb začne sekat tak jen třeba prohlížeč , ale u hry mi to FPS neubere.
Ryzen 5 5600, RX 6600XT. 16GB 3200 Mhz

Uživatelský avatar
Orcus
člen Security týmu
Elite Level 10.5
Elite Level 10.5
Příspěvky: 10645
Registrován: duben 10
Bydliště: Okolo rostou 3 růže =o)
Pohlaví: Muž
Stav:
Offline

Re: Kontrola logu + vyčištění

Příspěvekod Orcus » 12 lis 2015 15:23

Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.
Láska hřeje, ale uhlí je uhlí. :fire:



Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.

Pár rad k bezpečnosti PC.

Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix

Pokud budete spokojeni , můžete podpořit naše fórum.

Uživatelský avatar
extrem
Level 4
Level 4
Příspěvky: 1256
Registrován: leden 15
Pohlaví: Muž
Stav:
Offline

Re: Kontrola logu + vyčištění

Příspěvekod extrem » 12 lis 2015 15:34

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-11-2015
Ran by Omi (administrator) on OMI-PC (12-11-2015 15:27:00)
Running from C:\Users\Omi\Desktop
Loaded Profiles: Omi (Available Profiles: Omi)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Windows\PLFSetI.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
() C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.1.3\deploy\LoLLauncher.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.43\deploy\LoLPatcher.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.168\deploy\LolClient.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-05] (Intel Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8060960 2009-08-06] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1808168 2009-06-19] (Synaptics Incorporated)
HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [200704 2015-02-10] ()
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [828960 2009-08-05] (Acer Incorporated)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1194504 2009-08-27] (Dritek System Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [AMD AVT] => C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [20992 2012-03-19] ()
HKU\S-1-5-21-2737042915-4269745475-1994003038-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7404312 2015-01-20] (Piriform Ltd)
HKU\S-1-5-21-2737042915-4269745475-1994003038-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [899584 2010-11-20] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 84.16.120.1 84.16.96.2
Tcpip\..\Interfaces\{484C459F-8045-45C0-B14A-426E4A2EF2DA}: [DhcpNameServer] 84.16.120.1 84.16.96.2

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-2737042915-4269745475-1994003038-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-2737042915-4269745475-1994003038-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-21-2737042915-4269745475-1994003038-1000 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2737042915-4269745475-1994003038-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-09-10] (Oracle Corporation)
BHO-x32: Pomocník pro přihlášení ke službě Windows Live -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-10] (Oracle Corporation)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll [2009-02-06] (Microsoft Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-20] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-20] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-20] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-20] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Omi\AppData\Roaming\Mozilla\Firefox\Profiles\5fx9ip06.default
FF NewTab: about:newtab
FF Homepage: about:home
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-12] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-10] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-10] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8064.0206 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2009-02-06] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2737042915-4269745475-1994003038-1000: @octoshape.com/Octoshape Streaming Services,version=1.0 -> C:\Users\Omi\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1503240-0-npoctoshape.dll [2015-03-24] (Octoshape ApS)
FF Plugin HKU\S-1-5-21-2737042915-4269745475-1994003038-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Omi\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [No File]
FF Plugin ProgramFiles/Appdata: C:\Users\Omi\AppData\Roaming\mozilla\plugins\npoctoshape.dll [2015-07-13] (Octoshape ApS)

