Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosim o kontrolu - pomaly NB...

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
peter1973
Návštěvník
Návštěvník
Příspěvky: 74
Registrován: 13 dub 2007 05:11

Prosim o kontrolu - pomaly NB...

#1 Příspěvek od peter1973 »

Chcel by som poprosit o kontrolu.
NB je pomaly a obcas nenastartuje.

Logy prikladam.
Dakujem

Kód: Vybrat vše

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 28.09.2018
Ran by ANONYM (administrator) on ANONYM-PC (02-10-2018 07:29:40)
Running from C:\Users\ANONYM\Downloads
Loaded Profiles: ANONYM (Available Profiles: ANONYM)
Platform: Microsoft® Windows Vista™ Home Basic  (X86) Language: Slovenčina (Slovensko)
Internet Explorer Version 7 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(Microsoft Corporation) C:\Windows\System32\WerFault.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe
(Ulead Systems, Inc.) C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
() C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(TOSHIBA) C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(TOSHIBA CORPORATION.) C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosBtMng.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmplayer.exe
(TOSHIBA CORPORATION.) C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosA2dp.exe
(TOSHIBA CORPORATION.) C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosBtHid.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(TOSHIBA CORPORATION.) C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosBtHSP.exe
(TOSHIBA CORPORATION.) C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosAVRC.exe
(TOSHIBA CORPORATION.) C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosOBEX.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(TOSHIBA CORPORATION.) C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosBtProc.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Glarysoft Ltd) C:\Program Files\Glary Utilities 5\Integrator.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [4349952 2007-01-18] (Realtek Semiconductor)
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [411768 2006-12-19] (TOSHIBA Corporation)
HKLM\...\Run: [HSON] => C:\Program Files\TOSHIBA\TBS\HSON.exe [55416 2006-12-07] (TOSHIBA Corporation)
HKLM\...\Run: [SmoothView] => C:\Program Files\Toshiba\SmoothView\SmoothView.exe [513592 2007-02-21] (TOSHIBA Corporation)
HKLM\...\Run: [00TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [534648 2007-01-17] (TOSHIBA Corporation)
HKLM\...\Run: [KeNotify] => C:\Program Files\TOSHIBA\Utilities\KeNotify.exe [34352 2006-11-06] ()
HKLM\...\Run: [HWSetup] => C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [413696 2006-11-01] (TOSHIBA Electronics, Inc.)
HKLM\...\Run: [SVPWUTIL] => C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe [438272 2006-03-22] (TOSHIBA)
HKLM\...\Run: [topi] => C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe [577536 2007-03-02] (TOSHIBA)
HKLM\...\Run: [NvSvc] => RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [180224 2006-09-11] (Alps Electric Co., Ltd.)
Winlogon\Notify\!SASWinLogon: C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2007-04-19] (SUPERAntiSpyware.com)
HKU\S-1-5-21-4232292955-1832228796-1118820972-1000\...\Run: [TOSCDSPD] => C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [413696 2007-03-06] (TOSHIBA)
HKU\S-1-5-21-4232292955-1832228796-1118820972-1000\...\Run: [GUDelayStartup] => C:\Program Files\Glary Utilities 5\StartupManager.exe [43984 2018-09-17] (Glarysoft Ltd)
HKU\S-1-5-21-4232292955-1832228796-1118820972-1000\...0c966feabec1\InprocServer32: [Default-shell32]  ATTENTION
HKU\S-1-5-21-4232292955-1832228796-1118820972-1000\...\InprocServer32: [Default-pngfilt]  <==== ATTENTION
HKU\S-1-5-21-4232292955-1832228796-1118820972-1000\...A8F59079A8D5}\localserver32:  <==== ATTENTION
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [77824 2006-12-20] (SuperAdBlocker.com)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth Manager.lnk [2007-10-30]
ShortcutTarget: Bluetooth Manager.lnk -> C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)
Startup: C:\Users\ANONYM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Serviio.lnk [2015-12-09]
ShortcutTarget: Serviio.lnk -> C:\Program Files\Serviio\bin\ServiioConsole.exe ()
BootExecute: autocheck autochk *  BootDefrag.exelsdelete

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{53F896C6-FF80-4734-B6E2-0AD7AD9FD556}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7D6C9F5D-98E8-4DED-A312-B08CA2FCD44D}: [DhcpNameServer] 195.146.128.60 195.146.132.59

