Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Spomalený NTB

Moderátor: Moderátoři

Pravidla fóra
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní: http://forum.viry.cz/viewtopic.php?f=12&t=123975 . Děkujeme za pochopení.
Odpovědět
Zpráva
Autor
ShadowSK
Návštěvník
Návštěvník
Příspěvky: 10
Registrován: 19 srp 2016 13:45

Spomalený NTB

#1 Příspěvek od ShadowSK »

Ahoj, mam ntb HP650 s win10 64bit (upgradovany z win 7)
V poslednom čase mi začína blbnut, ked napriklad kliknem na priecinok a dam vlastvosti tabuľku vyhodi niekedy aj az po 2 min a niekedy okamžite, kontroloval som ho cez eset hlbkovu kontrolu aj malwarebytes a nič nenaslo.
Da sa pomocov dakeho programu zistit ci odchadza doska/iny komponent alebo ci to je SW chyba.

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Spomalený NTB

#2 Příspěvek od Rudy »

Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

ShadowSK
Návštěvník
Návštěvník
Příspěvky: 10
Registrován: 19 srp 2016 13:45

Re: Spomalený NTB

#3 Příspěvek od ShadowSK »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-02-2017
Ran by Peťko (administrator) on NTB1-PC (12-02-2017 22:42:32)
Running from C:\Users\Peťko\Downloads
Loaded Profiles: Peťko (Available Profiles: ntb1 & ntb & Peťko & DefaultAppPool)
Platform: Windows 10 Home Version 1607 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Users\Peťko\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
() C:\Users\Peťko\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\BackgroundTransferHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8505088 2015-07-03] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-07-03] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3954352 2016-04-27] (Synaptics Incorporated)
HKLM\...\Run: [Malwarebytes TrayApp] => E:\CISTENIE\ANTI-MALWARE\mbamtray.exe
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-10-02] (Microsoft Corporation)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [979328 2010-08-30] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-316863829-186456399-973697600-1002\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHJE.EXE [283232 2015-01-23] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-316863829-186456399-973697600-1002\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Peťko\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-316863829-186456399-973697600-1002\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Peťko\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-316863829-186456399-973697600-1002\...\Run: [GoogleChromeAutoLaunch_2DDBF0F9CBA9BBF091554C04329A2D20] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [945496 2017-02-01] (Google Inc.)
HKU\S-1-5-21-316863829-186456399-973697600-1002\...\RunOnce: [SeznamInstall-uninstall:be5ea7f76662d290ee3978a6da15e946] => C:\Users\PEKO~1\AppData\Local\Temp\\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe [534528 2017-02-12] () <===== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{4e899c8c-c488-4701-b4a0-b312de1f5a19}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{9f996061-23f6-407e-b74a-3e8daf036d4d}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{da988592-7b0e-40f7-8b1a-b6a083f85761}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-316863829-186456399-973697600-1002 -> {01FA7F32-8468-416A-88D1-63FBBE50734F} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_12454
SearchScopes: HKU\S-1-5-21-316863829-186456399-973697600-1002 -> {033F6469-C623-4298-840D-4FA647C6C2F0} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_12454
SearchScopes: HKU\S-1-5-21-316863829-186456399-973697600-1002 -> {22DEAD83-053E-4C35-93A8-50ECA8B1CB92} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-316863829-186456399-973697600-1002 -> {28881E76-7131-41BB-AC91-D4CC780FB216} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_12454
SearchScopes: HKU\S-1-5-21-316863829-186456399-973697600-1002 -> {4BAF0D95-68E8-4A54-92C9-D4B9EF61D2B5} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-316863829-186456399-973697600-1002 -> {4CE5D32C-95AF-4F03-B979-389271BA8841} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-316863829-186456399-973697600-1002 -> {60F6AF20-E309-4D27-A61F-8B379ADF96E4} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-316863829-186456399-973697600-1002 -> {82272DE5-3AF0-48FF-B7B1-4D53D90A0865} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-316863829-186456399-973697600-1002 -> {8D5F6A8F-9308-421C-AC0D-4C5C075F9930} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_12454
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2009-08-24] (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-10-13] (Google Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-01-22] (Oracle Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-10-13] (Google Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-01-22] (Oracle Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2009-08-24] (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-10-13] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-10-13] (Google Inc.)
DPF: HKLM-x32 {63A6B577-3FE7-4BD8-B3F3-8531551F494F} hxxps://portal.allianzsp.sk/crtng/scripts/crtcontrol.cab
DPF: HKLM-x32 {70022607-8F7B-4968-90B1-37E1EC9D9F11} hxxps://cns.allianzsp.sk/cvpn/jHDviTGdX5U5gPtrIe3PcIlf7pUxplf5yX9m6bJ9ubk/portal/web/navigw.nsf/shpages/navigator_swt.htm/$FILE/amccontrol.cab
DPF: HKLM-x32 {983A9C21-8207-4B58-BBB8-0EBC3D7C5505} hxxp://wamail.allianzsp.sk/dwa8W.cab

