Stránka 1 z 1

Pomalý Eee PC- prosím o preventivku

Napsal: 03 zář 2018 18:34
od Ecinazuz
Dobrý den, po delší době jsem si spustila notebook, v červenci po reinstalaci OS v servisu (2x), ale je tak pomalý, že jen stažení FRST a logu jsem dělala skoro 45 min.
Prosím o kontrolu

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 01.09.2018 03
Ran by Asus (administrator) on ASUS-PC (03-09-2018 19:19:05)
Running from C:\Users\Asus\Desktop
Loaded Profiles: Asus (Available Profiles: Asus)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
() C:\Windows\System32\AsusService.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(ASUSTeK Computer Inc.) C:\Program Files\EeePC\HotkeyService\HotkeyService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(ASUSTeK Computer Inc.) C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe
(ESET) C:\Program Files\ESET\ESET Security\egui.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google Inc.) C:\Program Files\Google\Update\Install\{BF7BFE16-9C6A-44C9-97AE-2E554DB86E52}\68.0.3440.106_67.0.3396.99_chrome_updater.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Google Inc.) C:\Windows\Temp\CR_7546B.tmp\setup.exe
(Google Inc.) C:\Windows\Temp\CR_7546B.tmp\setup.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\Install\ndp472-kb4054541-x86-x64-enu.exe
(Microsoft Corporation) D:\b0ae7da0d128d0c7ad\Setup.exe
(Google) C:\Users\Asus\AppData\Local\Google\Chrome\User Data\SwReporter\30.160.202\software_reporter_tool.exe
(Google) C:\Users\Asus\AppData\Local\Google\Chrome\User Data\SwReporter\30.160.202\software_reporter_tool.exe
(Google) C:\Users\Asus\AppData\Local\Google\Chrome\User Data\SwReporter\30.160.202\software_reporter_tool.exe
(Mozilla Corporation) C:\Users\Asus\AppData\Local\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Users\Asus\AppData\Local\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Users\Asus\AppData\Local\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Users\Asus\AppData\Local\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat Reader DC\Reader\reader_sl.exe
(Mozilla Corporation) C:\Users\Asus\AppData\Local\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10082920 2011-05-23] (Realtek Semiconductor)
HKLM\...\Run: [HotkeyMon] => C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe [95744 2010-09-02] (ASUSTeK Computer Inc.)
HKLM\...\Run: [HotkeyService] => C:\Program Files\EeePC\HotkeyService\HotkeyService.exe [1245104 2010-09-03] (ASUSTeK Computer Inc.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [170128 2018-07-30] (ESET)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1721640 2010-03-05] (Synaptics Incorporated)
HKLM\...\Run: [SynAsusAcpi] => C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe [83240 2010-03-05] (Synaptics Incorporated)
HKU\S-1-5-21-1522404313-77886156-3663448840-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [13797712 2018-08-24] (Piriform Ltd)
HKU\S-1-5-21-1522404313-77886156-3663448840-1002\...\MountPoints2: E - E:\.\StartModem.exe
HKU\S-1-5-21-1522404313-77886156-3663448840-1002\...\MountPoints2: {03da9092-89c8-11e8-b453-74f06dab18dc} - E:\.\StartModem.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 62.24.64.2 8.8.8.8 8.8.8.8 192.168.1.1
Tcpip\..\Interfaces\{A0E9C34B-83FA-4A08-BB4D-C54C4E681D54}: [DhcpNameServer] 62.24.64.2 8.8.8.8 8.8.8.8 192.168.1.1
Tcpip\..\Interfaces\{B9F23C04-6940-4BD8-88C2-2F9EEE5B100B}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{F4787E52-5BBA-4CAC-8060-12823D4F0C08}: [NameServer] 78.136.128.4 78.136.128.12

Internet Explorer:
==================
HKU\S-1-5-21-1522404313-77886156-3663448840-1002\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/en-xl/?ocid=iehp
SearchScopes: HKLM -> DefaultScope {7F967E5C-7921-4DDA-B959-65076252BDE5} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {7F967E5C-7921-4DDA-B959-65076252BDE5} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1522404313-77886156-3663448840-1002 -> DefaultScope {7F967E5C-7921-4DDA-B959-65076252BDE5} URL =
SearchScopes: HKU\S-1-5-21-1522404313-77886156-3663448840-1002 -> {7F967E5C-7921-4DDA-B959-65076252BDE5} URL =

FireFox:
========
FF DefaultProfile: p46g1gr0.default-1530438134847
FF ProfilePath: C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\p46g1gr0.default-1530438134847 [2018-09-03]
FF Homepage: Mozilla\Firefox\Profiles\p46g1gr0.default-1530438134847 -> www.seznam.cz
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2002-01-01] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2002-01-01] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-03-17] (Adobe Systems Inc.)
StartMenuInternet: Firefox-AE082D9087109D4D - C:\Users\Asus\AppData\Local\Mozilla Firefox\firefox.exe