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKU\S-1-5-21-4232292955-1832228796-1118820972-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.sk/
SearchScopes: HKU\S-1-5-21-4232292955-1832228796-1118820972-1000 -> DefaultScope {4498A41A-2C7F-4CEF-B504-136533C3C7F1} URL = 
BHO: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-12-18] (Adobe Systems Incorporated)
BHO: SSVHelper Class -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.6.0\bin\ssv.dll [2007-03-27] (Sun Microsystems, Inc.)
Toolbar: HKU\S-1-5-21-4232292955-1832228796-1118820972-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
DPF: {40272BF7-4FF5-4D6F-9BAD-3C1D3CB32982} hxxp://www.live365.com/players/p365vip.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

FireFox:
========
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2012-08-26] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll [2014-06-22] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=6.0.11.2852 -> C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll [2009-02-15] (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=1.0.2.2910 -> C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll [2009-02-15] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.1662 -> C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll [2009-02-15] (RealNetworks, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-10-13] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-10-13] (Google Inc.)
FF Plugin: yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 -> C:\Program Files\Yahoo!\Common\npyaxmpb.dll [2006-11-03] (Yahoo! Inc.)

Chrome: 
=======
CHR DefaultProfile: Default
CHR DefaultSearchKeyword: Default -> lp
CHR Profile: C:\Users\ANONYM\AppData\Local\Google\Chrome\User Data\Default [2018-10-02]
CHR Extension: (Prezentácie) - C:\Users\ANONYM\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-02-13]
CHR Extension: (Dokumenty) - C:\Users\ANONYM\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-02-13]
CHR Extension: (Disk Google) - C:\Users\ANONYM\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\ANONYM\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-13]
CHR Extension: (Adblock Plus) - C:\Users\ANONYM\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-09-19]
CHR Extension: (uBlock Origin) - C:\Users\ANONYM\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2018-09-12]
CHR Extension: (Google Search) - C:\Users\ANONYM\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-09]
CHR Extension: (Tabuľky) - C:\Users\ANONYM\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-02-13]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\ANONYM\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-12]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\ANONYM\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2018-09-19]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\ANONYM\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-07]
CHR Extension: (Gmail) - C:\Users\ANONYM\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-15]
CHR crx: C:\Program Files\Google\Chrome\Application\46.0.2490.71\default_apps\search.crx [2015-10-09]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aawservice; C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [611664 2008-07-20] (Lavasoft)
R2 CFSvcs; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [40960 2006-11-14] (TOSHIBA CORPORATION) [File not signed]
S3 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-07-29] (IObit)
S3 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S2 Serviio; C:\Program Files\Serviio\bin\ServiioService.exe [327680 2015-03-21] () [File not signed]
S3 SolutoLauncherService; C:\Program Files\Soluto\SolutoLauncherService.exe [166880 2013-01-27] (Soluto)
S3 SolutoRemoteService; C:\Program Files\Soluto\SolutoRemoteService.exe [1239552 2013-01-27] (Soluto) [File not signed]
S3 SolutoService; C:\Program Files\Soluto\SolutoService.exe [553440 2013-01-27] (Soluto)
R2 TODDSrv; C:\Windows\system32\TODDSrv.exe [114688 2006-05-25] (TOSHIBA Corporation) [File not signed]
R2 TOSHIBA Bluetooth Service; c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [118784 2007-02-02] (TOSHIBA CORPORATION) [File not signed]
R2 UleadBurningHelper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2006-08-23] (Ulead Systems, Inc.) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [265912 2007-11-04] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 BootDefragDriver; C:\Windows\System32\drivers\BootDefragDriver.sys [16064 2014-06-16] (Glarysoft Ltd)
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [25864 2018-09-19] (Glarysoft Ltd)
S4 IObitUnlocker; C:\Program Files\IObit\IObit Unlocker\IObitUnlocker.sys [28016 2011-08-26] ()
S3 k750bus; C:\Windows\System32\DRIVERS\k750bus.sys [55216 2008-03-23] (MCCI)
R0 LPCFilter; C:\Windows\System32\DRIVERS\LPCFilter.sys [19456 2006-07-28] (COMPAL ELECTRONIC INC.)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-10-05] (Malwarebytes)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [5632 2006-10-10] () [File not signed]
S3 SASENUM; C:\Program Files\SUPERAntiSpyware\SASENUM.SYS [4096 2006-02-16] (SuperAdBlocker, Inc.) [File not signed]
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys [32256 2007-02-27] () [File not signed]
S0 Soluto; C:\Windows\System32\DRIVERS\Soluto.sys [51144 2013-01-27] (Soluto LTD.)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 TpChoice; system32\DRIVERS\TpChoice.sys [X]
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2008-05-02] () [File not signed]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-10-02 07:29 - 2018-10-02 07:31 - 000015740 _____ C:\Users\ANONYM\Downloads\FRST.txt
2018-10-02 07:29 - 2018-10-02 07:29 - 001774080 _____ (Farbar) C:\Users\ANONYM\Downloads\FRST.exe
2018-10-02 07:29 - 2018-10-02 07:29 - 000000000 ____D C:\FRST
2018-09-28 11:24 - 2018-09-28 11:24 - 000138472 _____ C:\Windows\Minidump\Mini092818-01.dmp
2018-09-28 11:23 - 2018-09-28 11:24 - 179239427 _____ C:\Windows\MEMORY.DMP
2018-09-26 11:24 - 2018-09-26 11:24 - 000005224 _____ C:\Users\ANONYM\Desktop\v AdwCleaner[S00].txt
2018-09-24 23:02 - 2018-09-24 23:07 - 000000000 ____D C:\AdwCleaner
2018-09-24 23:00 - 2018-09-24 23:00 - 007571152 _____ (Malwarebytes) C:\Users\ANONYM\Downloads\adwcleaner_7.2.3.1.exe