Chrome:
=======
CHR Profile: C:\Users\Omi\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Omi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-08]
CHR Extension: (Dokumenty Google) - C:\Users\Omi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-08]
CHR Extension: (Disk Google) - C:\Users\Omi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-08]
CHR Extension: (YouTube) - C:\Users\Omi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-08]
CHR Extension: (Vyhledávání Google) - C:\Users\Omi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-08]
CHR Extension: (Tabulky Google) - C:\Users\Omi\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-08]
CHR Extension: (Dokumenty Google offline) - C:\Users\Omi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-08]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Omi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-08]
CHR Extension: (Gmail) - C:\Users\Omi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-08]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2505472 2015-10-09] (ESET)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-04-26] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [214520 2015-04-26] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [264040 2015-09-23] (ESET)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [186784 2015-09-23] (ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [170792 2015-09-23] (ESET)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2015-02-10] () [File not signed]
U3 a49zv5k2; C:\Windows\System32\Drivers\a49zv5k2.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-12 15:27 - 2015-11-12 15:28 - 00013405 _____ C:\Users\Omi\Desktop\FRST.txt
2015-11-12 15:26 - 2015-11-12 15:27 - 00000000 ____D C:\FRST
2015-11-12 15:26 - 2015-11-12 15:26 - 00000000 ____D C:\Users\Omi\Desktop\FRST-OlderVersion
2015-11-11 18:34 - 2015-11-12 08:31 - 00000112 _____ C:\Windows\setupact.log
2015-11-11 18:34 - 2015-11-11 18:34 - 00000000 _____ C:\Windows\setuperr.log
2015-11-11 16:35 - 2015-11-11 16:35 - 00015201 _____ C:\Users\Omi\Downloads\MemTest (1).zip
2015-11-11 16:29 - 2015-11-11 16:29 - 00025553 _____ C:\Users\Omi\Desktop\HWMonitor.txt
2015-11-11 16:24 - 2015-11-11 16:24 - 00105404 _____ C:\Users\Omi\Documents\cc_20151111_162350.reg
2015-11-10 17:33 - 2015-11-10 17:34 - 00201728 _____ (OldTimer Tools) C:\Users\Omi\Downloads\OTC.exe
2015-11-10 16:46 - 2015-11-10 16:47 - 05200384 _____ (AVAST Software) C:\Users\Omi\Downloads\aswmbr.exe
2015-11-10 16:33 - 2015-11-10 16:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2015-11-10 16:33 - 2015-11-10 16:33 - 00000000 ____D C:\ProgramData\ESET
2015-11-10 16:04 - 2015-11-10 16:06 - 02838216 _____ (ESET) C:\Users\Omi\Downloads\eset_nod32_antivirus_live_installer.exe
2015-11-09 18:43 - 2015-11-09 18:43 - 05638248 _____ (Swearware) C:\Users\Omi\Downloads\ComboFix.exe
2015-11-08 09:18 - 2015-11-10 17:36 - 00000000 ____D C:\Qoobox
2015-11-08 09:14 - 2015-11-08 08:52 - 00024064 _____ C:\Windows\zoek-delete.exe
2015-11-08 08:53 - 2015-11-08 09:16 - 00008764 _____ C:\zoek-results.log
2015-11-08 08:52 - 2015-11-08 08:52 - 00000000 ____D C:\zoek_backup
2015-11-04 17:13 - 2015-11-08 08:38 - 00000000 ____D C:\AdwCleaner
2015-11-04 17:13 - 2015-11-04 17:13 - 01708032 _____ C:\Users\Omi\Downloads\adwcleaner_5.017.exe
2015-11-04 17:11 - 2015-11-10 16:29 - 00008536 _____ C:\Users\Omi\Downloads\hijackthis.log
2015-11-04 17:10 - 2015-11-04 17:10 - 00388608 _____ (Trend Micro Inc.) C:\Users\Omi\Downloads\HijackThis.exe
2015-11-01 17:56 - 2015-11-01 17:56 - 00448512 _____ (OldTimer Tools) C:\Users\Omi\Downloads\TFC.exe
2015-10-13 14:29 - 2015-10-13 14:29 - 00781312 _____ C:\Users\Omi\Downloads\delfix_1.011.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-12 15:26 - 2015-09-12 18:11 - 02198528 _____ (Farbar) C:\Users\Omi\Desktop\FRST64.exe
2015-11-12 15:26 - 2015-03-27 19:44 - 00000000 ____D C:\Users\Omi\Desktop\System
2015-11-12 12:29 - 2015-05-26 19:32 - 00000000 ____D C:\Program Files (x86)\Steam
2015-11-12 08:39 - 2009-07-14 05:45 - 00017376 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-11-12 08:39 - 2009-07-14 05:45 - 00017376 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-11-12 08:38 - 2015-02-10 04:44 - 00665944 _____ C:\Windows\system32\perfh005.dat
2015-11-12 08:38 - 2015-02-10 04:44 - 00139608 _____ C:\Windows\system32\perfc005.dat
2015-11-12 08:38 - 2009-07-14 06:13 - 01575230 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-12 08:31 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-11-11 20:11 - 2015-02-11 21:39 - 01329338 _____ C:\Windows\WindowsUpdate.log
2015-11-11 16:35 - 2015-02-10 20:26 - 00000000 ____D C:\Users\Omi\AppData\Local\Apps\2.0
2015-11-10 16:33 - 2015-05-09 07:55 - 00000000 ____D C:\Program Files\ESET
2015-11-10 16:24 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2015-11-10 16:23 - 2015-06-13 18:30 - 00000000 ____D C:\Windows\erdnt
2015-11-08 08:41 - 2015-06-06 15:58 - 00037624 _____ C:\Windows\system32\Drivers\TrueSight.sys
2015-11-04 17:17 - 2015-06-06 14:41 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-10-31 12:04 - 2015-08-15 11:44 - 00000000 ____D C:\Users\Omi\AppData\Roaming\TS3Client
2015-10-31 12:04 - 2015-02-10 21:07 - 00000000 ____D C:\Users\Omi\AppData\Roaming\DAEMON Tools Lite
2015-10-21 18:46 - 2015-03-27 19:45 - 00000000 ____D C:\Users\Omi\Desktop\Škola
2015-10-19 17:54 - 2015-04-21 14:00 - 00000000 ____D C:\Users\Omi\AppData\Roaming\.minecraft
2015-10-15 19:06 - 2015-02-18 19:17 - 00000000 ____D C:\Users\Omi\Desktop\Hry
2015-10-13 18:13 - 2015-02-23 12:26 - 00000000 ____D C:\Users\Omi\Documents\FIFA 14
2015-10-13 14:30 - 2015-06-06 17:27 - 00001799 _____ C:\DelFix.txt
2015-10-13 14:26 - 2015-06-06 17:25 - 00000000 ____D C:\Users\Omi\Downloads\backups