FireFox:
========
FF DefaultProfile: 1jex59zy.default
FF ProfilePath: C:\Users\Peťko\AppData\Roaming\Mozilla\Firefox\Profiles\1jex59zy.default [2017-01-12]
FF Extension: (Seznam lištička) - C:\Users\Peťko\AppData\Roaming\Mozilla\Firefox\Profiles\1jex59zy.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2017-02-12]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_23_0_0_185.dll [2016-10-12] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_23_0_0_185.dll [2016-10-12] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-01-22] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-01-22] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @verimatrix.com/ViewRightWeb -> C:\Program Files (x86)\Verimatrix\ViewRight Web\\npViewRight.dll [2012-12-19] (Verimatrix, Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Profile 2
CHR HomePage: Profile 2 -> hxxp://www.slovenskyraj.sk/ck/denn.html
CHR StartupUrls: Profile 2 -> "hxxps://www.reddit.com/","hxxp://www.google.com/"
CHR Profile: C:\Users\Peťko\AppData\Local\Google\Chrome\User Data\Default [2016-02-28]
CHR Extension: (Disk Google) - C:\Users\Peťko\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-24]
CHR Extension: (YouTube) - C:\Users\Peťko\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-24]
CHR Extension: (Televízie) - C:\Users\Peťko\AppData\Local\Google\Chrome\User Data\Default\Extensions\bppbpeijolfcampacpljolaegibfhjph [2015-01-21]
CHR Extension: (Adblock Plus) - C:\Users\Peťko\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-02-28]
CHR Extension: (Google Search) - C:\Users\Peťko\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]
CHR Extension: (Mini Radio Player) - C:\Users\Peťko\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffeaebedjghkdbccfenjbiilalegknlj [2015-03-21]
CHR Extension: (Svet TV) - C:\Users\Peťko\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdejljjjgegbbgoopclmcaabkjlbcmdm [2015-03-21]
CHR Extension: (Európa TV Live) - C:\Users\Peťko\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghiieloefjllhahjnhiemllkdkkobjdm [2016-02-28]
CHR Extension: (AdBlock) - C:\Users\Peťko\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-02-28]
CHR Extension: (DarkOrbit) - C:\Users\Peťko\AppData\Local\Google\Chrome\User Data\Default\Extensions\igfellpkdddmaldkbohekiikcmadbdnj [2015-09-08]
CHR Extension: (Speedtest.net) - C:\Users\Peťko\AppData\Local\Google\Chrome\User Data\Default\Extensions\kabkiphacephdnjaeciclbmkkmacoebe [2015-09-14]
CHR Extension: (Movie, Cartoon TV Live) - C:\Users\Peťko\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmechngcinkohbhghidihkkeianaeph [2015-01-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Peťko\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-25]
CHR Extension: (Inštalatér z džungle) - C:\Users\Peťko\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojpobnopmcjkgbgakigfoemfgfcdiefi [2015-01-21]
CHR Extension: (World of Warcraft Cataclysm Theme) - C:\Users\Peťko\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfgblfjiipppmcbapnpmcfkhhgpbgbfc [2015-12-17]
CHR Extension: (Gmail) - C:\Users\Peťko\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-02]
CHR Profile: C:\Users\Peťko\AppData\Local\Google\Chrome\User Data\Profile 1 [2016-02-28]
CHR Extension: (Prezentácie Google) - C:\Users\Peťko\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-21]
CHR Extension: (Dokumenty Google) - C:\Users\Peťko\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-21]
CHR Extension: (Disk Google) - C:\Users\Peťko\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-21]
CHR Extension: (YouTube) - C:\Users\Peťko\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-21]
CHR Extension: (Google Search) - C:\Users\Peťko\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-21]
CHR Extension: (Tabuľky Google) - C:\Users\Peťko\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-21]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Peťko\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-22]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Peťko\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-21]
CHR Extension: (Gmail) - C:\Users\Peťko\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-21]