Chrome:
=======
CHR Profile: C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default [2018-09-03]
CHR Extension: (Dokumenty) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-06-22]
CHR Extension: (Disk Google) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-06-22]
CHR Extension: (YouTube) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-06-22]
CHR Extension: (Dokumenty Google offline) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-03]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-06-22]
CHR Extension: (Gmail) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-06-22]
CHR Extension: (Chrome Media Router) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-06-22]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AsusService; C:\Windows\System32\AsusService.exe [219136 2009-08-18] () [File not signed]
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [1817952 2018-07-30] (ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [1817952 2018-07-30] (ESET)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 bmfilter; C:\Windows\System32\DRIVERS\qcusbfilter.sys [28160 2017-02-21] (QUALCOMM Incorporated)
S3 bmusbser; C:\Windows\System32\DRIVERS\qcusbser.sys [205312 2017-02-21] (QUALCOMM Incorporated)
S3 bmusbwwan; C:\Windows\System32\DRIVERS\qcusbwwan.sys [413184 2017-02-21] (QUALCOMM Incorporated)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [124376 2018-07-30] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [92600 2018-07-30] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [150792 2018-07-30] (ESET)
R2 ekbdflt; C:\Windows\System32\DRIVERS\ekbdflt.sys [43816 2018-07-30] (ESET)
R1 epfw; C:\Windows\System32\DRIVERS\epfw.sys [73424 2018-07-30] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [54240 2018-07-30] (ESET)
R1 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [95224 2018-07-30] (ESET)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [13880 2009-07-20] ( )
R3 rtsuvc; C:\Windows\System32\DRIVERS\rtsuvc.sys [73088 2010-02-05] (Realtek Semiconductor Corp.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-09-03 19:03 - 2018-09-03 19:21 - 000010218 _____ C:\Users\Asus\Desktop\FRST.txt
2018-09-03 19:02 - 2018-09-03 19:03 - 000000000 ____D C:\FRST
2018-09-03 18:57 - 2018-09-03 18:58 - 001773568 _____ (Farbar) C:\Users\Asus\Desktop\FRST.exe
2018-09-03 18:28 - 2018-09-03 18:28 - 016798624 _____ (Piriform Ltd) C:\Users\Asus\Downloads\ccsetup546.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-09-03 18:57 - 2014-06-05 22:56 - 001558876 _____ C:\Windows\system32\PerfStringBackup.INI
2018-09-03 18:57 - 2009-07-14 10:44 - 000668792 _____ C:\Windows\system32\perfh005.dat
2018-09-03 18:57 - 2009-07-14 10:44 - 000141420 _____ C:\Windows\system32\perfc005.dat
2018-09-03 18:54 - 2009-07-14 04:37 - 000000000 ____D C:\Windows\inf
2018-09-03 18:53 - 2018-06-28 19:02 - 000000000 ____D C:\Users\Asus\AppData\LocalLow\Mozilla
2018-09-03 18:53 - 2018-06-28 19:01 - 000000000 ____D C:\Users\Asus\AppData\Local\Mozilla Firefox
2018-09-03 18:36 - 2018-06-30 11:46 - 000000965 _____ C:\Users\Public\Desktop\CCleaner.lnk
2018-09-03 18:34 - 2009-07-14 06:34 - 000023056 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-09-03 18:34 - 2009-07-14 06:34 - 000023056 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-09-03 18:21 - 2009-07-14 06:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-07-17 19:53

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 01.09.2018 03
Ran by Asus (03-09-2018 19:23:47)
Running from C:\Users\Asus\Desktop
Microsoft Windows 7 Home Premium Service Pack 1 (X86) (2018-06-22 07:18:29)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1522404313-77886156-3663448840-500 - Administrator - Disabled)
Asus (S-1-5-21-1522404313-77886156-3663448840-1002 - Administrator - Enabled) => C:\Users\Asus
Guest (S-1-5-21-1522404313-77886156-3663448840-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 16.04 (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Adobe Acrobat Reader DC - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
D-Link Connection Manager v2.0.5EU (HKLM\...\Broad Mobi HSPA Modem Normal Version_is1) (Version: - )
ESET Security (HKLM\...\{E567E054-DD31-4608-ACB3-A89658672639}) (Version: 11.1.54.0 - ESET, spol. s r.o.)
Google Chrome (HKLM\...\Google Chrome) (Version: 67.0.3396.99 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Hotkey Service (HKLM\...\{71C0E38E-09F2-4386-9977-404D4F6640CD}) (Version: 1.32 - AsusTek Computer Inc.)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.14.10.2117 - Intel Corporation)
LibreOffice 5.2.5.1 (HKLM\...\{79CD8EA1-DEB1-4582-9E41-8634223BDCD4}) (Version: 5.2.5.1 - The Document Foundation)
Microsoft .NET Framework 4.7.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.02558 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Mozilla Firefox 61.0.2 (x86 cs) (HKU\S-1-5-21-1522404313-77886156-3663448840-1002\...\Mozilla Firefox 61.0.2 (x86 cs)) (Version: 61.0.2 - Mozilla)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6373 - Realtek Semiconductor Corp.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.11.0 - Synaptics Incorporated)
USB2.0 UVC VGA WebCam (HKLM\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.1.7600.0029 - Realtek Semiconductor Corp.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-07-30] (ESET)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-07-30] (ESET)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2010-04-19] (Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-07-30] (ESET)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {12336F00-1AD1-4901-ADC6-A3E1EF396952} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-08-24] (Piriform Ltd)
Task: {33E88BB2-AFF8-4C4C-A539-E4B26DD8DC52} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-03-21] (Adobe Systems Incorporated)
Task: {45C5E387-B5FA-4721-A01A-2B0A951C6EEF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2002-01-01] (Google Inc.)
Task: {D3D4A2D4-5220-4763-A64E-096B5CFD04BE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-08-24] (Piriform Ltd)
Task: {E4AE0FBF-928C-41A4-94D7-CBABC08D3A58} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2002-01-01] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2018-06-25 10:05 - 2009-08-18 17:35 - 000219136 _____ () C:\Windows\System32\AsusService.exe
2018-08-24 20:37 - 2018-08-24 20:37 - 000085320 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:04 - 2009-06-10 23:39 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1522404313-77886156-3663448840-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 62.24.64.2 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{AB6A06D9-5EDD-4756-885B-71FF9280F08A}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{D7923A97-7499-4841-8B6F-D3DE8A7093B6}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{685288D7-A368-468D-A8C0-F94725B27329}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{76381F5C-A442-430D-BF39-621651E0650C}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe

==================== Restore Points =========================

02-07-2018 09:38:02 Windows Update
09-07-2018 16:17:08 Windows Update
16-07-2018 08:17:36 Windows Update
17-07-2018 15:51:58 Windows Update
27-07-2018 11:13:27 Windows Update
30-07-2018 13:24:19 Windows Update
03-09-2018 18:29:27 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/03/2018 07:10:12 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program FRST.exe verze 1.9.2018.3 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 1358

Čas spuštění: 01d443a7d241f327

Čas ukončení: 249

Cesta k aplikaci: C:\Users\Asus\Desktop\FRST.exe

ID hlášení: 04f81b5b-af9c-11e8-8551-74f06dab18dc

Error: (07/30/2018 02:05:37 PM) (Source: ESENT) (EventID: 490) (User: )
Description: taskhost (1532) WebCacheLocal: Pokus o otevření souboru C:\Users\Asus\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat pro čtení nebo zápis se nezdařil. Došlo k systémové chybě 32 (0x00000020): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření souboru se nezdaří a dojde k chybě -1032 (0xfffffbf8).