==================== Files in the root of some directories =======

2015-07-03 16:50 - 2015-07-04 19:24 - 0005632 _____ () C:\Users\Omi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-05-03 13:00 - 2015-10-03 08:27 - 0007605 _____ () C:\Users\Omi\AppData\Local\resmon.resmoncfg
2015-02-10 19:35 - 2015-02-10 19:39 - 0007823 _____ () C:\ProgramData\ArcadeDeluxe3.log
2015-02-10 20:08 - 2015-02-10 20:09 - 0000091 _____ () C:\ProgramData\PS.log

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-10-22 19:07

==================== End of FRST.txt ============================
Ryzen 5 5600, RX 6600XT. 16GB 3200 Mhz

Uživatelský avatar
extrem
Level 4
Level 4
Příspěvky: 1256
Registrován: leden 15
Pohlaví: Muž
Stav:
Offline

Re: Kontrola logu + vyčištění

Příspěvekod extrem » 12 lis 2015 15:34

Additional scan result of Farbar Recovery Scan Tool (x64) Version:07-11-2015
Ran by Omi (2015-11-12 15:30:55)
Running from C:\Users\Omi\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2015-02-09 19:45:28)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2737042915-4269745475-1994003038-500 - Administrator - Disabled)
Guest (S-1-5-21-2737042915-4269745475-1994003038-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2737042915-4269745475-1994003038-1002 - Limited - Enabled)
Omi (S-1-5-21-2737042915-4269745475-1994003038-1000 - Administrator - Enabled) => C:\Users\Omi

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET NOD32 Antivirus 9.0.318.22 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET NOD32 Antivirus 9.0.318.22 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