==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-10-02 07:19 - 2006-11-02 14:58 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-10-02 07:19 - 2006-11-02 14:45 - 000003072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2018-10-02 07:19 - 2006-11-02 14:45 - 000003072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2018-10-02 07:04 - 2006-11-02 14:58 - 000032578 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2018-10-01 13:11 - 2014-06-28 18:24 - 000000000 ____D C:\Users\ANONYM\AppData\Roaming\DiskDefrag
2018-09-28 11:24 - 2010-10-03 12:59 - 000000000 ____D C:\Windows\Minidump
2018-09-24 23:07 - 2013-03-24 14:57 - 000000000 ____D C:\Users\ANONYM\AppData\LocalLow\IObit
2018-09-24 23:07 - 2012-08-12 18:53 - 000000000 ____D C:\ProgramData\IObit
2018-09-24 23:07 - 2012-08-12 18:51 - 000000000 ____D C:\Users\ANONYM\AppData\Roaming\IObit
2018-09-24 23:07 - 2009-12-26 16:59 - 000000000 ____D C:\Program Files\iolo
2018-09-19 22:58 - 2006-11-02 13:18 - 000000000 ____D C:\Windows\inf
2018-09-19 22:10 - 2014-06-28 18:22 - 000000000 ____D C:\Program Files\Glary Utilities 5
2018-09-19 22:09 - 2014-06-28 18:25 - 000000894 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2018-09-19 22:09 - 2014-06-28 18:25 - 000000882 _____ C:\Users\Public\Desktop\Glary Utilities 5.lnk
2018-09-19 22:09 - 2014-06-28 18:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5
2018-09-19 22:09 - 2014-06-28 18:24 - 000025864 _____ (Glarysoft Ltd) C:\Windows\system32\Drivers\GUBootStartup.sys
2018-09-05 16:56 - 2018-08-31 12:15 - 000014003 _____ C:\Users\ANONYM\Desktop\skenuj.txt

==================== Files in the root of some directories =======

2007-10-27 18:32 - 2012-04-09 18:47 - 000138240 _____ () C:\Users\ANONYM\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

Some files in TEMP:
====================
2018-09-26 11:58 - 2018-10-02 07:23 - 000035224 _____ () C:\Users\ANONYM\AppData\Local\Temp\i4jdel0.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-10-02 07:27

==================== End of FRST.txt ============================

Kód: Vybrat vše

# -------------------------------
# Malwarebytes AdwCleaner 7.2.3.0
# -------------------------------
# Build:    08-30-2018
# Database:  (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    10-02-2018
# Duration: 00:01:57
# OS:       Windows Vista (TM) Home Basic
# Scanned:  41968
# Detected: 40