Error: (07/30/2018 02:05:27 PM) (Source: ESENT) (EventID: 490) (User: )
Description: taskhost (1532) WebCacheLocal: Pokus o otevření souboru C:\Users\Asus\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat pro čtení nebo zápis se nezdařil. Došlo k systémové chybě 32 (0x00000020): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření souboru se nezdaří a dojde k chybě -1032 (0xfffffbf8).

Error: (07/30/2018 02:05:10 PM) (Source: ESENT) (EventID: 489) (User: )
Description: taskhost (1532) Pokus o otevření souboru C:\Users\Asus\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat jen pro čtení se nezdařil. Došlo k systémové chybě 32 (0x00000020): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření souboru se nezdaří a dojde k chybě -1032 (0xfffffbf8).

Error: (07/30/2018 02:04:54 PM) (Source: ESENT) (EventID: 454) (User: )
Description: taskhost (1532) WebCacheLocal: Při zotavení či obnovení databáze došlo k neočekávané chybě -1811.

Error: (07/30/2018 02:04:54 PM) (Source: ESENT) (EventID: 413) (User: )
Description: taskhost (1532) WebCacheLocal: Nový soubor protokolu nelze vytvořit, protože není možné zapisovat na jednotku protokolu. Jednotka může být označena jen pro čtení, na disku je nedostatek místa nebo je jednotka chybně nakonfigurována či poškozena. Chyba -1811

Error: (07/30/2018 02:04:54 PM) (Source: ESENT) (EventID: 486) (User: )
Description: taskhost (1532) WebCacheLocal: Pokus o přesunutí souboru C:\Users\Asus\AppData\Local\Microsoft\Windows\WebCache\V01tmp.log do složky C:\Users\Asus\AppData\Local\Microsoft\Windows\WebCache\V01.log se nezdařil. Došlo k systémové chybě 2 (0x00000002): Systém nemůže nalézt uvedený soubor. . Operace přesunutí souboru se nezdaří a dojde k chybě -1811 (0xfffff8ed).

Error: (07/30/2018 02:04:54 PM) (Source: ESENT) (EventID: 485) (User: )
Description: taskhost (1532) WebCacheLocal: Pokus o odstranění složky C:\Users\Asus\AppData\Local\Microsoft\Windows\WebCache\V01tmp.log se nezdařil. Došlo k systémové chybě 32 (0x00000020): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace odstranění složky se nezdaří a dojde k chybě -1032 (0xfffffbf8).


System errors:
=============
Error: (09/03/2018 06:27:14 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: Server {E60687F7-01A1-40AA-86AC-DB1CBF673334} se v daném časovém limitu neregistroval u služby DCOM.

Error: (09/03/2018 06:27:01 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Windows Update přestala během spouštění reagovat.

Error: (09/03/2018 06:21:25 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
cdrom

Error: (07/30/2018 02:00:24 PM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: NT AUTHORITY)
Description: Kontrola šifrovaného svazku: Informace o svazku E: nelze přečíst.

Error: (07/30/2018 02:00:07 PM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: NT AUTHORITY)
Description: Kontrola šifrovaného svazku: Informace o svazku F: nelze přečíst.

Error: (07/30/2018 12:44:48 PM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: NT AUTHORITY)
Description: Kontrola šifrovaného svazku: Informace o svazku E: nelze přečíst.

Error: (07/30/2018 12:44:30 PM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: NT AUTHORITY)
Description: Kontrola šifrovaného svazku: Informace o svazku F: nelze přečíst.

Error: (07/30/2018 12:34:17 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
cdrom


Windows Defender:
===================================
Date: 2018-07-09 16:18:42.342
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:1.271.645.0
Předchozí verze podpisu:1.269.1075.0
Zdroj aktualizace:Uživatel
Typ podpisu:Antispywarový program
Typ aktualizace:Delta
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:1.1.15000.2
Předchozí verze modulu:1.1.14901.4
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

Date: 2018-07-09 16:18:42.341
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu:1.1.15000.2
Předchozí verze modulu:1.1.14901.4
Zdroj aktualizace:Uživatel
Uživatel:NT AUTHORITY\SYSTEM
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

==================== Memory info ===========================

Processor: Intel(R) Atom(TM) CPU N450 @ 1.66GHz
Percentage of memory in use: 81%
Total physical RAM: 1014.12 MB
Available physical RAM: 188.27 MB
Total Virtual: 2038.12 MB
Available Virtual: 668.8 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:100 GB) (Free:56.62 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:117.87 GB) (Free:117.7 GB) NTFS


==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: 29133921)
Partition 1: (Active) - (Size=100 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=15 GB) - (Type=1B)
Partition 3: (Not Active) - (Size=117.9 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=20 MB) - (Type=EF)

==================== End of Addition.txt ============================

Re: Pomalý Eee PC- prosím o preventivku

Napsal: 03 zář 2018 20:14
od Conder
Ahoj :)

:arrow: Skontroluj, ci sa neninstaluju aktualizacie (Windows Update), to vie dost vytazit PC, najma na slabsich jednojadrovych procesoroch ako je tento.

:arrow: Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
  • Uloz na plochu a ukonci vsetky programy
  • Spusti AdwCleaner ako spravca
  • Odsuhlas licencne podmienky
  • Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
  • Nechaj zaskrtnute vsetky nalezy
  • Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
  • Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
  • Otvori sa log, jeho obsah sem skopiruj
:arrow: Ak by to bolo stale prilis zasekane, tak spusti AdwCleaner v nudzovom rezime.

Re: Pomalý Eee PC- prosím o preventivku

Napsal: 04 zář 2018 16:50
od Ecinazuz
aktualizace to stahovalo, tak jsem musela vyčkat

nyní log:

# -------------------------------
# Malwarebytes AdwCleaner 7.2.3.0
# -------------------------------
# Build: 09-03-2018
# Database: 2018-09-01.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 09-04-2018
# Duration: 00:00:44
# OS: Windows 7 Home Premium
# Scanned: 41852
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.