1.0 (HKLM-x32\...\Saint Row_is1) (Version: - )
Acer Crystal Eye webcam Ver:1.1.74.216 (HKLM-x32\...\{D0ACE89D-EC7F-470F-80BE-4C98ED366B32}) (Version: 1.1.74.216 - Chicony Electronics Co.,Ltd.)
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 4.05.3002 - Acer Incorporated)
Acer GridVista (HKLM-x32\...\GridVista) (Version: 3.01.0730 - Acer Inc.)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.5.0715 - Acer Incorporated)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.0.22.87 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
AMD Catalyst Install Manager (HKLM\...\{37FCE154-7F59-74F0-3A35-BF503CEB230B}) (Version: 8.0.877.0 - Advanced Micro Devices, Inc.)
Asistent pro přihlášení ke službě Windows Live (HKLM-x32\...\{3E62B27C-342F-4B44-9331-CA4BC59A586F}) (Version: 5.000.818.5 - Microsoft Corporation)
ATI AVIVO64 Codecs (Version: 10.7.0.40702 - ATI Technologies Inc.) Hidden
Broadcom Gigabit NetLink Controller (HKLM\...\{96F70DF8-160F-4F9C-9B9E-2A9B439B4EB9}) (Version: 12.26.02 - Broadcom Corporation)
Call of Duty(R) 2 (HKLM-x32\...\InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}) (Version: 1.00.0000 - Activision)
Call of Duty(R) 2 (x32 Version: 1.00.0000 - Activision) Hidden
Call of Duty(R) 2 Patch 1.3 (HKLM-x32\...\{C13E90B0-4E1C-11DB-6784-0152EAA218BE}) (Version: 1.3 - Activision)
CCleaner (HKLM\...\CCleaner) (Version: 5.02 - Piriform)
Centrum zařízení Windows Mobile (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
CoD 2 čeština (HKLM-x32\...\CoD 2 čeština_is1) (Version: - #'Pan[S]al!er!)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
CPUID HWMonitor 1.27 (HKLM\...\CPUID HWMonitor_is1) (Version: - )
CrystalDiskInfo 6.5.2 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.5.2 - Crystal Dew World)
Dark Shadows - Army of Evil (HKLM-x32\...\Steam App 280640) (Version: - Burian Media Enterprises)
DynavixManager.exe (HKU\S-1-5-21-2737042915-4269745475-1994003038-1000\...\fed084c560db576b) (Version: 2.6.4.0 - Dynavix)
ESET NOD32 Antivirus (HKLM\...\{498EFBC0-331B-4722-ABD0-B787BA8FE94C}) (Version: 9.0.318.22 - ESET, spol. s r.o.)
Euro Truck Simulator 2 - v1.10.1.18s + 13xDLC (HKLM-x32\...\Euro Truck Simulator 2_is1) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.85 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.13 - Google Inc.) Hidden
Grand Theft Auto IV (HKLM-x32\...\{579BA58C-F33D-4970-9953-B94B43768AC3}) (Version: 1.00.0000 - Rockstar Games)
GTA San Andreas (HKLM-x32\...\GTA San Andreas) (Version: - )
Choice Guard (x32 Version: 1.2.87.0 - Microsoft Corporation) Hidden
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3001 - Acer Incorporated)
Infinite HD™ App (HKU\S-1-5-21-2737042915-4269745475-1994003038-1000\...\Octoshape Streaming Services) (Version: - Octoshape ApS)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Junk Mail filter update (x32 Version: 14.0.8064.206 - Microsoft Corporation) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 3.0.04 - Acer Inc.)
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
LSI HDA Modem (HKLM\...\LSI Soft Modem) (Version: 2.1.94 - LSI Corporation)
Mafia II (HKLM-x32\...\Mafia II_is1) (Version: - )
Malwarebytes Anti-Malware verze 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile CSY Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile CSY Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended CSY Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended CSY Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Games for Windows - LIVE (HKLM-x32\...\{4AA3D64E-9EC3-4B0F-AB91-5885AC55641F}) (Version: 2.0.675.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{FD052FB9-FE90-4438-B355-15EDC89D8FB1}) (Version: 2.0.673.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{99D7DE4C-2775-4B16-B155-7F09AE939E8E}) (Version: 9.7.0621 - Microsoft Corporation)
Mozilla Firefox 37.0.2 (x86 cs) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 cs)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 37.0.2 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nástroj pro odesílání služby Windows Live (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
NHL® 09 (HKLM-x32\...\{F2B5A2A7-2DF9-4361-8BD5-362714528B51}) (Version: 2.0.1.0 - Electronic Arts)
NTI Backup Now 5 (HKLM-x32\...\InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}) (Version: 5.1.2.627 - NewTech Infosystems)
NTI Backup Now Standard (x32 Version: 5.1.2.627 - NewTech Infosystems) Hidden
NTI Media Maker 8 (HKLM-x32\...\InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}) (Version: 8.0.12.6619 - NewTech Infosystems)
NTI Media Maker 8 (x32 Version: 8.0.12.6619 - NewTech Infosystems) Hidden
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
Polda V (HKLM-x32\...\Polda V_is1) (Version: - )
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.994 - Even Balance, Inc.)
Racer 8 (HKLM-x32\...\Steam App 292380) (Version: - 30.06 Studios Ltd)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5911 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7100.30093 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\{08B3869E-D282-424C-9AFC-870E04A4BA14}) (Version: 1.00.0000 - Rockstar Games)
Shower With Your Dad Simulator 2015: Do You Still Shower With Your Dad (HKLM-x32\...\Steam App 359050) (Version: - marbenx)
Software Bluetooth WIDCOMM (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.0.9700 - Broadcom)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 13.2.2.0 - Synaptics Incorporated)
System Requirements Lab Detection (HKLM-x32\...\{045A5B69-F66C-4EC0-AF2F-47256237DBC8}) (Version: 6.1.4.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.17 - TeamSpeak Systems GmbH)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51a - Ghisler Software GmbH)
TrackMania Nations Forever (HKLM-x32\...\Steam App 11020) (Version: - Nadeo)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.00.3005 - Acer Incorporated)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8064.0206 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{E570CB6B-1CBC-4ADD-969F-7B3338A6BDB6}) (Version: 14.0.8064.206 - Microsoft Corporation)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