CHR Profile: C:\Users\Peťko\AppData\Local\Google\Chrome\User Data\Profile 2 [2017-02-12]
CHR Extension: (Disk Google) - C:\Users\Peťko\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-14]
CHR Extension: (YouTube) - C:\Users\Peťko\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-14]
CHR Extension: (Televízie) - C:\Users\Peťko\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\bppbpeijolfcampacpljolaegibfhjph [2016-02-28]
CHR Extension: (Adblock Plus) - C:\Users\Peťko\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-12-13]
CHR Extension: (Steam Inventory Helper) - C:\Users\Peťko\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl [2017-02-12]
CHR Extension: (Google Search) - C:\Users\Peťko\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-03-14]
CHR Extension: (Dark YouTube Theme) - C:\Users\Peťko\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\djhcepodfooinnfhfccmoeabagbjchhg [2016-12-13]
CHR Extension: (Adobe Acrobat) - C:\Users\Peťko\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-02-12]
CHR Extension: (Mini Radio Player) - C:\Users\Peťko\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ffeaebedjghkdbccfenjbiilalegknlj [2016-12-13]
CHR Extension: (Svet TV) - C:\Users\Peťko\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gdejljjjgegbbgoopclmcaabkjlbcmdm [2016-03-24]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Peťko\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-24]
CHR Extension: (Európa TV Live) - C:\Users\Peťko\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghiieloefjllhahjnhiemllkdkkobjdm [2016-02-28]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Peťko\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2017-01-28]
CHR Extension: (AirDroid) - C:\Users\Peťko\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\hkgndiocipalkpejnpafdbdlfdjihomd [2016-12-13]
CHR Extension: (DarkOrbit) - C:\Users\Peťko\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\igfellpkdddmaldkbohekiikcmadbdnj [2016-02-28]
CHR Extension: (Black red shards) - C:\Users\Peťko\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\jpjlkkaalgfbbegfnjoclhfidancjpch [2016-08-19]
CHR Extension: (Speedtest.net) - C:\Users\Peťko\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\kabkiphacephdnjaeciclbmkkmacoebe [2016-02-28]
CHR Extension: (Movie, Cartoon TV Live) - C:\Users\Peťko\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\kbmechngcinkohbhghidihkkeianaeph [2017-01-28]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Peťko\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-28]
CHR Extension: (Click&Clean App) - C:\Users\Peťko\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pdabfienifkbhoihedcgeogidfmibmhp [2017-01-12]
CHR Extension: (Gmail) - C:\Users\Peťko\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-03-14]
CHR Extension: (Chrome Media Router) - C:\Users\Peťko\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-12]
CHR Profile: C:\Users\Peťko\AppData\Local\Google\Chrome\User Data\System Profile [2015-12-22]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
S3 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\56.0.2924.51\remoting_host.exe [72024 2017-01-03] (Spoločnosť Google Inc.)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2815520 2016-11-14] (ESET)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [303360 2015-07-03] (Realtek Semiconductor)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [253960 2016-04-27] (Synaptics Incorporated)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
S2 MBAMService; "E:\cistenie\Anti-Malware\mbamservice.exe" [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [232072 2016-11-14] (ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [212096 2016-11-14] (ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15488 2016-08-08] (ESET)
R1 ehdrv; C:\WINDOWS\System32\DRIVERS\ehdrv.sys [177792 2016-11-14] (ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [48768 2016-11-14] (ESET)
R1 epfw; C:\WINDOWS\System32\DRIVERS\epfw.sys [76416 2016-11-14] (ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [91784 2016-11-14] (ESET)