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

Adware.StartPage                HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\qwertysearch123.biz
Adware.StartPage                HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\quertysearch123.biz
PUP.Optional.DefaultSearch.ShrtCln HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\defaultsearch.com
PUP.Optional.Legacy             HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\mywebsearch.net
PUP.Optional.Legacy             HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\searchnow.ws
PUP.Optional.Legacy             HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\mysearchnow.com
PUP.Optional.Legacy             HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\youfindall.net
PUP.Optional.Legacy             HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\youfindall.com
PUP.Optional.Legacy             HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\hotbar.com
PUP.Optional.Legacy             HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\isearch.com
PUP.Optional.Legacy             HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\get-search.cc
PUP.Optional.Legacy             HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\yoursearchresults.net
PUP.Optional.Legacy             HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\yoursearcher.com
PUP.Optional.Legacy             HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\yoursearchbar.com
PUP.Optional.Legacy             HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\yoursearch247.com
PUP.Optional.Legacy             HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\whatsyoursearch.com
PUP.Optional.Legacy             HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\resultsyoursearch.com
PUP.Optional.Legacy             HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\crawlermachine.com
PUP.Optional.Legacy             HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\niceblowjob.info
PUP.Optional.Legacy             HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\fucknicepics.com
PUP.Optional.Legacy             HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\ifinditall.com
PUP.Optional.Legacy             HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\icanfindit.net
PUP.Optional.Legacy             HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\findit-now.com
PUP.Optional.Legacy             HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\clearask.com
PUP.Optional.Legacy             HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\searchengine2000.com
PUP.Optional.Legacy             HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\best-searchengine.com
PUP.Optional.Legacy             HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\adultdatingsearchengine.com
PUP.Optional.Legacy             HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\http602.com
PUP.Optional.Legacy             HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\you-search.com.ru
PUP.Optional.Legacy             HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\you-search.com
PUP.Optional.Legacy             HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\bestcrawler.com
PUP.Optional.Legacy             HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\tangounion.com
PUP.Optional.Legacy             HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\search-web.us
PUP.Optional.Legacy             HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\searchoutlaw.com
PUP.Optional.Legacy             HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\digistreamsa.com
PUP.Optional.Legacy             HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\searchable-sex.com
PUP.Optional.Legacy             HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\securesurface.com
PUP.Optional.Legacy             HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\easy-search.net
PUP.Optional.SafeFinder         HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\startravelsnp.com
PUP.Optional.SearchProtect      HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\searchproject.net

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.


AdwCleaner[S00].txt - [5224 octets] - [24/09/2018 23:05:36]
AdwCleaner[C00].txt - [4682 octets] - [24/09/2018 23:08:01]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosim o kontrolu - pomaly NB...

#2 Příspěvek od Rudy »

Zdravím!
V ADW ještě klikněte na mazání, restartujte a dejte nový log FRST.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

peter1973
Návštěvník
Návštěvník
Příspěvky: 74
Registrován: 13 dub 2007 05:11

Re: Prosim o kontrolu - pomaly NB...

#3 Příspěvek od peter1973 »

Kód: Vybrat vše

# -------------------------------
# Malwarebytes AdwCleaner 7.2.3.0
# -------------------------------
# Build:    08-30-2018
# Database:  (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    10-02-2018
# Duration: 00:00:25
# OS:       Windows Vista (TM) Home Basic
# Cleaned:  40
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\qwertysearch123.biz
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\quertysearch123.biz
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\defaultsearch.com
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\mywebsearch.net
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\searchnow.ws
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\mysearchnow.com
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\youfindall.net
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\youfindall.com
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\hotbar.com
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\isearch.com
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\get-search.cc
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\yoursearchresults.net
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\yoursearcher.com
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\yoursearchbar.com
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\yoursearch247.com
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\whatsyoursearch.com
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\resultsyoursearch.com
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\crawlermachine.com
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\niceblowjob.info
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\fucknicepics.com
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\ifinditall.com
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\icanfindit.net
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\findit-now.com
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\clearask.com
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\searchengine2000.com
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\best-searchengine.com
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\adultdatingsearchengine.com
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\http602.com
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\you-search.com.ru
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\you-search.com
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\bestcrawler.com
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\tangounion.com
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\search-web.us
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\searchoutlaw.com
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\digistreamsa.com
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\searchable-sex.com
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\securesurface.com
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\easy-search.net
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\startravelsnp.com
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\searchproject.net

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [5224 octets] - [24/09/2018 23:05:36]
AdwCleaner[C00].txt - [4682 octets] - [24/09/2018 23:08:01]
AdwCleaner[S01].txt - [6582 octets] - [02/10/2018 07:45:12]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosim o kontrolu - pomaly NB...

#4 Příspěvek od Rudy »

Chtěl jsem po vás nový log FRST: https://forum.viry.cz/viewtopic.php?f=13&t=154679 .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

peter1973
Návštěvník
Návštěvník
Příspěvky: 74
Registrován: 13 dub 2007 05:11

Re: Prosim o kontrolu - pomaly NB...