13-10-2015 14:30:02 End of disinfection
22-10-2015 19:14:58 Naplánovaný kontrolní bod
05-11-2015 16:09:48 JRT Pre-Junkware Removal
08-11-2015 08:53:10 zoek.exe restore point

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2015-11-10 16:24 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {4A54AE1C-774D-4D2D-90A6-5F1FB1FB5D7A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-01-20] (Piriform Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Loaded Modules (Whitelisted) ==============

2015-03-20 15:20 - 2015-04-26 15:11 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-03-20 15:20 - 2015-04-26 15:19 - 00214520 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2015-02-10 19:34 - 2015-02-10 19:33 - 00200704 _____ () C:\Windows\PLFSetI.exe
2015-01-21 03:06 - 2015-01-21 03:06 - 00053248 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2014-01-21 16:54 - 2015-02-20 17:05 - 01294336 _____ () C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
2015-11-11 16:53 - 2015-11-11 16:53 - 02307576 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.1.3\deploy\LoLLauncher.exe
2015-11-11 16:54 - 2015-11-11 16:54 - 04147192 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.43\deploy\LoLPatcher.exe
2015-02-21 08:14 - 2015-02-21 08:14 - 00074752 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.168\deploy\LolClient.exe
2015-08-28 15:03 - 2015-10-05 17:18 - 00778752 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-08-28 15:02 - 2015-07-03 17:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-08-28 15:02 - 2015-07-03 17:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-08-28 15:02 - 2015-07-03 17:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-08-28 15:03 - 2015-10-14 21:56 - 02423376 _____ () C:\Program Files (x86)\Steam\video.dll
2015-08-28 15:02 - 2015-09-24 01:33 - 02549248 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-08-28 15:02 - 2015-09-24 01:33 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2015-08-28 15:02 - 2015-09-24 01:33 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-08-28 15:02 - 2015-09-24 01:33 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2015-08-28 15:02 - 2015-09-24 01:33 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-08-28 15:02 - 2015-10-14 21:56 - 00705104 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-08-28 15:02 - 2015-10-09 19:13 - 00193024 _____ () C:\Program Files (x86)\Steam\bin\openvr_api.dll
2015-08-28 15:02 - 2015-10-08 23:20 - 45010208 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2015-08-28 15:02 - 2015-09-25 00:56 - 00119208 _____ () C:\Program Files (x86)\Steam\winh264.dll
2015-11-11 16:54 - 2015-11-11 16:54 - 01451512 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.43\deploy\RiotLauncher.dll
2015-09-30 15:23 - 2015-09-30 15:23 - 04885152 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.168\deploy\Adobe AIR\Versions\1.0\Resources\WebKit.dll
2015-09-10 19:09 - 2015-08-28 01:17 - 01501512 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.85\libglesv2.dll
2015-09-10 19:09 - 2015-08-28 01:17 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.85\libegl.dll
2015-10-22 16:46 - 2015-10-15 12:20 - 16493256 _____ () C:\Users\Omi\AppData\Local\Google\Chrome\User Data\PepperFlash\19.0.0.226\pepflashplayer.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2737042915-4269745475-1994003038-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Omi\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 84.16.120.1 - 84.16.96.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\Windows\pss\Bluetooth.lnk.CommonStartup
MSCONFIG\startupreg: RGSC => C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: Windows Mobile Device Center => %windir%\WindowsMobile\wmdc.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{A5A48B92-8A06-46CC-AB98-D30EDF70F628}] => (Allow) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
FirewallRules: [{D8AABB03-CA8D-478A-9763-5281D43A0491}] => (Allow) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
FirewallRules: [{709F98C6-1B56-469C-AA7C-7E33F537B2FB}] => (Allow) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
FirewallRules: [{0DB6F52F-2488-4615-B42D-CC238964C6BE}] => (Allow) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