S3 InputFilter_Hid_FlexDef2b; C:\WINDOWS\System32\drivers\InputFilter_FlexDef2b.sys [17920 2010-06-19] (Siliten)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 netr28x; C:\WINDOWS\system32\DRIVERS\netr28x.sys [2554528 2015-06-12] (MediaTek Inc.)
R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [310528 2015-06-05] (Realtek Semiconductor Corp.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek )
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [52904 2016-04-27] (Synaptics Incorporated)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
U3 idsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-02-12 22:42 - 2017-02-12 22:43 - 00022924 _____ C:\Users\Peťko\Downloads\FRST.txt
2017-02-12 22:41 - 2017-02-12 22:42 - 00000000 ____D C:\FRST
2017-02-12 22:40 - 2017-02-12 22:41 - 02421248 _____ (Farbar) C:\Users\Peťko\Downloads\FRST64.exe
2017-02-12 22:29 - 2017-02-12 22:29 - 00001487 _____ C:\Users\Peťko\Desktop\Defraggler64 – odkaz.lnk
2017-02-12 22:29 - 2017-02-12 22:29 - 00000000 ____D C:\Users\Peťko\AppData\Roaming\Battle.net
2017-02-12 22:22 - 2017-02-12 22:22 - 18309328 _____ (Microsoft Corporation) C:\Users\Peťko\Downloads\MediaCreationTool.exe
2017-02-12 22:22 - 2017-02-12 22:22 - 00000000 ___HD C:\$Windows.~WS
2017-02-12 22:22 - 2017-02-12 22:22 - 00000000 ____D C:\$WINDOWS.~BT
2017-02-12 22:16 - 2017-02-12 22:16 - 00068982 _____ C:\Users\Peťko\Documents\cc_20170212_221638.reg
2017-02-12 22:09 - 2017-02-12 22:09 - 55566792 _____ (Malwarebytes ) C:\Users\Peťko\Downloads\mb3-setup-consumer-3.0.6.1469.exe
2017-02-12 22:08 - 2017-02-12 22:09 - 00000000 ____D C:\Program Files\Defraggler
2017-02-12 22:08 - 2017-02-12 22:08 - 00002854 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2017-02-12 22:08 - 2017-02-12 22:08 - 00000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-02-12 22:08 - 2017-02-12 22:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-02-12 22:08 - 2017-02-12 22:08 - 00000000 ____D C:\Program Files\CCleaner
2017-02-12 22:05 - 2017-02-12 22:06 - 04619752 _____ (Piriform Ltd) C:\Users\Peťko\Downloads\dfsetup221.exe
2017-02-12 20:28 - 2017-02-12 21:41 - 00000000 ____D C:\Users\ntb1\Desktop\kuchyna
2017-02-07 20:35 - 2017-02-07 20:52 - 00000000 ____D C:\Users\ntb1\AppData\Roaming\Samsung
2017-02-07 20:35 - 2017-02-07 20:52 - 00000000 ____D C:\Users\ntb1\AppData\Local\Samsung
2017-02-07 20:35 - 2017-02-07 20:35 - 00000000 ____D C:\Users\ntb1\Documents\samsung
2017-02-07 17:26 - 2017-02-07 17:35 - 00000000 ____D C:\WINDOWS\LastGood
2017-02-07 17:24 - 2017-02-07 17:24 - 00000000 ____D C:\Users\Public\Documents\NativeFus_Log
2017-02-07 17:24 - 2017-02-07 17:24 - 00000000 ____D C:\Users\ntb\Documents\samsung
2017-02-07 17:24 - 2017-02-07 17:24 - 00000000 ____D C:\Users\ntb\AppData\Roaming\Samsung
2017-02-07 17:24 - 2017-02-07 17:24 - 00000000 ____D C:\Users\ntb\AppData\Local\Samsung
2017-02-07 17:23 - 2016-07-22 08:21 - 00164992 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\Drivers\SET2B03.tmp
2017-02-07 17:23 - 2016-07-22 08:21 - 00130688 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\Drivers\SET691F.tmp
2017-02-07 17:20 - 2016-05-18 14:49 - 04659712 _____ (Dmitry Streblechenko) C:\WINDOWS\SysWOW64\Redemption.dll
2017-02-07 17:20 - 2016-05-18 14:49 - 00144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\WINDOWS\SysWOW64\secman.dll
2017-02-07 17:19 - 2017-02-07 20:52 - 00000000 ____D C:\ProgramData\Samsung
2017-02-07 17:19 - 2017-02-07 20:52 - 00000000 ____D C:\Program Files (x86)\Samsung
2017-02-07 17:18 - 2017-02-07 17:18 - 00000000 ____D C:\Users\ntb\AppData\Local\Downloaded Installations
2017-01-25 18:26 - 2017-01-25 18:26 - 00132913 _____ C:\Users\ntb1\Downloads\A8E.tmp
2017-01-25 13:06 - 2016-12-21 08:08 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2017-01-25 13:06 - 2016-12-21 05:44 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2017-01-20 22:47 - 2017-01-20 22:47 - 00000000 ____D C:\Users\ntb1\AppData\Roaming\HDDHealth
2017-01-17 15:02 - 2017-01-17 15:03 - 00000000 ____D C:\Users\ntb\Desktop\dom proj
2017-01-15 20:20 - 2017-01-15 20:20 - 01658943 _____ C:\Users\ntb1\Downloads\fwdrdfinaltdia.zip
2017-01-14 21:16 - 2017-01-14 21:16 - 00000020 ___SH C:\Users\DefaultAppPool\ntuser.ini