#5 Příspěvek od peter1973 »

FRST

Kód: Vybrat vše

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 28.09.2018
Ran by ANONYM (administrator) on ANONYM-PC (02-10-2018 13:19:33)
Running from C:\Users\ANONYM\Downloads
Loaded Profiles: ANONYM (Available Profiles: ANONYM)
Platform: Microsoft® Windows Vista™ Home Basic  (X86) Language: Slovenčina (Slovensko)
Internet Explorer Version 7 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe
(Ulead Systems, Inc.) C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
() C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(TOSHIBA) C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(TOSHIBA CORPORATION.) C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosBtMng.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(TOSHIBA CORPORATION.) C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosA2dp.exe
(TOSHIBA CORPORATION.) C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosBtHid.exe
(TOSHIBA CORPORATION.) C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosBtHSP.exe
(TOSHIBA CORPORATION.) C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosAVRC.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(TOSHIBA CORPORATION.) C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosOBEX.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(TOSHIBA CORPORATION.) C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosBtProc.exe
(Glarysoft Ltd) C:\Program Files\Glary Utilities 5\Integrator.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Sun Microsystems, Inc.) C:\Program Files\Java\jre1.6.0\launch4j-tmp\ipscan.exe
(Sun Microsystems, Inc.) C:\Program Files\Java\jre1.6.0\launch4j-tmp\ipscan.exe
(Sun Microsystems, Inc.) C:\Program Files\Java\jre1.6.0\launch4j-tmp\ipscan.exe
(C. Ghisler & Co.) C:\totalcmd\TOTALCMD.EXE
() C:\Program Files\VideoLAN\VLC\vlc.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\ANONYM\Downloads\FRST (1).exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [4349952 2007-01-18] (Realtek Semiconductor)
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [411768 2006-12-19] (TOSHIBA Corporation)
HKLM\...\Run: [HSON] => C:\Program Files\TOSHIBA\TBS\HSON.exe [55416 2006-12-07] (TOSHIBA Corporation)
HKLM\...\Run: [SmoothView] => C:\Program Files\Toshiba\SmoothView\SmoothView.exe [513592 2007-02-21] (TOSHIBA Corporation)
HKLM\...\Run: [00TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [534648 2007-01-17] (TOSHIBA Corporation)
HKLM\...\Run: [KeNotify] => C:\Program Files\TOSHIBA\Utilities\KeNotify.exe [34352 2006-11-06] ()
HKLM\...\Run: [HWSetup] => C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [413696 2006-11-01] (TOSHIBA Electronics, Inc.)
HKLM\...\Run: [SVPWUTIL] => C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe [438272 2006-03-22] (TOSHIBA)
HKLM\...\Run: [topi] => C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe [577536 2007-03-02] (TOSHIBA)
HKLM\...\Run: [NvSvc] => RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [180224 2006-09-11] (Alps Electric Co., Ltd.)
Winlogon\Notify\!SASWinLogon: C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2007-04-19] (SUPERAntiSpyware.com)
HKU\S-1-5-21-4232292955-1832228796-1118820972-1000\...\Run: [TOSCDSPD] => C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [413696 2007-03-06] (TOSHIBA)
HKU\S-1-5-21-4232292955-1832228796-1118820972-1000\...\Run: [GUDelayStartup] => C:\Program Files\Glary Utilities 5\StartupManager.exe [43984 2018-09-17] (Glarysoft Ltd)
HKU\S-1-5-21-4232292955-1832228796-1118820972-1000\...0c966feabec1\InprocServer32: [Default-shell32]  ATTENTION
HKU\S-1-5-21-4232292955-1832228796-1118820972-1000\...\InprocServer32: [Default-pngfilt]  <==== ATTENTION
HKU\S-1-5-21-4232292955-1832228796-1118820972-1000\...A8F59079A8D5}\localserver32:  <==== ATTENTION
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [77824 2006-12-20] (SuperAdBlocker.com)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth Manager.lnk [2007-10-30]
ShortcutTarget: Bluetooth Manager.lnk -> C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)
Startup: C:\Users\ANONYM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Serviio.lnk [2015-12-09]
ShortcutTarget: Serviio.lnk -> C:\Program Files\Serviio\bin\ServiioConsole.exe ()
BootExecute: autocheck autochk *  BootDefrag.exelsdelete