FirewallRules: [{D8FF774B-7113-4BD9-B597-4E6F9FD217AE}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{256FC14F-72BC-4DC0-A45A-F39B20CEC009}] => (Allow) svchost.exe
FirewallRules: [{309A8064-43AA-407F-8BB9-CFD8C1BAFD9E}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{65A04E88-CDB2-4236-8590-08F2FC39FC01}] => (Allow) C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe
FirewallRules: [{1CA8ED65-5073-47F1-9C87-65A006326CF3}] => (Allow) C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe
FirewallRules: [{57F55F22-52E8-4D83-BDCC-226A692144CC}] => (Allow) C:\Program Files (x86)\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe
FirewallRules: [{9A11B8E1-B356-4B56-8D7E-ACEBE6B94933}] => (Allow) C:\Program Files (x86)\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe
FirewallRules: [{0036CB1F-AC7F-46AD-A1D8-555AB93F3457}] => (Allow) C:\Program Files (x86)\Rockstar Games\Grand Theft Auto IV\GTAIV.exe
FirewallRules: [{1D0E2DD4-D171-48EC-B5AF-DE218F7796A2}] => (Allow) C:\Program Files (x86)\Rockstar Games\Grand Theft Auto IV\GTAIV.exe
FirewallRules: [{8929B1AE-AAB9-47FF-9145-39A770D54C72}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{2B1F49B4-0895-45B0-8F20-A40BFDE2C1A9}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{318E1FAB-CCDD-4825-B0CF-0B81DF5F8E76}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{A54AB5A5-C727-4D40-B762-4E4837E4A34D}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{492BC00A-3C36-4D18-839D-2BDE29211252}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty 2\cod2mp_s.exe
FirewallRules: [{FBDCF1B4-15AF-4B34-87C2-7EDE5C799C8E}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty 2\cod2mp_s.exe
FirewallRules: [{FDF5C67F-6593-4E92-9D6A-F1B58D17BDA6}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty 2\cod2mp_s.exe
FirewallRules: [{A496771C-CB2D-441F-8493-BBC78F5C7E45}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty 2\cod2mp_s.exe
FirewallRules: [{4576C28F-6192-4892-AE7B-82D71DCF9743}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty 2\cod2sp_s.exe
FirewallRules: [{0FA50442-7737-4C0B-8C9E-5D0C2B233B85}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty 2\cod2sp_s.exe
FirewallRules: [{2EC72C8A-C766-4D62-954B-EA9E158308EC}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty 2\cod2sp_s.exe
FirewallRules: [{79E586E4-ECB6-4108-8EFD-25ADBD3B043E}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty 2\cod2sp_s.exe
FirewallRules: [{C7986C06-FE63-4C4E-95BA-A5257D19E578}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E904847B-3D98-44FF-8EF8-8B23CF993807}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8CD8A245-87AE-4488-B18C-50A6C1892D30}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{516E7CE3-2CEA-423A-A670-4698F53A3080}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{7C163899-B08F-424F-BC48-CCA2EFC946BA}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{44166EE2-76EC-4C88-BA5E-5E74304DFDA2}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{7F7C37C0-59C7-4808-8412-B202B954B618}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{954D0D34-E599-4184-867E-5A0B609AB680}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{EA407B31-E72C-4E47-8F3B-73D44945D3C4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{EE412F5F-856A-48A7-AB24-9CAA42AAC219}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TrackMania Nations Forever\TmForever.exe
FirewallRules: [{A17229A4-EA20-47AF-A5A5-FE59EEB3FA6A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TrackMania Nations Forever\TmForever.exe
FirewallRules: [{9D30D847-25F8-4438-B97F-5A576F4C50F7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TrackMania Nations Forever\TmForeverLauncher.exe
FirewallRules: [{D485F925-A9DE-457F-B9FF-1F3165ED8D1C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TrackMania Nations Forever\TmForeverLauncher.exe
FirewallRules: [{0A289FD9-6DD2-436D-8DC9-111B7DEA42A2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Showerdad\SHOWERDAD.exe
FirewallRules: [{F37A6F4C-0339-4D5D-BAD0-4A5C747267F6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Showerdad\SHOWERDAD.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (11/12/2015 12:05:58 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Došlo k chybě: Server RPC nemůže tuto operaci provést, protože je příliš zaneprázdněn.
.