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-02-12 22:22 - 2016-10-02 21:25 - 00000000 ___DC C:\WINDOWS\Panther
2017-02-12 22:22 - 2016-10-02 21:10 - 00023429 _____ C:\WINDOWS\diagwrn.xml
2017-02-12 22:22 - 2016-10-02 21:10 - 00021557 _____ C:\WINDOWS\diagerr.xml
2017-02-12 22:10 - 2015-12-17 14:30 - 00000000 ____D C:\Users\Peťko\AppData\Roaming\Seznam.cz
2017-02-12 21:59 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-02-12 21:51 - 2015-12-16 16:34 - 00000000 ____D C:\Users\ntb1\AppData\Roaming\Seznam.cz
2017-02-12 21:31 - 2015-01-15 15:06 - 00000000 ____D C:\Users\ntb1\Desktop\Triedené
2017-02-12 19:01 - 2016-10-02 20:27 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-02-11 23:48 - 2016-10-02 20:37 - 00000000 ____D C:\Users\ntb1
2017-02-11 21:01 - 2015-05-30 19:18 - 00000000 ____D C:\Users\ntb1\AppData\Roaming\Skype
2017-02-07 22:26 - 2015-03-26 21:15 - 00000000 ____D C:\Users\ntb1\AppData\Roaming\vlc
2017-02-07 21:27 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-02-07 20:52 - 2015-01-16 16:58 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-02-07 19:01 - 2016-11-24 18:31 - 00000000 ____D C:\Users\ntb\AppData\LocalLow\Mozilla
2017-02-04 21:05 - 2016-12-15 21:31 - 00000000 ____D C:\Users\ntb1\AppData\LocalLow\Mozilla
2017-02-04 20:13 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-02-04 18:45 - 2015-01-19 12:16 - 00002284 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-04 18:45 - 2015-01-19 12:16 - 00002272 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-01-31 09:27 - 2015-01-19 12:15 - 00000000 ____D C:\Program Files (x86)\Google
2017-01-30 19:21 - 2015-01-16 14:06 - 00000000 ____D C:\Users\ntb\Desktop\poistovna
2017-01-29 16:22 - 2016-11-21 18:50 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-01-29 16:22 - 2015-01-30 14:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-01-27 15:11 - 2016-10-02 21:08 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-01-25 19:24 - 2016-07-16 07:04 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2017-01-25 18:26 - 2016-12-13 19:28 - 00000000 ____D C:\Users\ntb1\Desktop\kupelna
2017-01-25 13:32 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-01-23 19:55 - 2016-05-02 19:23 - 00000000 ____D C:\Users\ntb1\Desktop\dom
2017-01-22 16:47 - 2015-12-26 22:02 - 00000000 ____D C:\Users\ntb\Desktop\Staré údaje Firefoxu
2017-01-22 16:17 - 2015-02-10 18:47 - 00000000 ____D C:\ProgramData\Oracle
2017-01-22 16:16 - 2015-02-10 18:48 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2017-01-22 16:16 - 2015-02-10 18:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-01-22 16:16 - 2015-02-10 18:47 - 00000000 ____D C:\Program Files (x86)\Java
2017-01-22 14:58 - 2015-11-09 21:46 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-01-19 19:54 - 2015-01-21 14:24 - 00000000 ____D C:\Program Files\WinRAR
2017-01-16 12:37 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\rescache
2017-01-14 21:16 - 2016-10-02 20:37 - 00000000 ____D C:\Users\DefaultAppPool
2017-01-14 21:13 - 2016-12-10 20:05 - 00003272 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-01-14 21:13 - 2016-04-25 20:05 - 00002397 _____ C:\Users\ntb1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-01-14 21:13 - 2016-04-25 20:05 - 00000000 ___RD C:\Users\ntb1\OneDrive
2017-01-14 21:11 - 2016-04-24 22:09 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-01-14 21:10 - 2015-01-16 18:02 - 00485032 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-01-14 21:09 - 2016-07-16 07:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM