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{53F896C6-FF80-4734-B6E2-0AD7AD9FD556}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7D6C9F5D-98E8-4DED-A312-B08CA2FCD44D}: [DhcpNameServer] 195.146.128.60 195.146.132.59

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKU\S-1-5-21-4232292955-1832228796-1118820972-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.sk/
SearchScopes: HKU\S-1-5-21-4232292955-1832228796-1118820972-1000 -> DefaultScope {4498A41A-2C7F-4CEF-B504-136533C3C7F1} URL = 
BHO: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-12-18] (Adobe Systems Incorporated)
BHO: SSVHelper Class -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.6.0\bin\ssv.dll [2007-03-27] (Sun Microsystems, Inc.)
Toolbar: HKU\S-1-5-21-4232292955-1832228796-1118820972-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
DPF: {40272BF7-4FF5-4D6F-9BAD-3C1D3CB32982} hxxp://www.live365.com/players/p365vip.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

FireFox:
========
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2012-08-26] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll [2014-06-22] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=6.0.11.2852 -> C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll [2009-02-15] (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=1.0.2.2910 -> C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll [2009-02-15] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.1662 -> C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll [2009-02-15] (RealNetworks, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-10-13] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-10-13] (Google Inc.)
FF Plugin: yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 -> C:\Program Files\Yahoo!\Common\npyaxmpb.dll [2006-11-03] (Yahoo! Inc.)