AdwCleaner[S00].txt - [1257 octets] - [03/09/2018 21:30:18]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########

Re: Pomalý Eee PC- prosím o preventivku

Napsal: 04 zář 2018 18:15
od Conder
:arrow: Poprosim o obidva nove logy z FRST.

Re: Pomalý Eee PC- prosím o preventivku

Napsal: 04 zář 2018 18:30
od Ecinazuz
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 01.09.2018 03
Ran by Asus (administrator) on ASUS-PC (04-09-2018 19:25:31)
Running from C:\Users\Asus\Desktop
Loaded Profiles: Asus (Available Profiles: Asus)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
() C:\Windows\System32\AsusService.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(ASUSTeK Computer Inc.) C:\Program Files\EeePC\HotkeyService\HotkeyService.exe
(ASUSTeK Computer Inc.) C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(ESET) C:\Program Files\ESET\ESET Security\egui.exe
(Mozilla Corporation) C:\Users\Asus\AppData\Local\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Users\Asus\AppData\Local\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Users\Asus\AppData\Local\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Users\Asus\AppData\Local\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Users\Asus\AppData\Local\Mozilla Firefox\firefox.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10082920 2011-05-23] (Realtek Semiconductor)
HKLM\...\Run: [HotkeyMon] => C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe [95744 2010-09-02] (ASUSTeK Computer Inc.)
HKLM\...\Run: [HotkeyService] => C:\Program Files\EeePC\HotkeyService\HotkeyService.exe [1245104 2010-09-03] (ASUSTeK Computer Inc.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [170128 2018-07-30] (ESET)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1721640 2010-03-05] (Synaptics Incorporated)
HKLM\...\Run: [SynAsusAcpi] => C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe [83240 2010-03-05] (Synaptics Incorporated)
HKU\S-1-5-21-1522404313-77886156-3663448840-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [13797712 2018-08-24] (Piriform Ltd)
HKU\S-1-5-21-1522404313-77886156-3663448840-1002\...\MountPoints2: E - E:\.\StartModem.exe
HKU\S-1-5-21-1522404313-77886156-3663448840-1002\...\MountPoints2: {03da9092-89c8-11e8-b453-74f06dab18dc} - E:\.\StartModem.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 62.24.64.2 8.8.8.8 8.8.8.8 192.168.1.1
Tcpip\..\Interfaces\{A0E9C34B-83FA-4A08-BB4D-C54C4E681D54}: [DhcpNameServer] 62.24.64.2 8.8.8.8 8.8.8.8 192.168.1.1
Tcpip\..\Interfaces\{B9F23C04-6940-4BD8-88C2-2F9EEE5B100B}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{F4787E52-5BBA-4CAC-8060-12823D4F0C08}: [NameServer] 78.136.128.4 78.136.128.12

Internet Explorer:
==================
HKU\S-1-5-21-1522404313-77886156-3663448840-1002\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/en-xl/?ocid=iehp
SearchScopes: HKLM -> DefaultScope {7F967E5C-7921-4DDA-B959-65076252BDE5} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {7F967E5C-7921-4DDA-B959-65076252BDE5} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1522404313-77886156-3663448840-1002 -> DefaultScope {7F967E5C-7921-4DDA-B959-65076252BDE5} URL =
SearchScopes: HKU\S-1-5-21-1522404313-77886156-3663448840-1002 -> {7F967E5C-7921-4DDA-B959-65076252BDE5} URL =

FireFox:
========
FF DefaultProfile: p46g1gr0.default-1530438134847
FF ProfilePath: C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\p46g1gr0.default-1530438134847 [2018-09-04]
FF Homepage: Mozilla\Firefox\Profiles\p46g1gr0.default-1530438134847 -> www.seznam.cz
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2002-01-01] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2002-01-01] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-03-17] (Adobe Systems Inc.)
StartMenuInternet: Firefox-AE082D9087109D4D - C:\Users\Asus\AppData\Local\Mozilla Firefox\firefox.exe