Error: (11/12/2015 12:05:58 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Došlo k chybě: Server RPC nemůže tuto operaci provést, protože je příliš zaneprázdněn.
.

Error: (11/12/2015 12:05:58 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Došlo k chybě: Server RPC nemůže tuto operaci provést, protože je příliš zaneprázdněn.
.

Error: (11/12/2015 12:05:58 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Došlo k chybě: Server RPC nemůže tuto operaci provést, protože je příliš zaneprázdněn.
.

Error: (11/12/2015 08:33:10 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Došlo k chybě: Server RPC nemůže tuto operaci provést, protože je příliš zaneprázdněn.
.

Error: (11/12/2015 08:33:10 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Došlo k chybě: Server RPC nemůže tuto operaci provést, protože je příliš zaneprázdněn.
.

Error: (11/12/2015 08:33:10 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Došlo k chybě: Server RPC nemůže tuto operaci provést, protože je příliš zaneprázdněn.
.

Error: (11/12/2015 08:33:10 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Došlo k chybě: Server RPC nemůže tuto operaci provést, protože je příliš zaneprázdněn.
.

Error: (11/12/2015 08:33:10 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Došlo k chybě: Server RPC nemůže tuto operaci provést, protože je příliš zaneprázdněn.
.

Error: (11/12/2015 08:33:10 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Došlo k chybě: Server RPC nemůže tuto operaci provést, protože je příliš zaneprázdněn.
.


System errors:
=============
Error: (11/12/2015 02:16:54 PM) (Source: Schannel) (EventID: 4102) (User: NT AUTHORITY)
Description: Při pokusu přistoupit k privátnímu klíči pověření SSL Server došlo k závažné chybě. Kód chyby vrácený kryptografickým modulem je 0x8009030d. Stav interní chyby je 10001.

Error: (11/12/2015 01:11:50 PM) (Source: Schannel) (EventID: 4102) (User: NT AUTHORITY)
Description: Při pokusu přistoupit k privátnímu klíči pověření SSL Server došlo k závažné chybě. Kód chyby vrácený kryptografickým modulem je 0x8009030d. Stav interní chyby je 10001.

Error: (11/12/2015 01:11:50 PM) (Source: Schannel) (EventID: 4102) (User: NT AUTHORITY)
Description: Při pokusu přistoupit k privátnímu klíči pověření SSL Server došlo k závažné chybě. Kód chyby vrácený kryptografickým modulem je 0x8009030d. Stav interní chyby je 10001.

Error: (11/12/2015 01:11:50 PM) (Source: Schannel) (EventID: 4102) (User: NT AUTHORITY)
Description: Při pokusu přistoupit k privátnímu klíči pověření SSL Server došlo k závažné chybě. Kód chyby vrácený kryptografickým modulem je 0x8009030d. Stav interní chyby je 10001.

Error: (11/12/2015 11:49:54 AM) (Source: Schannel) (EventID: 4102) (User: NT AUTHORITY)
Description: Při pokusu přistoupit k privátnímu klíči pověření SSL Server došlo k závažné chybě. Kód chyby vrácený kryptografickým modulem je 0x8009030d. Stav interní chyby je 10001.

Error: (11/12/2015 11:49:54 AM) (Source: Schannel) (EventID: 4102) (User: NT AUTHORITY)
Description: Při pokusu přistoupit k privátnímu klíči pověření SSL Server došlo k závažné chybě. Kód chyby vrácený kryptografickým modulem je 0x8009030d. Stav interní chyby je 10001.

Error: (11/11/2015 06:34:28 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (18:30:22, ‎11.‎11.‎2015) bylo neočekávané.

Error: (11/11/2015 06:07:13 PM) (Source: Schannel) (EventID: 4102) (User: NT AUTHORITY)
Description: Při pokusu přistoupit k privátnímu klíči pověření SSL Server došlo k závažné chybě. Kód chyby vrácený kryptografickým modulem je 0x8009030d. Stav interní chyby je 10001.

Error: (11/11/2015 06:07:01 PM) (Source: Schannel) (EventID: 4102) (User: NT AUTHORITY)
Description: Při pokusu přistoupit k privátnímu klíči pověření SSL Server došlo k závažné chybě. Kód chyby vrácený kryptografickým modulem je 0x8009030d. Stav interní chyby je 10001.

Error: (11/11/2015 06:07:01 PM) (Source: Schannel) (EventID: 4102) (User: NT AUTHORITY)
Description: Při pokusu přistoupit k privátnímu klíči pověření SSL Server došlo k závažné chybě. Kód chyby vrácený kryptografickým modulem je 0x8009030d. Stav interní chyby je 10001.