Chrome: 
=======
CHR DefaultProfile: Default
CHR DefaultSearchKeyword: Default -> lp
CHR Profile: C:\Users\ANONYM\AppData\Local\Google\Chrome\User Data\Default [2018-10-02]
CHR Extension: (Prezentácie) - C:\Users\ANONYM\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-02-13]
CHR Extension: (Dokumenty) - C:\Users\ANONYM\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-02-13]
CHR Extension: (Disk Google) - C:\Users\ANONYM\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\ANONYM\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-13]
CHR Extension: (Adblock Plus) - C:\Users\ANONYM\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-09-19]
CHR Extension: (uBlock Origin) - C:\Users\ANONYM\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2018-09-12]
CHR Extension: (Google Search) - C:\Users\ANONYM\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-09]
CHR Extension: (Tabuľky) - C:\Users\ANONYM\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-02-13]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\ANONYM\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-12]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\ANONYM\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2018-09-19]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\ANONYM\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-07]
CHR Extension: (Gmail) - C:\Users\ANONYM\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-15]
CHR crx: C:\Program Files\Google\Chrome\Application\46.0.2490.71\default_apps\search.crx [2015-10-09]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aawservice; C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [611664 2008-07-20] (Lavasoft)
R2 CFSvcs; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [40960 2006-11-14] (TOSHIBA CORPORATION) [File not signed]
S3 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-07-29] (IObit)
S3 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S2 Serviio; C:\Program Files\Serviio\bin\ServiioService.exe [327680 2015-03-21] () [File not signed]
S3 SolutoLauncherService; C:\Program Files\Soluto\SolutoLauncherService.exe [166880 2013-01-27] (Soluto)
S3 SolutoRemoteService; C:\Program Files\Soluto\SolutoRemoteService.exe [1239552 2013-01-27] (Soluto) [File not signed]
S3 SolutoService; C:\Program Files\Soluto\SolutoService.exe [553440 2013-01-27] (Soluto)
R2 TODDSrv; C:\Windows\system32\TODDSrv.exe [114688 2006-05-25] (TOSHIBA Corporation) [File not signed]
R2 TOSHIBA Bluetooth Service; c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [118784 2007-02-02] (TOSHIBA CORPORATION) [File not signed]
R2 UleadBurningHelper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2006-08-23] (Ulead Systems, Inc.) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [265912 2007-11-04] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 BootDefragDriver; C:\Windows\System32\drivers\BootDefragDriver.sys [16064 2014-06-16] (Glarysoft Ltd)
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [25864 2018-09-19] (Glarysoft Ltd)
S4 IObitUnlocker; C:\Program Files\IObit\IObit Unlocker\IObitUnlocker.sys [28016 2011-08-26] ()
S3 k750bus; C:\Windows\System32\DRIVERS\k750bus.sys [55216 2008-03-23] (MCCI)
R0 LPCFilter; C:\Windows\System32\DRIVERS\LPCFilter.sys [19456 2006-07-28] (COMPAL ELECTRONIC INC.)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-10-05] (Malwarebytes)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [5632 2006-10-10] () [File not signed]
S3 SASENUM; C:\Program Files\SUPERAntiSpyware\SASENUM.SYS [4096 2006-02-16] (SuperAdBlocker, Inc.) [File not signed]
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys [32256 2007-02-27] () [File not signed]
S0 Soluto; C:\Windows\System32\DRIVERS\Soluto.sys [51144 2013-01-27] (Soluto LTD.)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 TpChoice; system32\DRIVERS\TpChoice.sys [X]
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2008-05-02] () [File not signed]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-10-02 13:18 - 2018-10-02 13:18 - 001774080 _____ (Farbar) C:\Users\ANONYM\Downloads\FRST (1).exe
2018-10-02 10:50 - 2018-10-02 10:53 - 000003095 _____ C:\Users\ANONYM\Downloads\teeee.m3u
2018-10-02 07:42 - 2018-10-02 07:42 - 007567568 _____ (Malwarebytes) C:\Users\ANONYM\Downloads\AdwCleaner.exe
2018-10-02 07:34 - 2018-10-02 07:41 - 000019659 _____ C:\Users\ANONYM\Desktop\VFRST.txt
2018-10-02 07:32 - 2018-10-02 07:34 - 000047414 _____ C:\Users\ANONYM\Downloads\Addition.txt
2018-10-02 07:29 - 2018-10-02 13:21 - 000015860 _____ C:\Users\ANONYM\Downloads\FRST.txt
2018-10-02 07:29 - 2018-10-02 13:19 - 000000000 ____D C:\FRST
2018-10-02 07:29 - 2018-10-02 07:29 - 001774080 _____ (Farbar) C:\Users\ANONYM\Downloads\FRST.exe
2018-09-28 11:24 - 2018-09-28 11:24 - 000138472 _____ C:\Windows\Minidump\Mini092818-01.dmp
2018-09-28 11:23 - 2018-09-28 11:24 - 179239427 _____ C:\Windows\MEMORY.DMP
2018-09-26 11:24 - 2018-09-26 11:24 - 000005224 _____ C:\Users\ANONYM\Desktop\v AdwCleaner[S00].txt
2018-09-24 23:02 - 2018-09-24 23:07 - 000000000 ____D C:\AdwCleaner
2018-09-24 23:00 - 2018-09-24 23:00 - 007571152 _____ (Malwarebytes) C:\Users\ANONYM\Downloads\adwcleaner_7.2.3.1.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-10-02 12:47 - 2006-11-02 14:45 - 000003072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2018-10-02 12:47 - 2006-11-02 14:45 - 000003072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2018-10-02 07:47 - 2006-11-02 14:58 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-10-02 07:46 - 2006-11-02 14:58 - 000032578 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2018-10-01 13:11 - 2014-06-28 18:24 - 000000000 ____D C:\Users\ANONYM\AppData\Roaming\DiskDefrag
2018-09-28 11:24 - 2010-10-03 12:59 - 000000000 ____D C:\Windows\Minidump
2018-09-24 23:07 - 2013-03-24 14:57 - 000000000 ____D C:\Users\ANONYM\AppData\LocalLow\IObit
2018-09-24 23:07 - 2012-08-12 18:53 - 000000000 ____D C:\ProgramData\IObit
2018-09-24 23:07 - 2012-08-12 18:51 - 000000000 ____D C:\Users\ANONYM\AppData\Roaming\IObit
2018-09-24 23:07 - 2009-12-26 16:59 - 000000000 ____D C:\Program Files\iolo
2018-09-19 22:58 - 2006-11-02 13:18 - 000000000 ____D C:\Windows\inf
2018-09-19 22:10 - 2014-06-28 18:22 - 000000000 ____D C:\Program Files\Glary Utilities 5
2018-09-19 22:09 - 2014-06-28 18:25 - 000000894 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2018-09-19 22:09 - 2014-06-28 18:25 - 000000882 _____ C:\Users\Public\Desktop\Glary Utilities 5.lnk
2018-09-19 22:09 - 2014-06-28 18:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5
2018-09-19 22:09 - 2014-06-28 18:24 - 000025864 _____ (Glarysoft Ltd) C:\Windows\system32\Drivers\GUBootStartup.sys
2018-09-05 16:56 - 2018-08-31 12:15 - 000014003 _____ C:\Users\ANONYM\Desktop\skenuj.txt

==================== Files in the root of some directories =======

2007-10-27 18:32 - 2012-04-09 18:47 - 000138240 _____ () C:\Users\ANONYM\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

Some files in TEMP:
====================
2018-09-26 11:58 - 2018-10-02 07:57 - 000035224 _____ () C:\Users\ANONYM\AppData\Local\Temp\i4jdel0.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-10-02 08:02

==================== End of FRST.txt ============================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosim o kontrolu - pomaly NB...