Chrome:
=======
CHR Profile: C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default [2018-09-03]
CHR Extension: (Dokumenty) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-06-22]
CHR Extension: (Disk Google) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-06-22]
CHR Extension: (YouTube) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-06-22]
CHR Extension: (Dokumenty Google offline) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-03]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-06-22]
CHR Extension: (Gmail) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-06-22]
CHR Extension: (Chrome Media Router) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-06-22]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AsusService; C:\Windows\System32\AsusService.exe [219136 2009-08-18] () [File not signed]
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [1817952 2018-07-30] (ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [1817952 2018-07-30] (ESET)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 bmfilter; C:\Windows\System32\DRIVERS\qcusbfilter.sys [28160 2017-02-21] (QUALCOMM Incorporated)
S3 bmusbser; C:\Windows\System32\DRIVERS\qcusbser.sys [205312 2017-02-21] (QUALCOMM Incorporated)
S3 bmusbwwan; C:\Windows\System32\DRIVERS\qcusbwwan.sys [413184 2017-02-21] (QUALCOMM Incorporated)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [124376 2018-07-30] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [92600 2018-07-30] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [150792 2018-07-30] (ESET)
R2 ekbdflt; C:\Windows\System32\DRIVERS\ekbdflt.sys [43816 2018-07-30] (ESET)
R1 epfw; C:\Windows\System32\DRIVERS\epfw.sys [73424 2018-07-30] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [54240 2018-07-30] (ESET)
R1 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [95224 2018-07-30] (ESET)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [13880 2009-07-20] ( )
R3 rtsuvc; C:\Windows\System32\DRIVERS\rtsuvc.sys [73088 2010-02-05] (Realtek Semiconductor Corp.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-09-03 21:29 - 2018-09-03 21:30 - 000000000 ____D C:\AdwCleaner
2018-09-03 21:27 - 2018-09-03 21:27 - 007566544 _____ (Malwarebytes) C:\Users\Asus\Desktop\adwcleaner_7.2.3.exe
2018-09-03 19:38 - 2018-08-02 04:45 - 004054192 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2018-09-03 19:38 - 2018-08-02 04:45 - 003959984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-09-03 19:38 - 2018-08-02 04:45 - 000189616 _____ (Microsoft Corporation) C:\Windows\system32\halmacpi.dll
2018-09-03 19:38 - 2018-08-02 04:45 - 000189616 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2018-09-03 19:38 - 2018-08-02 04:45 - 000136368 _____ (Microsoft Corporation) C:\Windows\system32\halacpi.dll
2018-09-03 19:38 - 2018-08-02 04:44 - 000067248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-09-03 19:38 - 2018-08-02 04:43 - 001310464 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-09-03 19:38 - 2018-08-02 04:41 - 001063424 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-09-03 19:38 - 2018-08-02 04:41 - 000655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-09-03 19:38 - 2018-08-02 04:41 - 000554496 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2018-09-03 19:38 - 2018-08-02 04:41 - 000400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2018-09-03 19:38 - 2018-08-02 04:41 - 000261120 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2018-09-03 19:38 - 2018-08-02 04:41 - 000254464 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-09-03 19:38 - 2018-08-02 04:41 - 000172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2018-09-03 19:38 - 2018-08-02 04:41 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2018-09-03 19:38 - 2018-08-02 04:41 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-09-03 19:38 - 2018-08-02 04:41 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2018-09-03 19:38 - 2018-08-02 04:41 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2018-09-03 19:38 - 2018-08-02 04:41 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2018-09-03 19:38 - 2018-08-02 04:40 - 000644096 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2018-09-03 19:38 - 2018-08-02 04:40 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2018-09-03 19:38 - 2018-08-02 04:40 - 000038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2018-09-03 19:38 - 2018-08-02 04:40 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2018-09-03 19:38 - 2018-08-02 04:16 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-09-03 19:38 - 2018-08-02 04:16 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2018-09-03 19:38 - 2018-08-02 04:14 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2018-09-03 19:38 - 2018-08-02 04:13 - 000262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2018-09-03 19:38 - 2018-08-02 04:11 - 000226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2018-09-03 19:38 - 2018-08-02 04:11 - 000124928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2018-09-03 19:38 - 2018-08-02 04:11 - 000098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2018-09-03 19:38 - 2018-08-02 04:10 - 000069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2018-09-03 19:38 - 2018-08-02 04:10 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2018-09-03 19:38 - 2018-08-02 04:10 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2018-09-03 19:38 - 2018-07-19 06:22 - 020286464 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-09-03 19:38 - 2018-07-19 05:28 - 013679616 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-09-03 19:38 - 2018-07-13 21:07 - 001309888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2018-09-03 19:38 - 2018-07-13 21:06 - 000240832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2018-09-03 19:38 - 2018-07-13 21:06 - 000187584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2018-09-03 19:38 - 2018-07-07 17:19 - 002404352 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2018-09-03 19:38 - 2018-06-29 17:40 - 000023040 _____ (Microsoft Corporation) C:\Windows\system32\cscdll.dll
2018-09-03 19:38 - 2018-06-29 17:09 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\cscapi.dll
2018-09-03 19:37 - 2018-08-03 17:39 - 000084992 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2018-09-03 19:37 - 2018-08-02 04:44 - 000137904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-09-03 19:37 - 2018-08-02 04:41 - 000223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-09-03 19:37 - 2018-08-02 04:41 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2018-09-03 19:37 - 2018-08-02 04:41 - 000141312 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2018-09-03 19:37 - 2018-08-02 04:41 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2018-09-03 19:37 - 2018-08-02 04:40 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2018-09-03 19:37 - 2018-08-02 04:40 - 000082432 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2018-09-03 19:37 - 2018-08-02 04:40 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2018-09-03 19:37 - 2018-08-02 04:16 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2018-09-03 19:37 - 2018-08-02 04:16 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2018-09-03 19:37 - 2018-08-02 04:16 - 000016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2018-09-03 19:37 - 2018-08-02 04:10 - 000055296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2018-09-03 19:37 - 2018-08-02 04:10 - 000053760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2018-09-03 19:37 - 2018-08-02 04:10 - 000053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\viac7.sys
2018-09-03 19:37 - 2018-08-02 04:10 - 000052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2018-09-03 19:37 - 2018-08-02 04:10 - 000052224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2018-09-03 19:37 - 2018-08-02 04:10 - 000036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2018-09-03 19:37 - 2018-07-20 00:58 - 000350272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-09-03 19:37 - 2018-07-19 06:16 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2018-09-03 19:37 - 2018-07-19 06:16 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2018-09-03 19:37 - 2018-07-19 06:05 - 000497664 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-09-03 19:37 - 2018-07-19 06:04 - 000341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2018-09-03 19:37 - 2018-07-19 06:04 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2018-09-03 19:37 - 2018-07-19 06:04 - 000047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2018-09-03 19:37 - 2018-07-19 06:03 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2018-09-03 19:37 - 2018-07-19 06:01 - 002295808 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-09-03 19:37 - 2018-07-19 05:58 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2018-09-03 19:37 - 2018-07-19 05:57 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2018-09-03 19:37 - 2018-07-19 05:56 - 000476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2018-09-03 19:37 - 2018-07-19 05:55 - 000662016 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-09-03 19:37 - 2018-07-19 05:55 - 000115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2018-09-03 19:37 - 2018-07-19 05:55 - 000104960 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2018-09-03 19:37 - 2018-07-19 05:54 - 000620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-09-03 19:37 - 2018-07-19 05:49 - 000668160 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2018-09-03 19:37 - 2018-07-19 05:46 - 000416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2018-09-03 19:37 - 2018-07-19 05:42 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-09-03 19:37 - 2018-07-19 05:41 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2018-09-03 19:37 - 2018-07-19 05:41 - 000073216 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2018-09-03 19:37 - 2018-07-19 05:39 - 000168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2018-09-03 19:37 - 2018-07-19 05:38 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2018-09-03 19:37 - 2018-07-19 05:37 - 000279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2018-09-03 19:37 - 2018-07-19 05:35 - 000130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2018-09-03 19:37 - 2018-07-19 05:32 - 004494848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-09-03 19:37 - 2018-07-19 05:30 - 000230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-09-03 19:37 - 2018-07-19 05:28 - 002059776 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-09-03 19:37 - 2018-07-19 05:28 - 000696320 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-09-03 19:37 - 2018-07-19 05:28 - 000692224 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-09-03 19:37 - 2018-07-19 05:27 - 001155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2018-09-03 19:37 - 2018-07-19 05:09 - 004037632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-09-03 19:37 - 2018-07-19 05:06 - 001329152 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-09-03 19:37 - 2018-07-19 05:04 - 000710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-09-03 19:37 - 2018-07-08 17:47 - 000309440 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2018-09-03 19:37 - 2018-07-08 17:42 - 000111616 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2018-09-03 19:37 - 2018-07-08 17:41 - 000071680 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2018-09-03 19:37 - 2018-07-08 17:41 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2018-09-03 19:37 - 2018-07-08 17:41 - 000010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2018-09-03 19:37 - 2018-07-08 17:13 - 000034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2018-09-03 19:37 - 2018-07-06 17:54 - 000713408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2018-09-03 19:37 - 2018-07-06 17:48 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2018-09-03 19:37 - 2018-07-06 17:48 - 000004608 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll
2018-09-03 19:37 - 2018-06-27 17:50 - 000105152 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2018-09-03 19:37 - 2018-06-27 17:43 - 000363520 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2018-09-03 19:37 - 2018-06-27 17:42 - 002366464 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2018-09-03 19:37 - 2018-06-27 17:42 - 000337408 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2018-09-03 19:37 - 2018-06-27 17:42 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2018-09-03 19:37 - 2018-06-27 17:41 - 001806848 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2018-09-03 19:37 - 2018-06-27 17:41 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2018-09-03 19:37 - 2018-06-27 17:16 - 000073216 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2018-09-03 19:37 - 2018-06-21 05:09 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2018-09-03 19:23 - 2018-09-03 19:26 - 000015813 _____ C:\Users\Asus\Desktop\Addition.txt
2018-09-03 19:03 - 2018-09-04 19:27 - 000009022 _____ C:\Users\Asus\Desktop\FRST.txt
2018-09-03 19:02 - 2018-09-04 19:25 - 000000000 ____D C:\FRST
2018-09-03 18:57 - 2018-09-03 18:58 - 001773568 _____ (Farbar) C:\Users\Asus\Desktop\FRST.exe
2018-09-03 18:28 - 2018-09-03 18:28 - 016798624 _____ (Piriform Ltd) C:\Users\Asus\Downloads\ccsetup546.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-09-04 18:05 - 2002-01-01 00:13 - 000002170 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-09-04 18:05 - 2002-01-01 00:13 - 000002129 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-09-04 17:32 - 2014-06-05 22:56 - 001583226 _____ C:\Windows\system32\PerfStringBackup.INI
2018-09-04 17:32 - 2009-07-14 10:44 - 000668792 _____ C:\Windows\system32\perfh005.dat
2018-09-04 17:32 - 2009-07-14 10:44 - 000141420 _____ C:\Windows\system32\perfc005.dat
2018-09-04 17:32 - 2009-07-14 04:37 - 000000000 ____D C:\Windows\inf
2018-09-04 17:31 - 2009-07-14 06:34 - 000023056 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-09-04 17:31 - 2009-07-14 06:34 - 000023056 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-09-04 17:27 - 2018-06-28 19:02 - 000000000 ____D C:\Users\Asus\AppData\LocalLow\Mozilla
2018-09-04 17:24 - 2009-07-14 06:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-09-03 22:25 - 2009-07-14 06:33 - 000337480 _____ C:\Windows\system32\FNTCACHE.DAT
2018-09-03 22:14 - 2014-06-05 23:39 - 000000000 ____D C:\Windows\system32\MRT
2018-09-03 21:55 - 2014-06-05 23:39 - 134276632 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-09-03 19:48 - 2018-06-28 22:28 - 000000000 ____D C:\Windows\system32\appraiser
2018-09-03 18:53 - 2018-06-28 19:01 - 000000000 ____D C:\Users\Asus\AppData\Local\Mozilla Firefox
2018-09-03 18:36 - 2018-06-30 11:46 - 000000965 _____ C:\Users\Public\Desktop\CCleaner.lnk