CodeIntegrity:
===================================
Date: 2015-11-10 16:17:35.797
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-11-10 16:17:35.781
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-11-10 16:17:35.766
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-11-10 16:17:35.750
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-11-09 18:46:45.721
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-11-09 18:46:45.706
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-11-09 18:46:45.690
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-11-09 18:46:45.675
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-11-09 18:34:20.864
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-11-09 18:34:20.848
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Pentium(R) Dual-Core CPU T4300 @ 2.10GHz
Percentage of memory in use: 73%
Total physical RAM: 3066.93 MB
Available physical RAM: 816.64 MB
Total Virtual: 6132.05 MB
Available Virtual: 2959.3 MB

==================== Drives ================================

Drive c: (ACER) (Fixed) (Total:285.3 GB) (Free:164.71 GB) NTFS ==>[system with boot components (obtained from drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298.1 GB) (Disk ID: 91ED91ED)
Partition 1: (Not Active) - (Size=12.7 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=285.3 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================
Ryzen 5 5600, RX 6600XT. 16GB 3200 Mhz

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Kontrola logu + vyčištění

Příspěvekod jaro3 » 12 lis 2015 17:25

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-2737042915-4269745475-1994003038-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-21-2737042915-4269745475-1994003038-1000 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2737042915-4269745475-1994003038-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}

EmptyTemp:
End

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt


Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Uživatelský avatar
extrem
Level 4
Level 4
Příspěvky: 1256
Registrován: leden 15
Pohlaví: Muž
Stav:
Offline

Re: Kontrola logu + vyčištění

Příspěvekod extrem » 12 lis 2015 17:51

Fix result of Farbar Recovery Scan Tool (x64) Version:07-11-2015
Ran by Omi (2015-11-12 17:45:16) Run:1
Running from C:\Users\Omi\Desktop
Loaded Profiles: Omi (Available Profiles: Omi)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-2737042915-4269745475-1994003038-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-21-2737042915-4269745475-1994003038-1000 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2737042915-4269745475-1994003038-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
"HKU\S-1-5-21-2737042915-4269745475-1994003038-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKU\S-1-5-21-2737042915-4269745475-1994003038-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKU\S-1-5-21-2737042915-4269745475-1994003038-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}" => key removed successfully
HKCR\CLSID\{012E1000-F331-11DB-8314-0800200C9A66} => key not found.
EmptyTemp: => 738.1 MB temporary data Removed.


The system needed a reboot.

==== End of Fixlog 17:46:39 ====
Ryzen 5 5600, RX 6600XT. 16GB 3200 Mhz

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Kontrola logu + vyčištění

Příspěvekod jaro3 » 13 lis 2015 09:24

Stáhni si zde DelFix
https://toolslib.net/downloads/viewdownload/2-delfix/

ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7 a 8, musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore)
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci

Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem.Jinak je zpráva zde:
v C: \ DelFix.txt

popiš problémy.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Uživatelský avatar
extrem
Level 4
Level 4
Příspěvky: 1256
Registrován: leden 15
Pohlaví: Muž
Stav:
Offline

Re: Kontrola logu + vyčištění

Příspěvekod extrem » 13 lis 2015 09:29

Ntb už nezamrzává , to je tedy vyřešeno. Akorát po startu se mi někdy začne sekat , začnou mi všechno Neodpovídat. Ještě jsem smazal pár nepotřebných souborů jako savy ze smazaných her , skype , atd.


# DelFix v1.011 - Logfile created 13/11/2015 at 09:27:41
# Updated 18/08/2015 by Xplode
# Username : Omi - OMI-PC
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

~ Removing disinfection tools ...

Deleted : C:\Qoobox
Deleted : C:\zoek_backup
Deleted : HKLM\SOFTWARE\AdwCleaner
Deleted : HKLM\SOFTWARE\Swearware
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis
Deleted : HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ASWMBR

~ Cleaning system restore ...

Deleted : RP #99 [End of disinfection | 10/13/2015 13:30:02]
Deleted : RP #100 [Naplánovaný kontrolní bod | 10/22/2015 18:14:58]
Deleted : RP #101 [JRT Pre-Junkware Removal | 11/05/2015 15:09:48]
Deleted : RP #102 [zoek.exe restore point | 11/08/2015 07:53:10]

New restore point created !

########## - EOF - ##########
Ryzen 5 5600, RX 6600XT. 16GB 3200 Mhz

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Kontrola logu + vyčištění

Příspěvekod jaro3 » 13 lis 2015 09:47

Stáhni si Memtest:

Políčko , ve kterém je napsáno:
All unused RAM -ponech , jak je.
-dej Start , nech nejméně 2h běžet , pokud bude po 2h stále 0 errors , jsou v pořádku.


Ještě zkontrolovat HDD na chyby ,popř. zkusit jeho defragmentaci ..


Stáhni si CrystalDiskInfo
Spusť program a klikni na Úpravy-Kopírovat. Poté sem vlož pomocí Ctrl+V obsah logu.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra


Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 42 hostů