==================== Files in the root of some directories =======

2015-01-19 12:21 - 2015-01-19 12:21 - 6000640 _____ () C:\Program Files (x86)\GUT6CF6.tmp

Files to move or delete:
====================
C:\Users\PEKO~1\AppData\Local\Temp\\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe


Some files in TEMP:
====================
2016-10-29 16:16 - 2016-10-29 16:16 - 0737856 _____ (Oracle Corporation) C:\Users\ntb\AppData\Local\Temp\jre-8u111-windows-au.exe
2017-01-22 16:09 - 2017-01-22 16:09 - 0739904 _____ (Oracle Corporation) C:\Users\ntb\AppData\Local\Temp\jre-8u121-windows-au.exe
2016-11-03 19:06 - 2016-11-03 19:06 - 0534528 _____ () C:\Users\ntb\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe
2017-01-15 14:28 - 2017-01-15 14:28 - 43886552 _____ (Skype Technologies S.A.) C:\Users\ntb1\AppData\Local\Temp\SkypeSetup.exe
2017-02-09 18:33 - 2017-02-09 18:33 - 0534528 _____ () C:\Users\ntb1\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe
2017-02-12 22:10 - 2017-02-12 22:09 - 0534528 _____ () C:\Users\Peťko\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-02-04 16:48

==================== End of FRST.txt ============================
Přílohy
Addition.zip
(9.96 KiB) Staženo 130 x

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Spomalený NTB

#4 Příspěvek od Rudy »

Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Odpovědět