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-07-17 19:53

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 01.09.2018 03
Ran by Asus (04-09-2018 19:28:54)
Running from C:\Users\Asus\Desktop
Microsoft Windows 7 Home Premium Service Pack 1 (X86) (2018-06-22 07:18:29)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1522404313-77886156-3663448840-500 - Administrator - Disabled)
Asus (S-1-5-21-1522404313-77886156-3663448840-1002 - Administrator - Enabled) => C:\Users\Asus
Guest (S-1-5-21-1522404313-77886156-3663448840-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 16.04 (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Adobe Acrobat Reader DC - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
D-Link Connection Manager v2.0.5EU (HKLM\...\Broad Mobi HSPA Modem Normal Version_is1) (Version: - )
ESET Security (HKLM\...\{E567E054-DD31-4608-ACB3-A89658672639}) (Version: 11.1.54.0 - ESET, spol. s r.o.)
Google Chrome (HKLM\...\Google Chrome) (Version: 68.0.3440.106 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Hotkey Service (HKLM\...\{71C0E38E-09F2-4386-9977-404D4F6640CD}) (Version: 1.32 - AsusTek Computer Inc.)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.14.10.2117 - Intel Corporation)
LibreOffice 5.2.5.1 (HKLM\...\{79CD8EA1-DEB1-4582-9E41-8634223BDCD4}) (Version: 5.2.5.1 - The Document Foundation)
Microsoft .NET Framework 4.7.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.02558 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Mozilla Firefox 61.0.2 (x86 cs) (HKU\S-1-5-21-1522404313-77886156-3663448840-1002\...\Mozilla Firefox 61.0.2 (x86 cs)) (Version: 61.0.2 - Mozilla)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6373 - Realtek Semiconductor Corp.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.11.0 - Synaptics Incorporated)
USB2.0 UVC VGA WebCam (HKLM\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.1.7600.0029 - Realtek Semiconductor Corp.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-07-30] (ESET)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-07-30] (ESET)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2010-04-19] (Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-07-30] (ESET)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {12336F00-1AD1-4901-ADC6-A3E1EF396952} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-08-24] (Piriform Ltd)
Task: {33E88BB2-AFF8-4C4C-A539-E4B26DD8DC52} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-03-21] (Adobe Systems Incorporated)
Task: {45C5E387-B5FA-4721-A01A-2B0A951C6EEF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2002-01-01] (Google Inc.)
Task: {D3D4A2D4-5220-4763-A64E-096B5CFD04BE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-08-24] (Piriform Ltd)
Task: {E4AE0FBF-928C-41A4-94D7-CBABC08D3A58} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2002-01-01] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2018-06-25 10:05 - 2009-08-18 17:35 - 000219136 _____ () C:\Windows\System32\AsusService.exe
2018-08-24 20:37 - 2018-08-24 20:37 - 000085320 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:04 - 2009-06-10 23:39 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1522404313-77886156-3663448840-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 62.24.64.2 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{AB6A06D9-5EDD-4756-885B-71FF9280F08A}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{685288D7-A368-468D-A8C0-F94725B27329}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{76381F5C-A442-430D-BF39-621651E0650C}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{5B7F7994-3376-410E-B86E-B044D43C96F4}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