#6 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
KU\S-1-5-21-4232292955-1832228796-1118820972-1000\...0c966feabec1\InprocServer32: [Default-shell32] ATTENTION
HKU\S-1-5-21-4232292955-1832228796-1118820972-1000\...\InprocServer32: [Default-pngfilt] <==== ATTENTION
HKU\S-1-5-21-4232292955-1832228796-1118820972-1000\...A8F59079A8D5}\localserver32: <==== ATTENTION
SearchScopes: HKU\S-1-5-21-4232292955-1832228796-1118820972-1000 -> DefaultScope {4498A41A-2C7F-4CEF-B504-136533C3C7F1} URL =
Toolbar: HKU\S-1-5-21-4232292955-1832228796-1118820972-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
C:\Users\ANONYM\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Users\ANONYM\AppData\Local\Temp

EmptyTemp:
End
Uložte do C:\Users\ANONYM\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

peter1973
Návštěvník
Návštěvník
Příspěvky: 74
Registrován: 13 dub 2007 05:11

Re: Prosim o kontrolu - pomaly NB...

#7 Příspěvek od peter1973 »

Fix result of Farbar Recovery Scan Tool (x86) Version: 28.09.2018
Ran by ANONYM (02-10-2018 14:17:02) Run:1
Running from C:\Users\ANONYM\Downloads
Loaded Profiles: ANONYM (Available Profiles: ANONYM)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start

CloseProcesses:
KU\S-1-5-21-4232292955-1832228796-1118820972-1000\...0c966feabec1\InprocServer32: [Default-shell32] ATTENTION
HKU\S-1-5-21-4232292955-1832228796-1118820972-1000\...\InprocServer32: [Default-pngfilt] <==== ATTENTION
HKU\S-1-5-21-4232292955-1832228796-1118820972-1000\...A8F59079A8D5}\localserver32: <==== ATTENTION
SearchScopes: HKU\S-1-5-21-4232292955-1832228796-1118820972-1000 -> DefaultScope {4498A41A-2C7F-4CEF-B504-136533C3C7F1} URL =
Toolbar: HKU\S-1-5-21-4232292955-1832228796-1118820972-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
C:\Users\ANONYM\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Users\ANONYM\AppData\Local\Temp

EmptyTemp:
End
*****************

Processes closed successfully.
"HKU\KU\S-1-5-21-4232292955-1832228796-1118820972-1000\...0c966feabec1\InprocServer32: [Default-shell32] ATTENTION\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}" => not found
"HKU\S-1-5-21-4232292955-1832228796-1118820972-1000\Software\Classes\CLSID\{A3CCEDF7-2DE2-11D0-86F4-00A0C913F750}" => removed successfully.
HKU\S-1-5-21-4232292955-1832228796-1118820972-1000\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 => not found
"HKU\S-1-5-21-4232292955-1832228796-1118820972-1000\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}" => removed successfully.
"HKU\S-1-5-21-4232292955-1832228796-1118820972-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully.
"HKU\S-1-5-21-4232292955-1832228796-1118820972-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F}" => removed successfully.
HKLM\Software\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => not found
C:\Users\ANONYM\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully

"C:\Users\ANONYM\AppData\Local\Temp" folder move:

C:\Users\ANONYM\AppData\Local\Temp => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 10849 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 3128311 B
Java, Flash, Steam htmlcache => 528 B
Windows/system/drivers => 2083224 B
Edge => 0 B
Chrome => 155199366 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 66228 B
Public => 0 B
ProgramData => 0 B
systemprofile => 318987 B
LocalService => 692 B
NetworkService => 10054 B
ANONYM => 1941398 B

RecycleBin => 0 B
EmptyTemp: => 155.2 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 14:18:42 ====

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosim o kontrolu - pomaly NB...

#8 Příspěvek od Rudy »

Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

peter1973
Návštěvník
Návštěvník
Příspěvky: 74
Registrován: 13 dub 2007 05:11

Re: Prosim o kontrolu - pomaly NB...

#9 Příspěvek od peter1973 »

Odsledujem, ale urcite to pomohlo. :)
Dakujem moc za ochotu!

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosim o kontrolu - pomaly NB...

#10 Příspěvek od Rudy »

Topic zatím nechám otevřený. Zatím není zač! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Odpovědět