16-07-2018 08:17:36 Windows Update
17-07-2018 15:51:58 Windows Update
27-07-2018 11:13:27 Windows Update
30-07-2018 13:24:19 Windows Update
03-09-2018 18:29:27 Windows Update
03-09-2018 21:33:37 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/03/2018 07:10:12 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program FRST.exe verze 1.9.2018.3 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 1358

Čas spuštění: 01d443a7d241f327

Čas ukončení: 249

Cesta k aplikaci: C:\Users\Asus\Desktop\FRST.exe

ID hlášení: 04f81b5b-af9c-11e8-8551-74f06dab18dc

Error: (07/30/2018 02:05:37 PM) (Source: ESENT) (EventID: 490) (User: )
Description: taskhost (1532) WebCacheLocal: Pokus o otevření souboru C:\Users\Asus\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat pro čtení nebo zápis se nezdařil. Došlo k systémové chybě 32 (0x00000020): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření souboru se nezdaří a dojde k chybě -1032 (0xfffffbf8).

Error: (07/30/2018 02:05:27 PM) (Source: ESENT) (EventID: 490) (User: )
Description: taskhost (1532) WebCacheLocal: Pokus o otevření souboru C:\Users\Asus\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat pro čtení nebo zápis se nezdařil. Došlo k systémové chybě 32 (0x00000020): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření souboru se nezdaří a dojde k chybě -1032 (0xfffffbf8).

Error: (07/30/2018 02:05:10 PM) (Source: ESENT) (EventID: 489) (User: )
Description: taskhost (1532) Pokus o otevření souboru C:\Users\Asus\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat jen pro čtení se nezdařil. Došlo k systémové chybě 32 (0x00000020): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření souboru se nezdaří a dojde k chybě -1032 (0xfffffbf8).

Error: (07/30/2018 02:04:54 PM) (Source: ESENT) (EventID: 454) (User: )
Description: taskhost (1532) WebCacheLocal: Při zotavení či obnovení databáze došlo k neočekávané chybě -1811.

Error: (07/30/2018 02:04:54 PM) (Source: ESENT) (EventID: 413) (User: )
Description: taskhost (1532) WebCacheLocal: Nový soubor protokolu nelze vytvořit, protože není možné zapisovat na jednotku protokolu. Jednotka může být označena jen pro čtení, na disku je nedostatek místa nebo je jednotka chybně nakonfigurována či poškozena. Chyba -1811

Error: (07/30/2018 02:04:54 PM) (Source: ESENT) (EventID: 486) (User: )
Description: taskhost (1532) WebCacheLocal: Pokus o přesunutí souboru C:\Users\Asus\AppData\Local\Microsoft\Windows\WebCache\V01tmp.log do složky C:\Users\Asus\AppData\Local\Microsoft\Windows\WebCache\V01.log se nezdařil. Došlo k systémové chybě 2 (0x00000002): Systém nemůže nalézt uvedený soubor. . Operace přesunutí souboru se nezdaří a dojde k chybě -1811 (0xfffff8ed).

Error: (07/30/2018 02:04:54 PM) (Source: ESENT) (EventID: 485) (User: )
Description: taskhost (1532) WebCacheLocal: Pokus o odstranění složky C:\Users\Asus\AppData\Local\Microsoft\Windows\WebCache\V01tmp.log se nezdařil. Došlo k systémové chybě 32 (0x00000020): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace odstranění složky se nezdaří a dojde k chybě -1032 (0xfffffbf8).


System errors:
=============
Error: (09/04/2018 05:50:35 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80070643): Aktualizace definic pro Windows Defender Antivirus - KB915597 (definice 1.275.720.0).

Error: (09/04/2018 05:25:26 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: Služba WMPNetworkSvc nebyla spuštěna správně, protože u funkce CoCreateInstance (CLSID_UPnPDeviceFinder) došlo k chybě 0x80004005. Zkontrolujte, zda je spuštěná služba UPnPHost a zda je správně nainstalována součást systému Windows UPnPHost.

Error: (09/04/2018 05:24:43 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
cdrom

Error: (09/03/2018 10:31:29 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba Windows Update se po přijetí pokynu pro vypnutí neukončila správně.

Error: (09/03/2018 10:30:41 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: Server {F9717507-6651-4EDB-BFF7-AE615179BCCF} se v daném časovém limitu neregistroval u služby DCOM.

Error: (09/03/2018 10:26:01 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
cdrom

Error: (09/03/2018 07:52:26 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
cdrom

Error: (09/03/2018 07:47:46 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Instalační služba modulů systému Windows byla ukončena s následující chybou:
Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.


Windows Defender:
===================================
Date: 2018-07-09 16:18:42.342
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:1.271.645.0
Předchozí verze podpisu:1.269.1075.0
Zdroj aktualizace:Uživatel
Typ podpisu:Antispywarový program
Typ aktualizace:Delta
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:1.1.15000.2
Předchozí verze modulu:1.1.14901.4
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

Date: 2018-07-09 16:18:42.341
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu:1.1.15000.2
Předchozí verze modulu:1.1.14901.4
Zdroj aktualizace:Uživatel
Uživatel:NT AUTHORITY\SYSTEM
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

==================== Memory info ===========================

Processor: Intel(R) Atom(TM) CPU N450 @ 1.66GHz
Percentage of memory in use: 80%
Total physical RAM: 1014.12 MB
Available physical RAM: 202.61 MB
Total Virtual: 2038.12 MB
Available Virtual: 889.68 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:100 GB) (Free:55.95 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:117.87 GB) (Free:117.72 GB) NTFS


==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: 29133921)
Partition 1: (Active) - (Size=100 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=15 GB) - (Type=1B)
Partition 3: (Not Active) - (Size=117.9 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=20 MB) - (Type=EF)

==================== End of Addition.txt ============================

Re: Pomalý Eee PC- prosím o preventivku

Napsal: 04 zář 2018 19:04
od Conder
:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

    Kód: Vybrat vše

    Start
    CloseProcesses:
    CreateRestorePoint:
    
    PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
    File: C:\Windows\System32\AsusService.exe
    HKU\S-1-5-21-1522404313-77886156-3663448840-1002\...\MountPoints2: E - E:\.\StartModem.exe
    HKU\S-1-5-21-1522404313-77886156-3663448840-1002\...\MountPoints2: {03da9092-89c8-11e8-b453-74f06dab18dc} - E:\.\StartModem.exe
    HKU\S-1-5-21-1522404313-77886156-3663448840-1002\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/en-xl/?ocid=iehp
    SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
    
    Hosts:
    EmptyTemp:
    End
  • Uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
  • Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

Re: Pomalý Eee PC- prosím o preventivku

Napsal: 05 zář 2018 07:20
od Ecinazuz
dobré ráno ;-)

Fix result of Farbar Recovery Scan Tool (x86) Version: 01.09.2018 03
Ran by Asus (05-09-2018 08:11:36) Run:1
Running from C:\Users\Asus\Desktop
Loaded Profiles: Asus (Available Profiles: Asus)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
File: C:\Windows\System32\AsusService.exe
HKU\S-1-5-21-1522404313-77886156-3663448840-1002\...\MountPoints2: E - E:\.\StartModem.exe
HKU\S-1-5-21-1522404313-77886156-3663448840-1002\...\MountPoints2: {03da9092-89c8-11e8-b453-74f06dab18dc} - E:\.\StartModem.exe
HKU\S-1-5-21-1522404313-77886156-3663448840-1002\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/en-xl/?ocid=iehp
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========



Count : 98
Average :
Sum : 31057499
Maximum :
Minimum :
Property : Length


========= End of Powershell: =========


========================= File: C:\Windows\System32\AsusService.exe ========================

C:\Windows\System32\AsusService.exe
File not signed
MD5: C4FB2613D3C75364BB159B9C23A00E7A
Creation and modification date: 2018-06-25 10:05 - 2009-08-18 17:35
Size: 000219136
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: https://www.virustotal.com/file/945ad13 ... 517311745/

====== End of File: ======

"HKU\S-1-5-21-1522404313-77886156-3663448840-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E" => removed successfully.
"HKU\S-1-5-21-1522404313-77886156-3663448840-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{03da9092-89c8-11e8-b453-74f06dab18dc}" => removed successfully.
HKLM\Software\Classes\CLSID\{03da9092-89c8-11e8-b453-74f06dab18dc} => not found
"HKU\S-1-5-21-1522404313-77886156-3663448840-1002\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => removed successfully.
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => removed successfully.
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 5203355 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 25665857 B
Edge => 0 B
Chrome => 35086879 B
Firefox => 74178837 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 16802 B
LocalService => 0 B
NetworkService => 0 B
Uzivatel => 0 B
Asus => 2825090 B

RecycleBin => 2413600 B
EmptyTemp: => 146.7 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 08:14:44 ====

Re: Pomalý Eee PC- prosím o preventivku

Napsal: 05 zář 2018 18:21
od Conder
:arrow: Vyzera to ciste co sa tyka malware.

:arrow: Tie aktualizacie sa uz nainstalovali?

Re: Pomalý Eee PC- prosím o preventivku

Napsal: 09 zář 2018 17:30
od Ecinazuz
omlouvám se za pozdní reakci - aktualizace se stáhly.
je to možná o trochu rychlejší ;-)

Re: Pomalý Eee PC- prosím o preventivku

Napsal: 09 zář 2018 20:19
od Conder
:arrow: Super, ak uz teda nie su ziadne problemy, tak este upraceme po pouzitych nastrojoch:

Re: Pomalý Eee PC- prosím o preventivku

Napsal: 10 zář 2018 19:07
od Ecinazuz
OK - vykonáno jest ;-)

# DelFix v1.013 - Logfile created 10/09/2018 at 20:08:15
# Updated 17/04/2016 by Xplode
# Username : Asus - ASUS-PC
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)

~ Removing disinfection tools ...

Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : C:\Users\Asus\Desktop\Addition.txt
Deleted : C:\Users\Asus\Desktop\adwcleaner_7.2.3.exe
Deleted : C:\Users\Asus\Desktop\Fixlog.txt
Deleted : C:\Users\Asus\Desktop\FRST.exe
Deleted : C:\Users\Asus\Desktop\FRST.txt
Deleted : C:\Users\Asus\Desktop\INFORMACE PO SERVISU.txt

########## - EOF - ##########

Re: Pomalý Eee PC- prosím o preventivku

Napsal: 10 zář 2018 20:55
od Conder
Toto je OK.

Re: Pomalý Eee PC- prosím o preventivku

Napsal: 10 zář 2018 21:29
od Ecinazuz
Děkuji za pomoc a váš čas :103:

Re: Pomalý Eee PC- prosím o preventivku

Napsal: 10 zář 2018 22:25
od Conder
Nie je zaco, rad som pomohol :)